ajuda ETTERCAP NÃO ESTA FUNCIONANDO

Yuri_12
(usa Kali)

Enviado em 16/09/2016 - 22:02h

ctw6av
(usa Nenhuma)

Enviado em 16/09/2016 - 23:13h

ettercap 

man ettercap 

Yuri_12
(usa Kali)

Enviado em 17/09/2016 - 14:36h

ettercap 

man ettercap 

ctw6av
(usa Nenhuma)

Enviado em 17/09/2016 - 15:38h

ettercap -Tqi [interface] 

Yuri_12
(usa Kali)

Enviado em 18/09/2016 - 12:19h

ettercap -Tqi [interface] 

ctw6av
(usa Nenhuma)

Enviado em 18/09/2016 - 12:52h

[privs]

ec_uid = 0                # nobody is the default

ec_gid = 0                # nobody is the default



[mitm]

arp_storm_delay = 10          # milliseconds

arp_poison_smart = 0          # boolean

arp_poison_warm_up = 1        # seconds

arp_poison_delay = 10         # seconds

arp_poison_icmp = 1           # boolean

arp_poison_reply = 1          # boolean

arp_poison_request = 0        # boolean

arp_poison_equal_mac = 1      # boolean

dhcp_lease_time = 1800        # seconds

port_steal_delay = 10         # seconds

port_steal_send_delay = 2000  # microseconds

ndp_poison_warm_up = 1        # seconds

ndp_poison_delay = 5          # seconds

ndp_poison_send_delay = 1500  # microseconds

ndp_poison_icmp = 1           # boolean

ndp_poison_equal_mac = 1      # boolean

icmp6_probe_delay = 3         # seconds



[connections]

connection_timeout = 300      # seconds

connection_idle = 5           # seconds

connection_buffer = 10000     # bytes

connect_timeout = 5           # seconds



[stats]

sampling_rate = 50            # number of packets 



[misc]

close_on_eof = 1              # boolean value

store_profiles = 1            # 0 = disabled; 1 = all; 2 = local; 3 = remote

aggressive_dissectors = 1     # boolean value

skip_forwarded_pcks = 1       # boolean value

checksum_check = 0            # boolean value

submit_fingerprint = 0        # boolean valid (set if you want ettercap to submit unknown finger prints)

checksum_warning = 0          # boolean value (valid only if checksum_check is 1)

sniffing_at_startup = 1       # boolean value



#dissector                 default port

ftp = 21                   # tcp    21

ssh = 22                   # tcp    22

telnet = 23                # tcp    23

smtp = 25                  # tcp    25

dns = 53                   # udp    53

dhcp = 67                  # udp    68

http = 80                  # tcp    80

ospf = 89                  # ip     89  (IPPROTO 0x59)

pop3 = 110                 # tcp    110

#portmap = 111              # tcp / udp 

vrrp = 112                 # ip     112 (IPPROTO 0x70)

nntp = 119                 # tcp    119

smb = 139,445              # tcp    139 445

imap = 143,220             # tcp    143 220

snmp = 161                 # udp    161

bgp = 179                  # tcp    179

ldap = 389                 # tcp    389

https = 443                # tcp    443

ssmtp = 465                # tcp    465

rlogin = 512,513           # tcp    512 513

rip = 520                  # udp    520

nntps = 563                # tcp    563

ldaps = 636                # tcp    636

telnets = 992              # tcp    992

imaps = 993                # tcp    993

ircs = 994                 # tcp    993

pop3s = 995                # tcp    995

socks = 1080               # tcp    1080

radius = 1645,1646         # udp    1645 1646

msn = 1863                 # tcp    1863

cvs = 2401                 # tcp    2401

mysql = 3306               # tcp    3306

icq = 5190                 # tcp    5190

ymsg = 5050                # tcp    5050

mdns = 5353                # udp    5353

vnc = 5900,5901,5902,5903  # tcp    5900 5901 5902 5903

x11 = 6000,6001,6002,6003  # tcp    6000 6001 6002 6003

irc = 6666,6667,6668,6669  # tcp    6666 6667 6668 6669

gg = 8074	           # tcp    8074

proxy = 8080               # tcp    8080

rcon = 27015,27960         # udp    27015 27960

ppp = 34827                # special case ;) this is the Net Layer code

TN3270 = 23,992            # tcp    23 992



# 

# you can change the colors of the curses GUI.

# here is a list of values:

#  0 Black     4 Blue

#  1 Red       5 Magenta

#  2 Green     6 Cyan

#  3 Yellow    7 White

#

[curses]

color_bg = 0

color_fg = 7 

color_join1 = 2 

color_join2 = 4 

color_border = 7

color_title = 3 

color_focus = 6 

color_menu_bg = 4

color_menu_fg = 6 

color_window_bg = 4 

color_window_fg = 7 

color_selection_bg = 6 

color_selection_fg = 6 

color_error_bg = 1 

color_error_fg = 3 

color_error_border = 3 



#

# This section includes all the configurations that needs a string as a

# parmeter such as the redirect command for SSL mitm attack.

#

[strings]



