- me broke, me fix
[packages/ettercap6.git] / ettercap-ncurses.patch
CommitLineData
2e13c635
MM
1diff -uNr ettercap-0.6.4.orig/configure.in ettercap-0.6.4/configure.in
2--- ettercap-0.6.4.orig/configure.in Mon Feb 11 22:28:37 2002
3+++ ettercap-0.6.4/configure.in Sat Feb 16 16:50:12 2002
4@@ -401,14 +401,14 @@
449fed60
MM
5 ncurses_warn=0
6 curses_warn=0
7
8- AC_CHECK_HEADERS(ncurses.h,,ncurses_warn=1)
9+ AC_CHECK_HEADERS(ncurses/ncurses.h,,ncurses_warn=1)
10 AC_CHECK_LIB(ncurses,newpad,,ncurses_warn=1)
11
12 if test $ncurses_warn -ne 1; then
13 AC_DEFINE(HAVE_NCURSES,1)
14 ac_cv_ec_ncurses=yes
15 else
16- AC_CHECK_HEADERS(curses.h,,curses_warn=1)
17+ AC_CHECK_HEADERS(ncurses/curses.h,,curses_warn=1)
18 AC_CHECK_LIB(curses,newpad,,curses_warn=1)
19 AC_CHECK_LIB(curses,mvwgetnstr,,curses_warn=1)
20
2e13c635 21@@ -426,7 +426,7 @@
449fed60
MM
22 form_warn=0
23
24 if test "$ncurses_warn$curses_warn" = "00"; then
25- AC_CHECK_HEADERS(form.h,,form_warn=1)
26+ AC_CHECK_HEADERS(ncurses/form.h,,form_warn=1)
27 AC_CHECK_LIB(form,form_win,,form_warn=1)
28
29 if test $form_warn -ne 1; then
2e13c635 30@@ -458,12 +458,12 @@
449fed60
MM
31 ac_cv_ec_debug=yes
32 ;;
33 no) AC_MSG_RESULT(no.)
34- CFLAGS="-O3 -funroll-loops -fomit-frame-pointer -Wall"
35+ CFLAGS="${CFLAGS} -funroll-loops -fomit-frame-pointer -Wall"
36 ac_cv_ec_debug=no
37 ;;
38 esac ],
39 AC_MSG_RESULT(no. disabled by default.)
40- CFLAGS="-O3 -funroll-loops -fomit-frame-pointer -Wall"
41+ CFLAGS="${CFLAGS} -funroll-loops -fomit-frame-pointer -Wall"
42 ac_cv_ec_debug=no
43 )
44 AC_SUBST(DEBUG)
2e13c635
MM
45diff -uNr ettercap-0.6.4.orig/configure.in.orig ettercap-0.6.4/configure.in.orig
46--- ettercap-0.6.4.orig/configure.in.orig Thu Jan 1 01:00:00 1970
47+++ ettercap-0.6.4/configure.in.orig Mon Feb 11 22:28:37 2002
48@@ -0,0 +1,675 @@
49+dnl
50+dnl ettercap -- configure script
51+dnl
52+dnl Copyright (C) 2001 ALoR <alor@users.sourceforge.net>, NaGA <crwm@freemail.it>
53+dnl
54+dnl This program is free software; you can redistribute it and/or modify
55+dnl it under the terms of the GNU General Public License as published by
56+dnl the Free Software Foundation; either version 2 of the License, or
57+dnl (at your option) any later version.
58+dnl
59+dnl This program is distributed in the hope that it will be useful,
60+dnl but WITHOUT ANY WARRANTY; without even the implied warranty of
61+dnl MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
62+dnl GNU General Public License for more details.
