Sniffing includes catching, translating, inspecting and interpreting the data inside a network packet on a TCP/IP arrange. In this Kali Linux Tutorial, we show you how to use Ettercap.
Ettercap is a comprehensive suite for man in the middle attacks. It features sniffing of live connections, content filtering on the fly and many other interesting tricks.
It supports active and passive dissection of many protocols and includes many features for network and host analysis.
Step1: To Run GUI version of Ettercap.
[email protected]:~# ettercap -G
Step2: Select Sniff >> Unified Sniffing >> Network Interface
- eth0 = Ethernet interface
- Wlan0 = wireless LAN
Select Interface based upon your network adapter that you are using.
Step3: Now select the host from Host list. Hosts >> Hostlist or ctrl+H and add to target.
Step4: Now go to Mitm >> ARP poisoning and select Sniff remote connections.
Step5: Now we are ready to sniff connections, let’s move to the target machine and enter the login credentials. Here we are using a test page.
Step6: Now get back to KaliLinux to check out the results.
Here you can find the login credentials provided in the test page.
Protocols Vulnerable for Sniffing
- HTTP: Sends passwords in clear text
- TELNET: Transfer commands in plain text
- SNMP: Sends passwords in clear text
- POP: Sends passwords in clear text
- FTP: Sends passwords in clear text
- NNTP: Sends passwords in clear text
- IMAP: Sends passwords in clear text