Cacher is the code snippet organizer for pro developers

sniffer

• ettercap -i eth0 -Tq -L sniffed_data -M arp:remote /xx.xx.xx.xx/3389 //
• https://www.70sec.com/thread-3110-1-1.html

What

• 用于局域网内MITM攻击的工具.
• 可以用于网络协议分析和网络审计.

4种运行模式

• IP-based
• MAC-based
• ARP-based
• PublicARP-based

Features

• Character injection into an established connection
• SSH1 support
• HTTPS support
• Remote traffic through a GRE tunnel
• Plug-in support
• Password collectors for: TELNET, FTP, POP, IMAP, rlogin, SSH1, ICQ, SMB, MySQL, HTTP, NNTP, X11, Napster, IRC, RIP, BGP, SOCKS 5, IMAP 4, VNC, LDAP, NFS, SNMP, Half-Life, Quake 3, MSN, YMSG
• Packet filtering/dropping
• OS fingerprinting
• Kill a connection
• Passive scanning of the LAN
• Hijacking of DNS requests
• Ettercap also has the ability to actively or passively find other poisoners on the LAN

Refs

• 官网