Steal SSL Encrypted Passwords On WiFi Using Backtrack 5 & Ettercap

I am simply teaching how Arp Spoof and Ettercap work.

What does ettercap do?

Well it does a lot of things but today we are going to show how a hacker can steal SSL encrypted passwords over wifi! SSL encrypted sites are like Gmail, Yahoo, Paypal etc! Anything with https:// in front of it. 

How does it do this you ask? Confused

It works by ARP Spoofing your Victims IP and when the site they visit tries to serve an SSL Cert ettercap injects it's own fake cert and captures the password! Brilliant! 

1. Let's get started!

 First scroll to your dolphin file browser. It is the little icon in the bottom that looks like a file cabnet.

Click on the root folder 

Then open the etc folder and scroll down until you find a file called "etter.conf"

scroll down until you see this:

#---------------
#     Linux
#---------------
# if you use ipchains:
   #redir_command_on = "ipchains -A input -i %iface -p tcp -s 0/0 -d 0/0 %port -j REDIRECT %rport"
   #redir_command_off = "ipchains -D input -i %iface -p tcp -s 0/0 -d 0/0 %port -j REDIRECT %rport"
# if you use iptables:
   redir_command_on = "iptables -t nat -A PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"
   redir_command_off = "iptables -t nat -D PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"

Now we need to remove 2 # symbols to allow the Redir command to work in iptables. Make yours looks like this:


Change this: 
# if you use iptables:
   #redir_command_on = "iptables -t nat -A PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"
   #redir_command_off = "iptables -t nat -D PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"

To This:
# if you use iptables:
   redir_command_on = "iptables -t nat -A PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"
   redir_command_off = "iptables -t nat -D PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"

Great now the two # symbols are deleted just close and save!

2. Let's Open Ettercap!

Click the backtrack logo on the bottom left -> backtrack tab -> privilege escalation -> protocol analysis-> network sniffers -> ettercap-gtk


3. Now click Sniff and select unified sniffing.

4. Select your Network interface. In my case it is wlan0 my wifi but yours may be diferent!

5. Now click the Host tab and Scan for hosts.

6. Now click the host tab and select the host list option.

7. Now it's time to select your targets from the host list! Select your router mine was 192.168.1.1 and add it to host 2.
Next select your victim mine was 192.168.1.6 and add it to host 1.

8. Next go to the Mitm tab and select arp poisoning and check the box for remote sniffing and click ok!


9. Click the Start button and then the Start Sniffing option.


NOTE THIS TUTORIAL IS FOR EDUCATIONAL PURPOSES ONLY!!!