From: Christine Kronberg (Christine_Kronberg@genua.de)
Date: Mon Aug 11 2003 - 09:41:03 EDT
Hi,
> i started with webmitm -dd and see only all the GET requests from "victim"
If I understand the source code correctly than this is exactly what
it is supposed to do (please correct me, if I'm wrong). webmitm is a
demonstration for sniffing sensitive data like passwords or similar
things. The victim is putting this data either in a GET request - so
you only need to read enough of the data to fetch the complete GET
request - or the data sits in the http header data when using a POST
request. I can get both working, but when submitting the data via POST,
I only see the data using lynx and forcing it to a hard exit. That
takes a lot of charm from a demonstration (well, usually the GET
part is enough ;-) ).
> but no traffic from real site back .
>
> victim -- > attacker ---> real site
>
> Btw, i found out that my dnsspoof is working intermittently... thought i put
> www.hotmail.com and mail.yahoo.com in
> the dnsspoof.hosts file but only mail.yahoo.com is being spoofed and not
> www.hotmail.com.. any help plse
You entered both correctly into your spoofed-hosts file, I presume?!
What does dnsspoof say, wenn a request for hotmail.com comes by? Is
it ignored?
Regards,
Chris Kronberg.
-- GeNUA mbH --------------------------------------------------------------------------- ----------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:38 EDT