ECE4112 Lab 12Group Number: _________Member Names: ___________________ _______________________Section 1 – Installing EttercapNGSection 2 – Configuring Apache and SSLSection 3 – SSL Man-In-The-MiddleSection 4 - Ettercap FiltersSection 5 – Ettercap PluginsFinal Section: Suggested additions and future enhancements1. SSH MITM attack.2. Capturing and analyzing packets/data using etterlog.ReferencesECE4112 Lab 12 Lab12: Advanced EttercapGroup Number: _________Member Names: ___________________ _______________________Date Assigned: Date Due: Last Edited: December 11, 2006Authored By: David Wharton, Chris CornettPlease read the entire lab and any extra materials carefully before starting. Be sure to startearly enough so that you will have time to complete the lab. Answer ALL questions in theAnswer Sheet and be sure you turn in ALL materials listed in the Turn-in Checklist on or before the Date Due.Goal: This lab will introduce you to EttercapNG-0.7.3, showing you how to use it to do ARP poisoning, SSL man-in-the-middle attacks, DNS spoofing, and more.Summary: This lab consists of two sections. In Section 1 involves configuring, compiling, and installing all that is necessary to get Ettercap running. Section 2 involves setting up a SSL enabled web server. In Section 3 you will use Ettercap to demonstrate a SSL man-in-the-middle (MITM) attack. Section 4 involves creating an Ettercap filter to modify packets between a web server and victim. In Section 5 you will use Ettercap plugins to do DNS spoofing and more.Background: Read “Hacking Exposed” Chapters 5 and 13. Prelab: A quick look at an ARP table.1. Find any windows machine and open the command prompt. [8]2. Type “arp –a” in the prompt to display the ARP table. Note that the table stores 3 things per entry: internet address (IP), physical address (MAC address) and whether the entry is static or dynamic. [8]3. Take a look at the Ettercap man page and familiarize yourself with what Ettercap is capable of. http://www.penguin-soft.com/penguin/man/8/ettercap.html. [4]4. Take a look at the appendices so you are aware of what is in them.Lab Scenario:This lab requires the use of three machines on the same network:1. RedHat WS 4 Host Machine 12. RedHat WS 4 Virtual Machine that we will configure to be a SSL enabled web server.3. Windows XP Virtual Machine which will be the “victim”.Section 1 – Installing EttercapNG1.1. Installing Ettercap on the RedHat WS 4 Host Machine.From the Lab12 directory on the nas4112 share copy the following to your RedHat WS 4 Host Machine:googlefilter.txtinstall (the entire directory)On the RedHat WS 4 Host Machine, open a terminal and cd into the install directory you copied over.Install libpcap (also available from http://www.tcpdump.org/ [14]):tar –xvf libpcap-0.8.1.tarcd libpcap-0.8.1./configuremakemake installcd ..Install libnet (also available from http://www.packetfactory.net/libnet/ [15]):tar –xvf libnet-1.1.2.1.tarcd libnet./configuremakemake installcd ..Install OpenSSL (also available from http://www.openssl.org/ [16]):tar –xvf openssl-0.9.71.tarcd openssl-0.9.71./configmakemake testmake installcd ..Install pkgconfig (also available from http://pkgconfig.freedesktop.org/ [17]):tar –xvf pkgconfig-0.15.0.tar2cd pkgconfig-0.15.0./configuremakemake checkmake installcd ..Install glib (also available from http://www.gtk.org/ [18]):tar –xvzf glib-2.12.4.tar.gzcd glib-2.12.4./configuremakerm –rf /install-prefix/include/glib.h /install-prefix/include/gmodule.hmake installldconfigcd ..Install ATK (also available from http://www.gtk.org/ [18]):tar –xvjf atk-1.9.1.tar.bzcd atk-1.9.1./configuremakemake checkmake installcd ..Install libpng (also available from http://www.libpng.org/pub/png/libpng.html [19]):tar –xvjf libpng-1.2.8.tar.bz2cd libpng-1.2.8./configuremakemake installcd ..Install freetype (also available from http://www.freetype.org/ [20]):tar –xvzf freetype-2.2.1.tar.gzcd freetype-2.2.1./configuremake installInstall fontconfig (also available from http://www.fontconfig.org/ [21]):tar –xvzf fontconfig-2.4.0.tar.gzcd fontconfig-2.4.0./configuremakemake check3make installcd ..Install Cairo (also available from http://cairographics.org/ [22]):tar –xvzf cairo-1.2.2.tar.gzcd cairo-1.2.2./configuremakemake installcd ..Install Pango (also available from http://www.gtk.org/ [18]):tar –xvzf pango-1.14.7.tar.gzcd pango-1.14.7open ../modules/Arabic/Arabic-lang.c and comment out the line that says:#include “arabic-ot.h”save the file and the continue the compilation and install:./configuremakemake checkmake installcd ..Install GTK (also available from http://www.gtk.org/ [18]):tar –xvzf gtk+-2.10.6.tar.gzcd gtk+-2.10.6./configuremakemake installcd ..Install Ettercap (also available from http://ettercap.sourceforge.net/ [23]):Note: if you have a previous version of ettercap installed, you will want to uninstall it before installing ettercap-NG. The easiest way to do this is to go the directory where youcompiled the previous version and type, “make uninstall”.tar –xvf ettercap-NG-0.7.3.tarcd ettercap-NG-0.7.3./configuremakemake install4Now, ettercap-NG is installed to /usr/local/bin. This probably is not in your path so to make things easy, you can go ahead and put it in your path. An easy way to do this, assuming that /sbin is in your path, is to create a symbolic link:ln –s /usr/local/bin/ettercap /sbin/ettercapNow you can launch ettercap from the terminal by just typing “ettercap” no matter what the current working directory is (of course you will have to specify a user interface; e.g. ettercap –G).From a terminal type:ettercap -GIf the Ettercap GUI comes up, you have successfully installed EttercapNG. Close Ettercap for now since we still need to do some configurations.Section 2 – Configuring Apache and SSLNote: most of this section comes from Appendix E of Lab 9 although it has been modified somewhat. [2]2.1. Copying over and configuring a RedHat WS 4 Virtual Machine.From the nas4112 share, copy the following directory to your RedHat WS 4 Host Machine:VMWare/RedHatWS4In VMWare, add the virtual machine you just copied over via the instructions from Lab 1.You will also need to give it a unique IP in the IP range your group was assigned; see Lab1 for instructions.2.2. Installing and configuring Apache on a RedHat WS 4 Virtual Machine.For this part of the lab we will be working on the RedHat WS 4 Virtual Machine you justset up. You will need
View Full Document