63+dnl
64+dnl You should have received a copy of the GNU General Public License
65+dnl along with this program; if not, write to the Free Software
66+dnl Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
67+dnl
68+dnl $Id$
69+dnl
70+
71+AC_INIT(src/ec_main.c)
72+AC_CONFIG_HEADER(config.h)
73+
74+SB=`./shtool echo -n -e %B`
75+EB=`./shtool echo -n -e %b`
76+
77+AC_SUBST(SB)
78+AC_SUBST(EB)
79+
80+VERSION=`grep VERSION ./src/include/ec_main.h | cut -f2 -d"\""`
81+AC_SUBST(VERSION)
82+
83+PROG=`grep PROGRAM ./src/include/ec_main.h | cut -f2 -d"\""`
84+AC_SUBST(PROG)
85+
86+EC_MESSAGE(Configuring $PROG-$VERSION)
87+
88+SERIAL=`date +%Y%m%d`
89+AC_SUBST(SERIAL)
90+
91+RELEASE=1
92+AC_SUBST(RELEASE)
93+
94+SOURCES=`ls ./src/ec_*.c | awk ' { printf "%s ", $1 } '`
95+AC_SUBST(SOURCES)
96+
97+
98+dnl =========================================
99+dnl Enable Developmen feature or portings
100+dnl =========================================
101+
102+AC_ARG_ENABLE(devel, [ --enable-devel enable the undeveloped (alpha) features.],
103+[ case "$enableval" in
104+ yes)
105+ development=1
106+ ;;
107+ no)
108+ development=0
109+ ;;
110+esac ],
111+ development=0
112+)
113+
114+dnl ================
115+dnl Check the OS
116+dnl ================
117+
118+AC_CANONICAL_SYSTEM
119+case "$target_os" in
120+*linux*)
121+ EC_LINUX_KERNEL()
122+ OS=LINUX
123+ OS_OPT=
124+ ;;
125+*freebsd*)
126+ EC_FREEBSD_VERSION()
127+ OS=FREEBSD
128+ OS_OPT=
129+ ;;
130+*netbsd*)
131+ OS=NETBSD
132+ OS_OPT=
133+ ;;
134+*openbsd*)
135+ OS=OPENBSD
136+ OS_OPT=
137+ ;;
138+*darwin*)
139+ EC_DARWIN_KERNEL()
140+ OS=MACOSX
141+ OS_OPT=
142+ STRIPOPTION="-x"
143+ ;;
144+*cygwin*)
145+ if test $development -ne 1; then
146+ echo
147+ echo "CYGWIN PORTING IS IN PROGRESS..."
148+ echo "STAY TUNED FOR THE NEXT RELEASE"
149+ echo
150+ echo "you can try to compile and run it"
151+ echo "by configuring with the --enable-devel flag"
152+ echo "TRY AT YOUR OWN RISK"
153+ echo
154+ exit
155+ fi
156+ OS=CYGWIN
157+ OS_OPT=
158+ ;;
159+*solaris*)
160+ if test $development -ne 1; then
161+ echo
162+ echo "WE ARE VERY VERY SORRY, BUT STILL NO SOLARIS PORT"
163+ echo "WE ARE WORKING ON IT..."
164+ echo "IF YOU WANT TO CONTRIBUTE WITH PORTING:"
165+ echo "run ./configure --enable-devel "
166+ echo "and report bugs"
167+ echo
168+ exit
169+ fi
170+ OS=SOLARIS
171+ OS_OPT=
172+ ;;
173+*)
174+ echo
175+ echo "NOT A SUPPORTED SYSTEM / OR SYSTEM NOT RECOGNIZED"
176+ echo
177+ cat PORTINGS
178+ echo
179+ exit
180+ ;;
181+esac
182+
183+AC_SUBST(OS)
184+AC_SUBST(OS_OPT)
185+AC_SUBST(STRIPOPTION)
186+
187+dnl ======================
188+dnl Initialize prefix.
