Howto: Spy and Sniff Wifi in Ubuntu Gutsy
Ok hacking wifi is as simple as compiling a linux application or simple ./exploit, if you intend to hack your neighbors wifi it is good to get to know who they are, where they are, what they do and know just how smart they are. There is a ton of things you can do with ettercap, the plugins are great. I personally use it to spy on open networks and my own network to find out exactly what my family/friends are doing and to make sure they arent into anything bad. You can use this to spy on your Girlfriend, Children and other good things other than break the law spying on someones wifi you just cracked :) Basically grab aircrack-ng and crack away, once owned you should grab ettercap and configure it:
Install:sudo apt-get install ettercap-gtk
Lets configure ettercap:sudo gedit /etc/etter.conf
Lets change the gid, uid:
ec_uid = 0
ec_gid = 0
Now edit the [dissectors] to configure what to sniff out, the default is fine.
We need to uncomment 2 lines for iptables to forward packets:redir_command_on = "iptables -t nat -A PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"
redir_command_off = "iptables -t nat -D PREROUTING -i %iface -p tcp --dport %port -j REDIRECT --to-port %rport"
Save the file ctrl-s
Start up Ettercap-NG
Once done all we do is sudo ettercap -i wlan0 -G
Now lets set this baby up, simply click on sniff, and then unified sniffing
Press Ctrl-W to start sniffing then ctrl-S to scan for hosts on the lan.
Click on Hosts and bring up the host list, select the box you want to see all communications of as Target 1 and slect the router as Target 2.
Click on MITM->Arp Poisoning, check Sniff Remote connections.
Now click on Plugins->Manage the Plugins and double click on chk_poison to see if poisoning was successful.
Ok im taking it as it is successful, now lets do a little bit of spying:
Click on View->Connections to actively see what ports the target is using and double click on any connection in the list to see what data is being transferred. Ettercap will automatically sniff for passwords as configured in the etter.conf file after [dissectors]
Now basically we can just sit and wait for passwords or we can actively listen in on http/chat sessions.