OESF | ELSI | pdaXrom | OpenZaurus | Zaurus Themes | Community Links | Ibiblio

IPB

Welcome Guest ( Log In | Register )

 
Reply to this topicStart new topic
> Security Tools On Debian Eabi (long Live The Z), Procedures/Fixes/Recommendations/Requests
born2wonder
post Jul 31 2008, 11:34 AM
Post #1





Group: Members
Posts: 26
Joined: 24-June 07
Member No.: 17,442



Hi every1,

I had a hard time getting ettercap to do any sort of sniffing and firgured i would document what i did so far for myself and as well for others who might find it usueful.
I have only tested this on my home network and i advice against trying it on networks that you don not own as it is highly ILLEGAL and you could bla bla bla ....,.
ettercap at sourceforge
First to install etterrcap (GUI); apt-get install ettercap
Then enable ip forwarding by issuing: echo 1 > /proc/sys/net/ipv4/ip_forward in a terminal
To launch it, in a terminal type ettercap -G (u can also use '-C' for ncurses or '-T' for text mode instead of '-G' which is gtk GUI)
Choose sniff from the top menu and select unified sniffing , then choose the network card u want to use for sniffing
At this point, for some reason, ettercap disables the ip forwarding in our debian ( u can check! ) and therefore before doing anything else issue the following command again :
echo 1 > /proc/sys/net/ipv4/ip_forward
Now , click on hosts on the top menu and choose scan for hosts (or just press Ctrl-S )
After ur host file is loaded (and u check it) , you can proceed to click on Mitm on top menu and choosing arp poisoning. On the arp poisining window , make sure u have 'sniff remote connections' only checked .
Then start sniffing ! Be careful, the zaurus will have to route traffic through its limited components so if there are many users, you can easily crash the network !

Problems:
I have enabled ssl redirection in /etc/etter.conf file but i still cannot sniff ssl-secured sites and the victim computers do not show the fake certificate required for it to work.
I think it had to do with a missing module but i will update as soon as i know more
I also get a "Disscector 'dns' no supported (etter.conf line 70) error , no idea why :-)
I get the can't initialize iptables tabl 'nat' error which i also see on my laptop and thus should not be a problem


Go to the top of the page
 
+Quote Post
born2wonder
post Jul 31 2008, 12:04 PM
Post #2





Group: Members
Posts: 26
Joined: 24-June 07
Member No.: 17,442



Ok next up is metasploit!
Small guide
To install u need to get the required files which are all available through apt-get but cause dependency issues if not installed at the same time.
In a terminal: apt-get install subversion libruby rdoc libyaml-ruby libzlib-ruby libopenssl-ruby libdl-ruby libreadline-ruby libiconv-ruby rubygems1.8 sqlite3-ruby

then type : svn co http://metasploit.com/svn/framework3/trunk

It will download working files in a folder called trunk in ur home folder (assuming u didnt cd anywhere else)
then just: cd trunk and then ./msfconsole
Ur done, enjoy!

Problems: metasploit3 has an autopawn feature which requires a database. Inside msfconsole i issued: load db_sqlite3 which works fine bu then when i try to create a databad using db_create new, it spits out the following error "Plugin failed to load: failed to connect to database".
So far, i can apply the normal 'use' method (discussed in the link) to choose the exploits but i cant get the database automation through nmap going.
I am going to try fiddling with it or even using the faster but more complictated postgresql

UPDATE: To fix the sqlite3 database error, issue: gem install activerecord
This installs other files as well and takes alot of time installing documentation ( overclock to 624HZ if u want, i always do)
Autopwn howto

Anyone who can shed some light on the problems or wants help with problems of their own , dont hesitate to reply wink.gif
Go to the top of the page
 
+Quote Post

Reply to this topicStart new topic
2 User(s) are reading this topic (2 Guests and 0 Anonymous Users)
0 Members:

 



RSS Lo-Fi Version Time is now: 19th September 2014 - 01:50 AM