189+dnl ======================
190+
191+AC_PREFIX_DEFAULT(/usr/local)
192+
193+if test "$prefix" = "NONE"; then
194+ prefix="/usr/local"
195+fi
196+
197+
198+dnl ========================
199+dnl Check the C compiler
200+dnl ========================
201+
202+AC_PROG_CC
203+AC_PROG_INSTALL
204+AC_PROG_MAKE_SET
205+AC_PROG_GCC_TRADITIONAL
206+
207+dnl ======================
208+dnl Machine Endianness
209+dnl ======================
210+
211+AC_C_BIGENDIAN
212+
213+dnl ======================
214+dnl OS specific checks
215+dnl ======================
216+
217+
218+if test "$OS" = "LINUX"; then
219+
220+ dnl ===========================
221+ dnl Check for Socket Packet
222+ dnl ===========================
223+
224+ EC_PF_PACKET()
225+ EC_SOCK_PACKET()
226+
227+ if test "$ac_cv_ec_nopf" = 1 && test "$ac_cv_ec_nosock" = 1; then
228+ AC_MSG_WARN(*************************************);
229+ AC_MSG_WARN(* You can't create Socket Packet !! *);
230+ AC_MSG_WARN(*************************************);
231+ exit;
232+ fi
233+
234+ dnl ===========================================
235+ dnl Check for /proc/sys/net/ipv4/ip_forward
236+ dnl ===========================================
237+
238+ AC_PATH_PROGS(IPFORWARD,ip_forward,no,/proc/sys/net/ipv4)
239+ if test "$IPFORWARD" = no; then
240+ AC_MSG_WARN(*****************************************************************)
241+ AC_MSG_WARN(* /proc/sys/net/ipv4/ip_forward not found !! *)
242+ AC_MSG_WARN(* please disable manually ip_forwarding before running ettercap *)
243+ AC_MSG_WARN(*****************************************************************)
244+ else
245+ AC_DEFINE(HAVE_PROC_FORWARDING)
246+ fi
247+
248+fi
249+
250+
251+
252+if test "$OS" = "FREEBSD" -o "$OS" = "OPENBSD" -o "$OS" = "NETBSD" -o "$OS" = "MACOSX"; then
253+
254+ AC_MSG_CHECKING(link-layer packet interface)
255+
256+ if test -r /dev/bpf0 ; then
257+ AC_MSG_RESULT(found bpf)
258+ elif test -c /dev/bpf0 ; then
259+ AC_MSG_RESULT(found bpf)
260+ else
261+ AC_MSG_WARN(*********************************************************);
262+ AC_MSG_WARN(* /dev/bpf0 not found !! please reconfigure your kernel *);
263+ AC_MSG_WARN(*********************************************************);
264+ exit;
265+ fi
266+
267+fi
268+
269+
270+
271+if test "$OS" = "SOLARIS"; then
272+
273+ AC_CHECK_HEADERS(sys/bufmod.h sys/dlpi_ext.h)
274+ AC_MSG_CHECKING(for /dev/dlpi device)
275+ if test -c /dev/dlpi; then
276+ AC_MSG_RESULT(yes)
277+ AC_DEFINE(HAVE_DEV_DLPI)
278+ else
279+ AC_MSG_RESULT(no)
280+ dir="/dev/dlpi"
281+ AC_MSG_CHECKING(for $dir directory)
282+ if test -d $dir ; then
283+ AC_MSG_RESULT(yes)
284+ AC_DEFINE_UNQUOTED(DLPI_DEV_PREFIX, "$dir")
285+ else
286+ AC_MSG_RESULT(no)
287+ fi
288+ fi
289+
290+fi
291+
292+if test "$OS" = "CYGWIN"; then
293+
294+ AC_MSG_CHECKING(for WinPcap developer's pack)
295+ AC_ARG_WITH(wpdpack,
296+ [ --with-wpdpack=DIR use WinPcap developer's pack in DIR],
297+ [ AC_MSG_RESULT($withval)
298+ if test -f $withval/include/packet32.h -a -f $withval/lib/packet.a; then
299+ COPTS="$COPTS -I$withval/include"
300+ LIBS="$LIBS -L$withval/lib -lpacket -lws2_32"
301+ else
302+ AC_MSG_ERROR(packet32.h or packet.a not found in $withval)
303+ fi ],
304+ [ for dir in ${prefix} ${HOME}/WPdpack ; do
305+ if test -f ${dir}/include/packet32.h -a -f ${dir}/lib/packet.a; then
306+ COPTS="$COPTS -I${dir}/include"
307+ LIBS="$LIBS -L${dir}/lib -lpacket -lws2_32"
308+ have_pcap=yes
309+ break;
310+ fi
311+ done
312+ if test "$have_pcap" != yes; then
313+ AC_MSG_ERROR(WinPcap developer's pack not found)
314+ fi
315+ AC_MSG_RESULT(yes) ])
316+
317+fi
318+
319+dnl ===========================
320+dnl Check for programs path
321+dnl ===========================
322+
323+AC_PATH_PROG(WGET_PATH, "wget")
324+ if test -n "$WGET_PATH"; then
325+ AC_DEFINE_UNQUOTED(WGET_PATH, "$WGET_PATH")
326+ else
327+ AC_DEFINE_UNQUOTED(WGET_PATH, "")
328+ fi
329+
330+
331+dnl =====================
332+dnl Check for headers
333+dnl =====================
334+
335+AC_HEADER_STDC
336+AC_HEADER_DIRENT
337+AC_HEADER_TIME
338+AC_CHECK_HEADERS(getopt.h)
339+AC_CHECK_HEADERS(fcntl.h termios.h ctype.h)
340+AC_CHECK_HEADERS(sys/time.h sys/utsname.h)
341+AC_CHECK_HEADERS(ifaddrs.h)
342+
343+dnl These are required !!
