Page 1 of 2 12 LastLast
Results 1 to 10 of 19

Thread: ettercap prob slack11 suspect libnet

  1. #1

    Arrow ettercap prob slack11 suspect libnet

    hi everyone,
    im having a problem using ettercap on slackware 11, i didnt use to have (eg. its facing me the first time)


    when i run:
    ettercap -T -M arp:remote -i ath0 -q /host/ /router/

    and after that i start the check poisoning plugin (chk_poison)
    it gives me

    chk_poison: Checking poisoning status...

    ERROR : 1, Operation not permitted
    [ec_send.c:send_L3_icmp_echo:513]

    libnet_write (-1): libnet_write_raw_ipv4(): -1 bytes written (Operation not permitted)


    iptables v1.3.5: can't initialize iptables table `nat': Permission denied (you must be root)
    Perhaps iptables or your kernel needs to be upgraded.
    iptables v1.3.5: can't initialize iptables table `nat': Permission denied (you must be root)
    Perhaps iptables or your kernel needs to be upgraded.
    iptables v1.3.5: can't initialize iptables table `nat': Permission denied (you must be root)
    Perhaps iptables or your kernel needs to be upgraded.
    iptables v1.3.5: can't initialize iptables table `nat': Permission denied (you must be root)
    Perhaps iptables or your kernel needs to be upgraded.
    iptables v1.3.5: can't initialize iptables table `nat': Permission denied (you must be root)
    Perhaps iptables or your kernel needs to be upgraded.
    iptables v1.3.5: can't initialize iptables table `nat': Permission denied (you must be root)
    Perhaps iptables or your kernel needs to be upgraded.
    iptables v1.3.5: can't initialize iptables table `nat': Permission denied (you must be root)
    Perhaps iptables or your kernel needs to be upgraded.
    iptables v1.3.5: can't initialize iptables table `nat': Permission denied (you must be root)
    Perhaps iptables or your kernel needs to be upgraded.
    iptables v1.3.5: can't initialize iptables table `nat': Permission denied (you must be root)
    Perhaps iptables or your kernel needs to be upgraded.

    ip_forwarding was disabled, but we cannot re-enable it now.
    remember to re-enable it manually


    and it crashes, i have libnet for slackware 11 installed from source (1.1.2.1).
    i have however another box running slack 10.2 which uses the same and it is working nice.

    i noticed it worked when i compiled libnet from source, (after having it as package), after that and without any warnings it started giving me the same error again (the one mentioned).
    i even tried backtrack which used to do it succesful and also the same error. (maybe hardware although its new hardware)

    but i noticed that regardless of the check_poison error, it indeed did a an arp poisoning ( i checked it on the machine im testing)

    any help is appreciated
    thank you
    The second step on the way to become a hacker is to run GNU/Linux. (first step is to buy a computer)
    My old skewl http://www.skoz.nl/spelevaert/

  2. #2
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,885
    Are you serious???

    Permission denied (you must be root)
    Does this perhaps offer you a clue as to what the problem could be?

    --TH13
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  3. #3
    thanks for you reply,
    im running it as root, but it says that (iptables thingy) probably because of privileges dropping.
    Last edited by HackerzMaster; March 24th, 2007 at 05:40 PM.
    The second step on the way to become a hacker is to run GNU/Linux. (first step is to buy a computer)
    My old skewl http://www.skoz.nl/spelevaert/

  4. #4
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,885
    If you're running as root and you're seeing these messages, there are more issues with your host than you're aware of. Being denied access to shared libraries (and other things) when you're logged in as root is not a good sign my friend.
    Last edited by thehorse13; March 24th, 2007 at 01:45 PM.
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  5. #5
    ok, but its a *fresh* install of slack11, and what about backtrack -running live- giving this error?

  6. #6
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,885
    Fresh install fully patched?
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  7. #7
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Hmmmm,

    Not my area at all, but as a general fault finding thing, given that you have a new machine and new software?

    Try mirroring your working 10.2 setup onto the new box............ at least that should give you a good idea of whether it is some sort of hardware, firmware, driver issue or something else?

    The problem that I have found with high level error messages is that they can be very deceptive if you have some low level or incompatibility problem?

    Just a few thoughts on general principles --TH13 knows the ins and outs of the actual applications

  8. #8
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,885
    I'm certain the issue isn't with the OS itself, rather, the versions of libraries and such that are in use with Ettercap or a config issue. This app is VERY specific about what needs to be present before it will work.

    That said, if this host is FULLY patched and freshly installed, I would go to the ettercap forums on sourceforge and report the issue to the development team. Still, the fact that root can't access a shared library is disturbing to me. Perhaps there is a bug in Ettercap but I would first check to see if the user is set to root in the etter.conf file. Are you running their latest release? Did you compile anything specific into it?

    Anyway, http://ettercap.sourceforge.net and visit the support forums.

    --TH13
    Last edited by thehorse13; March 25th, 2007 at 02:36 PM.
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  9. #9
    nihil: thanks, will try to do that
    th13:my system is patched. altough i dont think of it as a compromise since backtrack gives the same thing. I edited etter.conf and set the uid and gid dropped to, to 0 (root) and it stopped giving the error about iptables, but still the libnet error.
    Last edited by HackerzMaster; March 25th, 2007 at 06:15 PM.
    The second step on the way to become a hacker is to run GNU/Linux. (first step is to buy a computer)
    My old skewl http://www.skoz.nl/spelevaert/

  10. #10
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,885
    OK, half the problem is solved. Now all you have to do is look at the perms on the libnet files. Does root have rights to them? If so, you may have a bug on your hands. Best bet at that point is to report the libnet error to the developers on the ettercap forum.

    --TH13
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

Similar Threads

  1. Fun with Ettercap Filters
    By Irongeek in forum The Security Tutorials Forum
    Replies: 2
    Last Post: June 16th, 2005, 07:09 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •