Categories: Sniffing & Spoofing

Sniffing as easy as possible with Ettercap Tool

Sniffing includes catching, translating, inspecting, and interpreting the data inside a network packet on a TCP/IP arrangement. In this Kali Linux Tutorial, we show you how to use Ettercap.

Ettercap is a comprehensive suite for man-in-the-middle attacks. It features sniffing of live connections, content filtering on the fly, and many other interesting tricks.

It supports active and passive dissection of many protocols and includes many features for network and host analysis.

Step 1: To Run the GUI version of Ettercap.

root@kali:~# ettercap -G

Step2: Select Sniff >> Unified Sniffing >> Network Interface

  • eth0        =   Ethernet interface
  • Wlan0      =   wireless LAN

Select Interface based on the network adapter that you are using.

Step 3: Now select the host from the Host list. Hosts >> Hostlist or ctrl+H and add to target.

Step 4: Now go to Mitm >> ARP poisoning and select Sniff remote connections.

Step 5: Now we are ready to sniff connections, let’s move to the target machine and enter the login credentials. Here we are using a test page.

Step 6: Now get back to KaliLinux to check out the results.

Here you can find the login credentials provided on the test page.

Protocols Vulnerable to Sniffing

  • HTTP: Sends passwords in clear text
  • TELNET: Transfer commands in plain text
  • SNMP: Sends passwords in clear text
  • POP: Sends passwords in clear text
  • FTP: Sends passwords in clear text
  • NNTP: Sends passwords in clear text
  • IMAP: Sends passwords in clear text

Also Read

Gurubaran

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

View Comments

Recent Posts

Lotus Blossom Hacker Group Uses Dropbox, Twitter, and Zimbra for C2 Communications

The Lotus Blossom hacker group, also known as Spring Dragon, Billbug, or Thrip, has been…

7 hours ago

Squidoor: Multi-Vector Malware Exploiting Outlook API, DNS & ICMP Tunneling for C2

A newly identified malware, dubbed "Squidoor," has emerged as a sophisticated threat targeting government, defense,…

8 hours ago

Unpatched Vulnerabilities Attract Cybercriminals as EDR Visibility Remains Limited

Cyber adversaries have evolved into highly organized and professional entities, mirroring the operational efficiency of…

8 hours ago

Threat Actors Attack Job Seekers of Fortune 500 Companies to Steal Personal Details

In Q3 2024, Cofense Intelligence uncovered a targeted spear-phishing campaign aimed at employees working in…

8 hours ago

DragonForce Attacks Critical Infrastructure to Exfiltrate Data and Halt Operations

The DragonForce ransomware group has launched a significant cyberattack on critical infrastructure in Saudi Arabia,…

8 hours ago

New Malware Uses Legitimate Antivirus Driver to Bypass All System Protections

In a concerning development, cybersecurity researchers at Trellix have uncovered a sophisticated malware campaign that…

8 hours ago