The net/ettercap port
ettercap-0.8.3.1p0 – multi-purpose sniffer/interceptor/logger
Description
Ettercap is a multipurpose sniffer/interceptor/logger for switched
LAN. It supports active and passive dissection of many protocols
(even ciphered ones) and includes many features for network and host
analysis.
It's possible to sniff in four modes.
+ IP Based, the packets are filtered on IP source and destination
+ MAC Based, packets filtered on mac address, useful to sniff
connections through gateway
+ ARP based, uses arp poisoning to sniff in switched lan between
two hosts (full-duplex).
+ PublicARP based, uses arp poisoning to sniff in switched LAN
from a victim host to all other hosts (half-duplex).
Cool Features:
* Characters injection in an established connection:
you can inject character to server (emulating commands) or to
client (emulating replies) maintaining the connection alive !!
* SSH1 support:
you can sniff User and Pass, and even the data of an SSH1
connection. ettercap is the first software capable to sniff an
SSH connection in FULL-DUPLEX
* Plug-ins support:
You can create your own plugin using the ettercap's API.
* Password collector for:
TELNET, FTP, POP, RLOGIN, SSH1, ICQ, SMB, MySQL, HTTP
(other protocols coming soon...)
* OS fingerprint:
you can fingerprint the OS of the victim host and even its
network adapter
* Kill a connection:
from the connections list you can kill all the connections you
want.
WWW: https://www.ettercap-project.org/
- Categories:
-
net
Library dependencies
Build dependencies
Run dependencies