344+AC_CHECK_HEADERS(unistd.h stdlib.h signal.h stdarg.h sys/ioctl.h,,
345+ AC_MSG_WARN(**************************************************);
346+ AC_MSG_WARN(* REQUIRED !! I cant believe U don't have this !!*);
347+ AC_MSG_WARN(**************************************************);
348+ exit)
349+
350+AC_CHECK_HEADERS(dirent.h errno.h,,
351+ AC_MSG_WARN(***************);
352+ AC_MSG_WARN(* REQUIRED !! *);
353+ AC_MSG_WARN(***************);
354+ exit)
355+
356+AC_CHECK_HEADERS(net/ethernet.h net/if_arp.h net/if.h)
357+AC_CHECK_HEADERS(netinet/ip.h netinet/ip_icmp.h netinet/tcp.h)
358+AC_CHECK_HEADERS(sys/sockio.h)
359+
360+
361+dnl ==================================================================
362+dnl Checks for typedefs, structures, and compiler characteristics.
363+dnl ==================================================================
364+
365+AC_STRUCT_TM
366+EC_SOCKLEN_CHECK
367+AC_TYPE_PID_T
368+AC_TYPE_SIZE_T
369+AC_C_CONST
370+AC_LBL_SOCKADDR_SA_LEN
371+AC_LBL_UNALIGNED_ACCESS
372+
373+dnl =====================
374+dnl Check for libs
375+dnl =====================
376+
377+AC_FUNC_MALLOC
378+AC_FUNC_MEMCMP
379+AC_TYPE_SIGNAL
380+AC_FUNC_VPRINTF
381+EC_PTHREAD_CHECK()
382+AC_SEARCH_LIBS(log,c m)
383+AC_SEARCH_LIBS(pow,c m)
384+AC_SEARCH_LIBS(gethostbyname,c nsl,,AC_MSG_ERROR(libnsl not found.))
385+AC_SEARCH_LIBS(socket,c socket,,AC_MSG_ERROR(libsocket not found.))
