Project 24: Sniffing with ettercap on Ubuntu Linux Worth 15 Points

What You Will Need

A Ubuntu machine to perform the ettercap scan
A Windows machine to act as a file serer !"our irtual Windows #P machine will wor$%
Another Windows machine to be a client !"our host Windows #P machine will wor$%
Start Your Ubuntu Virtual Machine
&' Start "our Ubuntu machine and log in as usual'
Installing ettercap
2' (rom the menu bar in the upper left corner of the Ubuntu des$top) clic$ Applications)
Add/Remove'
*' +n the Add/Remove Applications box) in the Search field) enter ettercap and press the ,nter
$e"'
4' When the ettercap application appears) as shown below on this page) chec$ the chec$ box in
the Application pane' +n the -Apply the ollo!ing changes". box) clic$ Apply' ,nter "our
password when "ou are prompted to' Wait while software downloads and installs'
/' When "ou see a #hanges applied box sa"ing that the changes were successful) clic$ #lose'
01+2 &2* 3 4owne Page & of 5
Revised 10-16-08
Project 24: Sniffing with ettercap on Ubuntu Linux Worth 15 Points
Starting ettercap
5' (rom the Ubuntu menu bar)
clic$ Applications)
Accessories) $erminal'
6' +n the terminal window) enter
this command) then press the
,nter $e":
ettercap --help
A long list of options
appears) as shown to the
right on this page'
7' +n the terminal window) enter
this command) then press the ,nter $e":
sudo ettercap i eth0 Tq -d
1ote: 8ou ma" need
to use eth% instead of
eth&' ,nter "our
password when "ou
are prompted to' 2his
command starts
ettercap in text mode)
with 91S resolution
of +P addresses'
2here are seeral
lines of introductor"
information) as shown
to the right on this
page) followed b" the
message -$e't only
Interace
activated(.' 2his
window is now
sniffing all networ$
traffic to find
passwords'
01+2 &2* 3 4owne Page 2 of 5
Project 24: Sniffing with ettercap on Ubuntu Linux Worth 15 Points
)ogging in to a Simple *$$+ )ogin ,orm !ith ,ireo' rom Ubuntu
:' Leae the 2erminal window open'
&;' (rom the menu bar in the upper left corner of the Ubuntu des$top) clic$ Applications)
Internet) ,ireo' Web -ro!ser'
&&' 2"pe in the address
tinyurl.com/a/elogin
and press the ,nter $e"'
,nter "our name into the
Username field' Do
NOT put your real
password into the
password field, whatever
you do! Put in a
password of
,romUbuntu and clic$
the -Submit 0uery.
button'
&2' When a box pops up
as$ing whether "ou want (irefox to remember this password) clic$ -Not no!.' After a few
seconds) "ou will see a message sa"ing 123 )ogin approved'
&*' 0lose or minimi<e the (irefox window' 2he ettercap window should now show the name and
password "ou t"ped in' 8ou ma" need to wait &; or &/ seconds for the password to appear'
)ogging in to a Simple *$$+ )ogin ,orm !ith ,ireo' rom Windo!s
&4' Leae the 2erminal window open'
&/' =o to a Windows machine' 8ou could use "our host s"stem) or an" computer in the room'
&5' >n the Windows machine) open a Web browser and go to tinyurl.com/a/elogin
&6' ,nter "our name into the Username field' Put in a password of ,romWindo!s and press the
,nter $e"'
&7' When a box pops up as$ing whether "ou want the browser to remember this password) clic$
-Not no!.' After a few seconds) "ou will see a message sa"ing Username/+ass!ord
,ailure'
&:' Loo$ at "our Ubuntu machine now' 2he ettercap window should now show both names and
passwords) as shown below on this page'
01+2 &2* 3 4owne Page * of 5
Project 24: Sniffing with ettercap on Ubuntu Linux Worth 15 Points
Saving the Screen Image
2;' ?a$e sure the two passwords ,romUbuntu and ,romWindo!s are isible) as shown on the
