How to install Ettercap-0.7.4 on Backtrack 5r1
tutorial by gh0st
Big Shouts to my brothers at irc.anonops.li #anonops and #antisec
especially ShitStorm and Poke (your guys commitment to Anonops is greatly appreciated and respected)
daboogieman and evilworks (thank you for all of your hard work as well)
Well it has been 6 long years since there has been and update from the great guys at Ettercap, but after all of
that waiting our requests have been answered with Ettercap 0.7.4 codename Lazarus!
As of writting this very simple tutorial the great and truly amazing and hard working guys at Backtrack have ye/t
to add the new Ettercap version into their repo's collection. This is understandable since they are very busy over
there at Backtrack so if you want to use the new version of Ettercap you are going to have to install it the old
fashioned way...but don't worry it is not as hard as you may think...
Here we go!!!
Step 1. Download ettercap, which you can get at: http://ettercap.sourceforge.net/
Step 2. You are going to need to install some dependencies in order for ettercap to work, some can be installed
from backtrack's repo's.
Step 2a. apt-get install libgtk2.0-dev libpango1.0-dev
Step 3. You need to install libnet 1.1.2.1 which you can get here:
http://linux.softpedia.com/progDownload/Libnet-Download-10275.html
Step 3a. you can download libnet 1.1.2.1 to any directory that you choose for this tutorial we will download
libnet into our root directory /root
Step 4. root@bt: tar -zxvpf /root/libnet-1.1.2.1.tar.gz (this will extract everything to directory -> libnet)
Step 4a. root@bt: cd /root/libnet
Step 4b. root@bt:~/libnet# ./configure, make, make install (this will install libnet for you)
Step 5. Okay now all the dependecies are install now we can get to the fun part!
Step 6. Go back to the directory that has the ettercap file (ettercap-0.7.4.tar.gz) in this case it is our root
directory.
Step 6a. Untar it root@bt# tar -zxvpf /root/ettercap-0.7.4.tar.gz
Step 7. root@bt# cd /root/ettercap
Step 7a. run the autogen.sh file in the ettercap directory root@bt:~/ettercap# ./autogen.sh
Step 7b. Okay after you have run the autogen.sh shell script you will need to run ./configure in the ettercap
directory only you need to tell the ./configure script where you install the libnet 1.1.2.1 directory
so we do this:
root@bt:~/ettercap# ./configure --with-libnet-includes=/root/libnet/include --with-libnet-libraries=/root/libnet/include/libnet
Step 8. make, make install
Congratulations you have just successfully install Ettercap 0.7.4 codename Lazarus!
root@bt:~/ettercap# ettercap --help
ettercap NG-0.7.4_git copyright 2001-2011 ALoR & NaGA
Usage: ettercap [OPTIONS] [TARGET1] [TARGET2]
TARGET is in the format MAC/IPs/PORTs (see the man for further detail)
Sniffing and Attack options:
-M, --mitm perform a mitm attack
-o, --only-mitm don't sniff, only perform the mitm attack
-B, --bridge use bridged sniff (needs 2 ifaces)
-p, --nopromisc do not put the iface in promisc mode
-u, --unoffensive do not forward packets
-r, --read read data from pcapfile
-f, --pcapfilter set the pcap filter
-R, --reversed use reversed TARGET matching
-t, --proto sniff only this proto (default is all)
User Interface Type:
-T, --text use text only GUI
-q, --quiet do not display packet contents
-s, --script issue these commands to the GUI
-C, --curses use curses GUI
-G, --gtk use GTK+ GUI
-D, --daemon daemonize ettercap (no GUI)
Logging options:
-w, --write write sniffed data to pcapfile
-L, --log log all the traffic to this
-l, --log-info log only passive infos to this
-m, --log-msg log all the messages to this
-c, --compress use gzip compression on log files
Visualization options:
-d, --dns resolves ip addresses into hostnames
-V, --visual set the visualization format
-e, --regex visualize only packets matching this regex
-E, --ext-headers print extended header for every pck
-Q, --superquiet do not display user and password
General options:
-i, --iface use this network interface
-I, --iflist show all the network interfaces
-n, --netmask force this on iface
-P, --plugin launch this
-F, --filter load the filter (content filter)
-z, --silent do not perform the initial ARP scan
-j, --load-hosts load the hosts list from
-k, --save-hosts save the hosts list to
-W, --wep-key use this wep key to decrypt wifi packets
-a, --config use the alterative config file
Standard options:
-U, --update updates the databases from ettercap website
-v, --version prints the version and exit
-h, --help this help screen
Well i hope this tutorial has been helpful and enjoy ettercap it is such a great application!
NOTE: it has been said on certain other linux distro's that you may have to restart to get ettercap working but this was not
the case with Backtrack 5r1 it worked right away.
NOTE: ettercap-gtk worked right away as well which you can run for either command line: ettercap -G or from the kde/gnome menu
Again, i hope this was helpful!
-gh0st