386+AC_SEARCH_LIBS(dn_expand,c resolv,,)
387+AC_CHECK_FUNCS(getifaddrs)
388+AC_CHECK_FUNCS(gettimeofday)
389+AC_CHECK_FUNCS(vsnprintf)
390+AC_CHECK_FUNCS(select strdup strerror strstr strsignal)
391+AC_CHECK_FUNCS(uname)
392+
393+
394+dnl ===============================
395+dnl Check for non standard libs
396+dnl ===============================
397+
398+MISSING=""
399+MISSLIBS=""
400+
401+AC_CHECK_FUNCS(getopt_long,,MISSING="$MISSING ./src/missing/getopt.c ./src/missing/getopt1.c"
402+ MISSLIBS="$MISSLIBS ./src/missing/getopt.o ./src/missing/getopt1.o")
403+AC_CHECK_FUNCS(strlcat,,MISSING="$MISSING ./src/missing/strlcat.c"
404+ MISSLIBS="$MISSLIBS ./src/missing/strlcat.o")
405+AC_CHECK_FUNCS(strlcpy,,MISSING="$MISSING ./src/missing/strlcpy.c"
406+ MISSLIBS="$MISSLIBS ./src/missing/strlcpy.o")
407+AC_CHECK_FUNCS(strsep,,MISSING="$MISSING ./src/missing/strsep.c"
408+ MISSLIBS="$MISSLIBS ./src/missing/strsep.o")
409+AC_CHECK_FUNCS(memmem,,MISSING="$MISSING ./src/missing/memmem.c"
410+ MISSLIBS="$MISSLIBS ./src/missing/memmem.o")
411+AC_CHECK_FUNCS(inet_aton,,MISSING="$MISSING ./src/missing/inet_aton.c"
412+ MISSLIBS="$MISSLIBS ./src/missing/inet_aton.o")
413+AC_CHECK_FUNCS(scandir,,MISSING="$MISSING ./src/missing/scandir.c"
414+ MISSLIBS="$MISSLIBS ./src/missing/scandir.o")
415+
416+AC_SUBST(MISSING)
417+AC_SUBST(MISSLIBS)
418+
419+
420+dnl =======================================
421+dnl Check user defined --enable-FEATURE
422+dnl =======================================
423+
424+EC_MESSAGE(Checking user defined options)
425+
426+dnl -----------------------
427+dnl -- NCURSES INTERFACE --
428+dnl -----------------------
429+
430+check_ncurses=0
431+AC_MSG_CHECKING([if --enable-ncurses option is specified])
432+AC_ARG_ENABLE(ncurses, [ --enable-ncurses enable the ncurses interface.],
433+[ case "$enableval" in
434+ yes)
435+ AC_MSG_RESULT(yes.)
436+ check_ncurses=1
437+ ;;
438+ no) AC_MSG_RESULT(no.)
439+ ;;
440+esac ],
441+ AC_MSG_RESULT(yes. enabled by default.)
442+ check_ncurses=1
443+)
444+
445+ac_cv_ec_ncurses=no
446+ac_cv_ec_form=no
447+
448+if test $check_ncurses -ne 0; then
449+ ncurses_warn=0
450+ curses_warn=0
451+
452+ AC_CHECK_HEADERS(ncurses.h,,ncurses_warn=1)
453+ AC_CHECK_LIB(ncurses,newpad,,ncurses_warn=1)
454+
455+ if test $ncurses_warn -ne 1; then
456+ AC_DEFINE(HAVE_NCURSES,1)
457+ ac_cv_ec_ncurses=yes
458+ else
459+ AC_CHECK_HEADERS(curses.h,,curses_warn=1)
460+ AC_CHECK_LIB(curses,newpad,,curses_warn=1)
461+ AC_CHECK_LIB(curses,mvwgetnstr,,curses_warn=1)
462+
463+ if test $curses_warn -ne 1; then
464+ AC_DEFINE(HAVE_NCURSES,1)
465+ ac_cv_ec_ncurses=yes
466+ else
467+ AC_MSG_WARN(***********************************************)
468+ AC_MSG_WARN(* NCURSES are NOT available in your system !! *)
469+ AC_MSG_WARN(* Interactive mode will not be supported! *)
470+ AC_MSG_WARN(***********************************************)
471+ fi
472+ fi
473+
474+ form_warn=0
475+
476+ if test "$ncurses_warn$curses_warn" = "00"; then
477+ AC_CHECK_HEADERS(form.h,,form_warn=1)
478+ AC_CHECK_LIB(form,form_win,,form_warn=1)
479+
480+ if test $form_warn -ne 1; then
481+ AC_DEFINE(HAVE_FORM,1)
482+ ac_cv_ec_form=yes
483+ else
484+ AC_MSG_WARN(**********************************************)
485+ AC_MSG_WARN(* FORM are NOT available in your system !! *)
486+ AC_MSG_WARN(* some interface will be less pleasureful... *)
487+ AC_MSG_WARN(**********************************************)
488+ fi
489+ fi
490+fi
491+
492+
493+
494+
495+dnl -----------
496+dnl -- DEBUG --
497+dnl -----------
498+
499+AC_MSG_CHECKING([if --enable-debug option is specified])
500+AC_ARG_ENABLE(debug, [ --enable-debug create a file for debugging messages.],
501+[ case "$enableval" in
502+ yes)
503+ DEBUG="-DDEBUG"
504+ CFLAGS="-g -ggdb -Wmissing-prototypes -Werror -Wall"
505+ AC_MSG_RESULT(yes)
506+ ac_cv_ec_debug=yes
507+ ;;
508+ no) AC_MSG_RESULT(no.)
