Akagi201/ettercap.md

Last active October 4, 2015 07:08

Star (0) You must be signed in to star a gist
Fork (0) You must be signed in to fork a gist

Learn more about clone URLs
Clone this repository at <script src="https://gist.github.com/Akagi201/10443526.js"></script>
Save Akagi201/10443526 to your computer and use it in GitHub Desktop.

Download ZIP

Raw

ettercap.md

sniffer

ettercap -i eth0 -Tq -L sniffed_data -M arp:remote /xx.xx.xx.xx/3389 //
https://www.70sec.com/thread-3110-1-1.html

What

用于局域网内MITM攻击的工具.
可以用于网络协议分析和网络审计.

4种运行模式

IP-based
MAC-based
ARP-based
PublicARP-based

Features

Character injection into an established connection
SSH1 support
HTTPS support
Remote traffic through a GRE tunnel
Plug-in support
Password collectors for: TELNET, FTP, POP, IMAP, rlogin, SSH1, ICQ, SMB, MySQL, HTTP, NNTP, X11, Napster, IRC, RIP, BGP, SOCKS 5, IMAP 4, VNC, LDAP, NFS, SNMP, Half-Life, Quake 3, MSN, YMSG
Packet filtering/dropping
OS fingerprinting
Kill a connection
Passive scanning of the LAN
Hijacking of DNS requests
Ettercap also has the ability to actively or passively find other poisoners on the LAN

Refs

官网

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment