How to install Ettercap-0.7.4 on Backtrack 5r1
tutorial by gh0st
Big Shouts to my brothers at irc.anonops.li #anonops and #antisec
especially ShitStorm and Poke (your guys commitment to Anonops is greatly appreciated and respected)
daboogieman and evilworks (thank you for all of your hard work as well)
Well it has been 6 long years since there has been and update from the great guys at Ettercap, but after all of
that waiting our requests have been answered with Ettercap 0.7.4 codename Lazarus!
As of writting this very simple tutorial the great and truly amazing and hard working guys at Backtrack have ye/t
to add the new Ettercap version into their repo's collection. This is understandable since they are very busy over
there at Backtrack so if you want to use the new version of Ettercap you are going to have to install it the old
fashioned way...but don't worry it is not as hard as you may think...
Here we go!!!
Step 1. Download ettercap, which you can get at: http://ettercap.sourceforge.net/
Step 2. You are going to need to install some dependencies in order for ettercap to work, some can be installed
from backtrack's repo's.
Step 2a. apt-get install libgtk2.0-dev libpango1.0-dev
Step 3. You need to install libnet 1.1.2.1 which you can get here:
http://linux.softpedia.com/progDownload/Libnet-Download-10275.html
Step 3a. you can download libnet 1.1.2.1 to any directory that you choose for this tutorial we will download
libnet into our root directory /root
Step 4. root@bt: tar -zxvpf /root/libnet-1.1.2.1.tar.gz (this will extract everything to directory -> libnet)
Step 4a. root@bt: cd /root/libnet
Step 4b. root@bt:~/libnet# ./configure, make, make install (this will install libnet for you)
Step 5. Okay now all the dependecies are install now we can get to the fun part!
Step 6. Go back to the directory that has the ettercap file (ettercap-0.7.4.tar.gz) in this case it is our root
directory.
Step 6a. Untar it root@bt# tar -zxvpf /root/ettercap-0.7.4.tar.gz
Step 7. root@bt# cd /root/ettercap
Step 7a. run the autogen.sh file in the ettercap directory root@bt:~/ettercap# ./autogen.sh
Step 7b. Okay after you have run the autogen.sh shell script you will need to run ./configure in the ettercap
directory only you need to tell the ./configure script where you install the libnet 1.1.2.1 directory
so we do this:
root@bt:~/ettercap# ./configure --with-libnet-includes=/root/libnet/include --with-libnet-libraries=/root/libnet/include/libnet
Step 8. make, make install
Congratulations you have just successfully install Ettercap 0.7.4 codename Lazarus!
root@bt:~/ettercap# ettercap --help
ettercap NG-0.7.4_git copyright 2001-2011 ALoR & NaGA
Usage: ettercap [OPTIONS] [TARGET1] [TARGET2]
TARGET is in the format MAC/IPs/PORTs (see the man for further detail)
Sniffing and Attack options:
-M, --mitm <METHOD:ARGS> perform a mitm attack
-o, --only-mitm don't sniff, only perform the mitm attack
-B, --bridge <IFACE> use bridged sniff (needs 2 ifaces)
-p, --nopromisc do not put the iface in promisc mode
-u, --unoffensive do not forward packets
-r, --read <file> read data from pcapfile <file>
-f, --pcapfilter <string> set the pcap filter <string>
-R, --reversed use reversed TARGET matching
-t, --proto <proto> sniff only this proto (default is all)
User Interface Type:
-T, --text use text only GUI
-q, --quiet do not display packet contents
-s, --script <CMD> issue these commands to the GUI
-C, --curses use curses GUI
-G, --gtk use GTK+ GUI
-D, --daemon daemonize ettercap (no GUI)
Logging options:
-w, --write <file> write sniffed data to pcapfile <file>
-L, --log <logfile> log all the traffic to this <logfile>
-l, --log-info <logfile> log only passive infos to this <logfile>
-m, --log-msg <logfile> log all the messages to this <logfile>
-c, --compress use gzip compression on log files
Visualization options:
-d, --dns resolves ip addresses into hostnames
-V, --visual <format> set the visualization format
-e, --regex <regex> visualize only packets matching this regex
-E, --ext-headers print extended header for every pck
-Q, --superquiet do not display user and password
General options:
-i, --iface <iface> use this network interface
-I, --iflist show all the network interfaces
-n, --netmask <netmask> force this <netmask> on iface
-P, --plugin <plugin> launch this <plugin>
-F, --filter <file> load the filter <file> (content filter)
-z, --silent do not perform the initial ARP scan
-j, --load-hosts <file> load the hosts list from <file>
-k, --save-hosts <file> save the hosts list to <file>
-W, --wep-key <wkey> use this wep key to decrypt wifi packets
-a, --config <config> use the alterative config file <config>
Standard options:
-U, --update updates the databases from ettercap website
-v, --version prints the version and exit
-h, --help this help screen
Well i hope this tutorial has been helpful and enjoy ettercap it is such a great application!
NOTE: it has been said on certain other linux distro's that you may have to restart to get ettercap working but this was not
the case with Backtrack 5r1 it worked right away.
NOTE: ettercap-gtk worked right away as well which you can run for either command line: ettercap -G or from the kde/gnome menu
Again, i hope this was helpful!
-gh0st