Wednesday, September 18, 2024
HomeSniffing & SpoofingSniffing as easy as possible with Ettercap Tool

Sniffing as easy as possible with Ettercap Tool

Published on

Sniffing includes catching, translating, inspecting, and interpreting the data inside a network packet on a TCP/IP arrangement. In this Kali Linux Tutorial, we show you how to use Ettercap.

Ettercap is a comprehensive suite for man-in-the-middle attacks. It features sniffing of live connections, content filtering on the fly, and many other interesting tricks.

It supports active and passive dissection of many protocols and includes many features for network and host analysis.

- Advertisement - EHA

Step 1: To Run the GUI version of Ettercap.

root@kali:~# ettercap -G

Step2: Select Sniff >> Unified Sniffing >> Network Interface

  • eth0        =   Ethernet interface
  • Wlan0      =   wireless LAN

Select Interface based on the network adapter that you are using.

Sniffing as easy as possible with Ettercap

Step 3: Now select the host from the Host list. Hosts >> Hostlist or ctrl+H and add to target.

Sniffing as easy as possible with Ettercap

Step 4: Now go to Mitm >> ARP poisoning and select Sniff remote connections.

Step 5: Now we are ready to sniff connections, let’s move to the target machine and enter the login credentials. Here we are using a test page.

Sniffing as easy as possible with Ettercap

Step 6: Now get back to KaliLinux to check out the results.

Sniffing as easy as possible with Ettercap

Here you can find the login credentials provided on the test page.

Protocols Vulnerable to Sniffing

  • HTTP: Sends passwords in clear text
  • TELNET: Transfer commands in plain text
  • SNMP: Sends passwords in clear text
  • POP: Sends passwords in clear text
  • FTP: Sends passwords in clear text
  • NNTP: Sends passwords in clear text
  • IMAP: Sends passwords in clear text

Also Read

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

UNC2970 Hackers Attacking Job Seekers Using Weaponized PDF Reader

UNC2970, a North Korean cyber espionage group, used customized SumatraPDF trojans to deliver MISTPEN...

Microsoft Windows Kernel Vulnerability Exploited in the Wild

Microsoft has confirmed the exploitation of a Windows Kernel vulnerability, identified as CVE-2024-37985, in...

Discord Announces End-to-End Encryption for Audio & Video Chats

Discord has introduced end-to-end encryption (E2EE) for audio and video chats.Known as the...

Threat Actor Allegedly Selling Bharat Petroleum Database

A threat actor has allegedly put up for sale a database belonging to Bharat...

Free Webinar

Decoding Compliance | What CISOs Need to Know

Non-compliance can result in substantial financial penalties, with average fines reaching up to $4.5 million for GDPR breaches alone.

Join us for an insightful panel discussion with Chandan Pani, CISO - LTIMindtree and Ashish Tandon, Founder & CEO – Indusface, as we explore the multifaceted role of compliance in securing modern enterprises.

Discussion points

The Role of Compliance
The Alphabet Soup of Compliance
Compliance
SaaS and Compliance
Indusface's Approach to Compliance

More like this

10 Most Common Types of Cyber Attacks in 2023

Cyber attacks are evolving rapidly with advancements in technology, as threat actors exploit new...

Driftnet – Tool used to Capture Images that Your Friend looking at Online

How we can launch a MITM attack with Websploit and the Driftnet - Tool used...

Xerosploit – Pentesting Toolkit to Perform MITM, Spoofing, Sniffing & DOS Attacks

Xerosploit is a penetration testing toolbox whose objective is to perform man-in-the-middle attacks.It...