Project 24: Sniffing with ettercap on Ubuntu Linux Worth 15 Points
What You Will Need
A Ubuntu machine to perform the ettercap scan A Windows machine to act as a file serer !"our irtual Windows #P machine will wor$% Another Windows machine to be a client !"our host Windows #P machine will wor$% Start Your Ubuntu Virtual Machine &' Start "our Ubuntu machine and log in as usual' Installing ettercap 2' (rom the menu bar in the upper left corner of the Ubuntu des$top) clic$ Applications) Add/Remove' *' +n the Add/Remove Applications box) in the Search field) enter ettercap and press the ,nter $e"' 4' When the ettercap application appears) as shown below on this page) chec$ the chec$ box in the Application pane' +n the -Apply the ollo!ing changes". box) clic$ Apply' ,nter "our password when "ou are prompted to' Wait while software downloads and installs' /' When "ou see a #hanges applied box sa"ing that the changes were successful) clic$ #lose' 01+2 &2* 3 4owne Page & of 5 Revised 10-16-08 Project 24: Sniffing with ettercap on Ubuntu Linux Worth 15 Points Starting ettercap 5' (rom the Ubuntu menu bar) clic$ Applications) Accessories) $erminal' 6' +n the terminal window) enter this command) then press the ,nter $e": ettercap --help A long list of options appears) as shown to the right on this page' 7' +n the terminal window) enter this command) then press the ,nter $e": sudo ettercap i eth0 Tq -d 1ote: 8ou ma" need to use eth% instead of eth&' ,nter "our password when "ou are prompted to' 2his command starts ettercap in text mode) with 91S resolution of +P addresses' 2here are seeral lines of introductor" information) as shown to the right on this page) followed b" the message -$e't only Interace activated(.' 2his window is now sniffing all networ$ traffic to find passwords' 01+2 &2* 3 4owne Page 2 of 5 Project 24: Sniffing with ettercap on Ubuntu Linux Worth 15 Points )ogging in to a Simple *$$+ )ogin ,orm !ith ,ireo' rom Ubuntu :' Leae the 2erminal window open' &;' (rom the menu bar in the upper left corner of the Ubuntu des$top) clic$ Applications) Internet) ,ireo' Web -ro!ser' &&' 2"pe in the address tinyurl.com/a/elogin and press the ,nter $e"' ,nter "our name into the Username field' Do NOT put your real password into the password field, whatever you do! Put in a password of ,romUbuntu and clic$ the -Submit 0uery. button' &2' When a box pops up as$ing whether "ou want (irefox to remember this password) clic$ -Not no!.' After a few seconds) "ou will see a message sa"ing 123 )ogin approved' &*' 0lose or minimi<e the (irefox window' 2he ettercap window should now show the name and password "ou t"ped in' 8ou ma" need to wait &; or &/ seconds for the password to appear' )ogging in to a Simple *$$+ )ogin ,orm !ith ,ireo' rom Windo!s &4' Leae the 2erminal window open' &/' =o to a Windows machine' 8ou could use "our host s"stem) or an" computer in the room' &5' >n the Windows machine) open a Web browser and go to tinyurl.com/a/elogin &6' ,nter "our name into the Username field' Put in a password of ,romWindo!s and press the ,nter $e"' &7' When a box pops up as$ing whether "ou want the browser to remember this password) clic$ -Not no!.' After a few seconds) "ou will see a message sa"ing Username/+ass!ord ,ailure' &:' Loo$ at "our Ubuntu machine now' 2he ettercap window should now show both names and passwords) as shown below on this page' 01+2 &2* 3 4owne Page * of 5 Project 24: Sniffing with ettercap on Ubuntu Linux Worth 15 Points Saving the Screen Image 2;' ?a$e sure the two passwords ,romUbuntu and ,romWindo!s are isible) as shown on the preious page' 2&' Press 0trl@Alt to release the mouse) and clic$ on the host Windows #P des$top' Press the PrntScn $e" to cop" whole screen to the clipboard' 22' >n the host Windows #P des$top) open Paint and paste in the image' Sae it as a AP,=) with the filename Your Name +ro4 56a' Setting up a ,ile Share on a Windo!s Machine 2*' Start a Windows #P irtual machine' 8ou can use the same host machine "ou are running Ubuntu on) or an" other host computer on the LA1' Log in as usual' 24' 0lic$ Start) My #omputer' +n the My #omputer window) clic$ $ools) ,older 1ptions' +n the ,older 1ptions box) clic$ the Vie! tab' Scroll to the bottom of the list and ma$e sure the Use simple ile sharing 7recommended8 box is chec$ed) as shown to the right on this page' 0lic$ the 12 button' 2/' Bight3clic$ the des$top and select Ne!) ,older' 1ame the new folder YourNaeShare' 9onCt use the literal text -8our1ame.Dinstead use "our own name' 25' Bight3clic$ the YourNaeShare folder and clic$ Sharing and Security' 26' +f "ou see a window li$e the figure to the right on this page) clic$ the lower blue text sa"ing -I you understand the security ris/s3 but !ant to share iles !ithout running the !i9ard3 clic/ here. and then clic$ -:ust enable ile sharing. +f "ou donCt see that box) thatCs >E) just proceed to the next step' 01+2 &2* 3 4owne Page 4 of 5 Project 24: Sniffing with ettercap on Ubuntu Linux Worth 15 Points 27' +n the YourNameShare +roperties box) clic$ the -Share this older on the net!or/. button) as shown to the right on this page' 0lic$ the 12 button' 2his machine is now a ,ile Server' 2:' >n "our ,ile Server Windows machine) clic$ Start) Run) enter #M;) and press the ,nter $e"' (ind the +P address of "our Windows machine and write it in the box to the right on this page' #onnecting to the ,ile Share ,rom a ;ierent Windo!s Machine *;' =o to a different Windows machine) such as the host Windows #P s"stem' 0lic$ Start) Run' +n the Run box) enter two bac$slashes and the +P address "ou wrote in the box aboe) as shown to the right on this page' 9onCt use the exact address shown in the figureDuse the +P address of "our own Windows #P file serer' Press the ,nter $e"' *&' +f a #onnect to box appears) reFuesting a User name and Password) as shown to the right on this page) just clic$ #ancel' 01+2 &2* 3 4owne Page / of 5 Win ,ile Server I+< =============================== Project 24: Sniffing with ettercap on Ubuntu Linux Worth 15 Points *2' Loo$ at "our Ubuntu machine now' 2he ettercap window should one or more password hashes) as shown below on this page' +tCs possible to crac$ these hashes) but it can be difficult' 8ou need to use a tool li$e Aohn the Bipper) which we will use in a later project' **' +f "ou donCt see an" hashes) tr" opening an" local networ$ share from an" computer' 2he simplest wa" to do it in S2&4 is to go to an" host Windows #P machine) clic$ Start) Run and enter >>%?5.%@A.%.B Saving the Screen Image *4' ?a$e sure the password *AS* is isible) as shown aboe on this page' */' Press 0trl@Alt to release the mouse) and clic$ on the host Windows #P des$top' Press the PrntScn $e" to cop" whole screen to the clipboard' *5' >n the host Windows #P des$top) open Paint and paste in the image' Sae it as a AP,=) with the filename Your Name +ro4 56b' $urning in your +ro4ect *6' ,mail the AP,= image to me as an attachment' Send the message to cnit.%5BCgmail.com with a subject line of +ro4 56 ,rom Your Name' Send a 0c to "ourself' Last modified &;3&53;7 01+2 &2* 3 4owne Page 5 of 5