Akagi201
4/11/2014 - 6:14 AM

ettercap.md

sniffer

What

  • 用于局域网内MITM攻击的工具.
  • 可以用于网络协议分析和网络审计.

4种运行模式

  • IP-based
  • MAC-based
  • ARP-based
  • PublicARP-based

Features

  • Character injection into an established connection
  • SSH1 support
  • HTTPS support
  • Remote traffic through a GRE tunnel
  • Plug-in support
  • Password collectors for: TELNET, FTP, POP, IMAP, rlogin, SSH1, ICQ, SMB, MySQL, HTTP, NNTP, X11, Napster, IRC, RIP, BGP, SOCKS 5, IMAP 4, VNC, LDAP, NFS, SNMP, Half-Life, Quake 3, MSN, YMSG
  • Packet filtering/dropping
  • OS fingerprinting
  • Kill a connection
  • Passive scanning of the LAN
  • Hijacking of DNS requests
  • Ettercap also has the ability to actively or passively find other poisoners on the LAN

Refs