# the default encoding to be used for the UTF-8 visualization

utf8_encoding = "ISO-8859-1"



# the command used by the remote_browser plugin

remote_browser = "xdg-open http://%host%url"





#####################################

#       redir_command_on/off

#####################################

# you must provide a valid script for your operating system in order to have

# the SSL dissection available

# note that the cleanup script is executed without enough privileges (because

# they are dropped on startup). so you have to either: provide a setuid program

# or set the ec_uid to 0, in order to be sure the cleanup script will be

# executed properly

# NOTE: the script must fit into one line with a maximum of 255 characters



#---------------

#     Linux 

#---------------



# if you use ipchains:

   #redir_command_on = "ipchains -A input -i %iface -p tcp -s 0/0 -d 0/0 %port -j REDIRECT %rport"

   #redir_command_off = "ipchains -D input -i %iface -p tcp -s 0/0 -d 0/0 %port -j REDIRECT %rport"



# if you use iptables:

   redir_command_on = "iptables -t nat -A PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"

   redir_command_off = "iptables -t nat -D PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"



#---------------

#    Mac Os X

#---------------



# quick and dirty way:

   #redir_command_on = "ipfw -q add set %set fwd 127.0.0.1,%rport tcp from any to any %port in via %iface"

   #redir_command_off = "ipfw -q delete set %set"



# a better solution is to use a script that keeps track of the rules interted

# and then deletes them on exit:



 # redir_command_on:

 # ----- cut here -------

 #   #!/bin/sh

 #   if [ -a "/tmp/osx_ipfw_rules" ]; then

 #      ipfw -q add `head -n 1 osx_ipfw_rules` fwd 127.0.0.1,$1 tcp from any to any $2 in via $3 

 #   else

 #      ipfw add fwd 127.0.0.1,$1 tcp from any to any $2 in via $3 | cut -d " " -f 1 >> /tmp/osx_ipfw_rules

 #   fi

 # ----- cut here -------



 # redir_command_off:

 # ----- cut here -------

 #   #!/bin/sh

 #   if [ -a "/tmp/osx_ipfw_rules" ]; then

 #      ipfw -q delete `head -n 1 /tmp/osx_ipfw_rules`

 #      rm -f /tmp/osx_ipfw_rules

 #   fi

 # ----- cut here -------



#---------------

#   FreeBSD

#---------------



# Before OF can be used, make sure the kernel module has been loaded by

# `kldstat | grep pf.ko`. If the rusult is empty, you can load it by

# `kldload pf.ko` or add 'pf_enable="YES"' to the /etc/rc.conf and reboot.



# Check if the PF status is enabled by 

# `pfctl -si | grep Status | awk '{print $2;}'`. If "Disabled", enable it with

# `pfctl -e`.



   #redir_command_on = "(pfctl -sn 2> /dev/null; echo 'rdr pass on %iface inet proto tcp from any to any port %port -> localhost port %rport') | pfctl -f - 2> /dev/null"

   #redir_command_off = "pfctl -Psn 2> /dev/null | grep -v %port | pfctl -f - 2> /dev/null"





#---------------

#   Open BSD

#---------------



# unfortunately the pfctl command does not accepts direct rules adding

# you have to use a script which executed the following command:



 # ----- cut here -------

 #   #!/bin/sh

 #   rdr pass on $1 inet proto tcp from any to any port $2 -> localhost port $3 | pfctl -a sslsniff -f -

 # ----- cut here -------

 

# it's important to remember that you need "rdr-anchor sslsniff" in your

# pf.conf in the TRANSLATION section.



   #redir_command_on = "the_script_described_above %iface %port %rport"

   #redir_command_off = "pfctl -a sslsniff -Fn"



# also, if you create a group called "pfusers" and have EC_GID be that group,

# you can do something like:

#     chgrp pfusers /dev/pf

#     chmod g+rw /dev/pf

# such that all users in "pfusers" can run pfctl commands; thus allowing non-root

# execution of redir commands. 





##########

#  EOF   #

##########