preious page'
2&' Press 0trl@Alt to release the mouse) and clic$ on the host Windows #P des$top' Press the
PrntScn $e" to cop" whole screen to the clipboard'
22' >n the host Windows #P des$top) open Paint and paste in the image' Sae it as a AP,=) with
the filename Your Name +ro4 56a'
Setting up a ,ile Share on a Windo!s
Machine
2*' Start a Windows #P irtual machine' 8ou can
use the same host machine "ou are running
Ubuntu on) or an" other host computer on the
LA1' Log in as usual'
24' 0lic$ Start) My #omputer' +n the My
#omputer window) clic$ $ools) ,older
1ptions' +n the ,older 1ptions box) clic$ the
Vie! tab' Scroll to the bottom of the list and
ma$e sure the Use simple ile sharing
7recommended8 box is chec$ed) as shown to
the right on this page' 0lic$ the 12 button'
2/' Bight3clic$ the des$top and select Ne!) ,older'
1ame the new folder YourNaeShare' 9onCt
use the literal text -8our1ame.Dinstead use
"our own name'
25' Bight3clic$ the YourNaeShare folder and
clic$ Sharing and Security'
26' +f "ou see a window li$e the figure to the right
on this page) clic$ the lower blue text
sa"ing -I you understand the security
ris/s3 but !ant to share iles !ithout
running the !i9ard3 clic/ here. and
then clic$ -:ust enable ile sharing. +f
"ou donCt see that box) thatCs >E) just
proceed to the next step'
01+2 &2* 3 4owne Page 4 of 5
Project 24: Sniffing with ettercap on Ubuntu Linux Worth 15 Points
27' +n the YourNameShare +roperties box)
clic$ the -Share this older on the
net!or/. button) as shown to the right
on this page' 0lic$ the 12 button' 2his
machine is now a ,ile Server'
2:' >n "our ,ile Server Windows machine) clic$ Start) Run) enter #M;) and press the ,nter
$e"' (ind the +P address of
"our Windows machine and
write it in the box to the right
on this page'
#onnecting to the ,ile Share ,rom a ;ierent Windo!s Machine
*;' =o to a different Windows machine) such as the host
Windows #P s"stem' 0lic$ Start) Run' +n the Run box)
enter two bac$slashes and the +P address "ou wrote in the
box aboe) as shown to the right on this page' 9onCt use the
exact address shown in the figureDuse the +P address of
"our own Windows #P file serer' Press the ,nter $e"'
*&' +f a #onnect to box appears) reFuesting a User name and
Password) as shown to the right on this page) just clic$
#ancel'
01+2 &2* 3 4owne Page / of 5
Win ,ile Server I+< ===============================
Project 24: Sniffing with ettercap on Ubuntu Linux Worth 15 Points
*2' Loo$ at "our Ubuntu machine now' 2he ettercap window should one or more password
hashes) as shown below on this page' +tCs possible to crac$ these hashes) but it can be difficult'
8ou need to use a tool li$e Aohn the Bipper) which we will use in a later project'
**' +f "ou donCt see an" hashes) tr" opening an" local networ$ share from an" computer' 2he
simplest wa" to do it in S2&4 is to go to an" host Windows #P machine) clic$ Start) Run and
enter >>%?5.%@A.%.B
Saving the Screen Image
*4' ?a$e sure the password *AS* is isible) as shown aboe on this page'
*/' Press 0trl@Alt to release the mouse) and clic$ on the host Windows #P des$top' Press the
PrntScn $e" to cop" whole screen to the clipboard'
*5' >n the host Windows #P des$top) open Paint and paste in the image' Sae it as a AP,=) with
the filename Your Name +ro4 56b'
$urning in your +ro4ect
*6' ,mail the AP,= image to me as an attachment' Send the message to cnit.%5BCgmail.com
with a subject line of +ro4 56 ,rom Your Name' Send a 0c to "ourself'
Last modified &;3&53;7
01+2 &2* 3 4owne Page 5 of 5