Sniffing as easy as possible with Ettercap Tool

Sniffing includes catching, translating, inspecting, and interpreting the data inside a network packet on a TCP/IP arrangement. In this Kali Linux Tutorial, we show you how to use Ettercap.

Ettercap is a comprehensive suite for man-in-the-middle attacks. It features sniffing of live connections, content filtering on the fly, and many other interesting tricks.

It supports active and passive dissection of many protocols and includes many features for network and host analysis.

- Advertisement -

Step 1: To Run the GUI version of Ettercap.

root@kali:~# ettercap -G

Step2: Select Sniff >> Unified Sniffing >> Network Interface

• eth0        =   Ethernet interface
• Wlan0      =   wireless LAN

Select Interface based on the network adapter that you are using.

Step 3: Now select the host from the Host list. Hosts >> Hostlist or ctrl+H and add to target.

Step 4: Now go to Mitm >> ARP poisoning and select Sniff remote connections.

Step 5: Now we are ready to sniff connections, let’s move to the target machine and enter the login credentials. Here we are using a test page.

Step 6: Now get back to KaliLinux to check out the results.

Here you can find the login credentials provided on the test page.

Protocols Vulnerable to Sniffing

• HTTP: Sends passwords in clear text
• TELNET: Transfer commands in plain text
• SNMP: Sends passwords in clear text
• POP: Sends passwords in clear text
• FTP: Sends passwords in clear text
• NNTP: Sends passwords in clear text
• IMAP: Sends passwords in clear text

Also Read

• SQLMAP-Detecting and Exploiting SQL Injection- A Detailed Explanation.
• MITM attack over HTTPS connection with SSLStrip.
• The Harvester-Advanced Information Gathering Tool for Pen Testers.