Weird ip adresses
Merlinistisch opened this issue · 14 comments
The ip adresses that i get are 10.2.2 10.2.3 10.2.4
Mac adresses: 52:54:00:12:35:02, 52:54:00:12:35:03, 52:54:00:12:35:04, i booted up ettercap through the root terminal, i used eth0 clicked accept, clicked on scan for hosts, Lua: no scripts were specified, not starting up! Was something that was shown in the text box, i didn't specify the netmask, the textbox also said: Ettercap might not work correctly. /proc/sys/net/ipv6/conf/eth0/use_tempaddr is not set to 0.
Privileges dropped to EUID 0 EGID 0...
so what is the issue?
what does ifconfig report?
The issue is that these IP adresses have never logged into the network and probably don't exist, ifcongi shows:
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.0.2.15 netmask 255.255.255.0 broadcast 10.0.2.255
inet6 fe80::a00:27ff:fe02:4be7 prefixlen 64 scopeid 0x20
ether 08:00:27:02:4b:e7 txqueuelen 1000 (Ethernet)
RX packets 1 bytes 590 (590.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 21 bytes 2972 (2.9 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10
loop txqueuelen 1000 (Local Loopback)
RX packets 4 bytes 240 (240.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 4 bytes 240 (240.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
Could you please run the following command on CLI:
sudo ettercap -Tqslq
and paste the ouput here?
Could you please run the following command on CLI:
sudo ettercap -Tqslqand paste the ouput here?
the output is :
ettercap 0.8.3.1 copyright 2001-2020 Ettercap Development Team
Listening on:
eth0 -> 08:00:27:02:4B:E7
10.0.2.15/255.255.255.0
fe80::a00:27ff:fe02:4be7/64
SSL dissection needs a valid 'redir_command_on' script in the etter.conf file
Ettercap might not work correctly. /proc/sys/net/ipv6/conf/eth0/use_tempaddr is not set to 0.
Privileges dropped to EUID 65534 EGID 65534...
34 plugins
42 protocol dissectors
57 ports monitored
28230 mac vendor fingerprint
1766 tcp OS fingerprint
2182 known services
Lua: no scripts were specified, not starting up!
Randomizing 255 hosts for scanning...
Scanning the whole netmask for 255 hosts...
- |==================================================>| 100.00 %
3 hosts added to the hosts list...
Starting Unified sniffing...
Text only Interface activated...
Hit 'h' for inline help
Hosts list:
-
10.0.2.2 52:54:00:12:35:02 -
10.0.2.3 52:54:00:12:35:03 -
10.0.2.4 52:54:00:12:35:04
Closing text interface...
Terminating ettercap...
Lua cleanup complete!
Unified sniffing was stopped.
I know that the ip adresses of my phone, the virtual machine and my pc aren't listed.
Can you please re-run the command with the -w /tmp/packets.pcap and provide the file /tmp/packets.pcap?
Iit says: -w /tmp/packets.pcap
Well or should not say anything different but have a file packet.pcap in /tmp directory.
I have the same problem
did you found how to fix it guys ?
I cannot reproduce it. Therefore I asked to re-run incl. the -w /tmp/packets.pcap.
okaaay I found the problem
we were on NAT mode in our VM
switch to the bridge mode that allow your VM to be like a physical computer and have his own IP adress
go to the setting of your VM then networks or something like that and switch from nat to bridge
Thanks for sharing your finding. Closing the issue then.