509+ CFLAGS="-O3 -funroll-loops -fomit-frame-pointer -Wall"
510+ ac_cv_ec_debug=no
511+ ;;
512+esac ],
513+ AC_MSG_RESULT(no. disabled by default.)
514+ CFLAGS="-O3 -funroll-loops -fomit-frame-pointer -Wall"
515+ ac_cv_ec_debug=no
516+)
517+AC_SUBST(DEBUG)
518+
519+dnl -------------
520+dnl -- PLUGINS --
521+dnl -------------
522+
523+check_plugins=0
524+AC_MSG_CHECKING([if --enable-plugins option is specified])
525+AC_ARG_ENABLE(plugins, [ --enable-plugins enable the use of plugins in ettercap.],
526+[ case "$enableval" in
527+ yes)
528+ AC_MSG_RESULT(yes.)
529+ check_plugins=1
530+ ;;
531+ no) AC_MSG_RESULT(no.)
532+ ac_cv_ec_plugin=no
533+ ;;
534+esac ],
535+ AC_MSG_RESULT(yes. enabled by default.)
536+ check_plugins=1
537+)
538+
539+
540+if test $check_plugins -ne 0; then
541+ plugins_warn=0
542+ AC_CHECK_HEADERS(dlfcn.h,,plugins_warn=1)
543+ AC_SEARCH_LIBS(dlopen, dl c,,plugins_warn=1)
544+
545+ if test $plugins_warn -ne 1; then
546+ AC_DEFINE(PERMIT_PLUGINS,1)
547+ ac_cv_ec_plugin=yes
548+ AC_MSG_CHECKING([for gcc option to produce PIC])
549+ if test "$OS" = "MACOSX"; then
550+ PICFLAG="-bundle -undefined $ac_cv_ec_undefined -bundle_loader ../../ettercap"
551+ elif test "$OS" = "SOLARIS"; then
552+ PICFLAG="-fPIC -DPIC -shared"
553+ elif test "$OS" = "CYGWIN"; then
554+ PICFLAG="-DPIC -shared"
555+ else
556+ LIBS="$LIBS -rdynamic"
557+ PICFLAG="-fPIC -DPIC -shared"
558+ fi
559+ AC_MSG_RESULT($PICFLAG)
560+ AC_SUBST(PICFLAG)
561+ else
562+ AC_MSG_WARN(***********************************************)
563+ AC_MSG_WARN(* Plugins are NOT supported by your system !! *)
564+ if test "$OS" = "MACOSX"; then
565+ AC_MSG_WARN(* *)
566+ AC_MSG_WARN(* You have to install the dlcompat library... *)
567+ fi
568+ AC_MSG_WARN(***********************************************)
569+ ac_cv_ec_plugin=no
570+ fi
571+fi
572+
573+
574+dnl ---------
575+dnl -- SSH --
576+dnl ---------
577+
578+check_ssh=0
579+AC_ARG_WITH(openssl, [ --with-openssl=DIR use OpenSSL in DIR],
580+[ case "$withval" in
581+ no)
582+ AC_MSG_CHECKING(for OpenSSL)
583+ AC_MSG_RESULT(no)
584+ ac_cv_ec_ssh=no
585+ ;;
586+ *)
587+ AC_MSG_CHECKING(for OpenSSL in $withval)
588+ check_ssh=1
589+ ssl_path=$withval
590+ ;;
591+ esac ],
592+ [ AC_MSG_CHECKING(for OpenSSL in ${prefix})
593+ check_ssh=1
594+ ssl_path=${prefix}
595+ ]
596+)
597+
598+
599+if test $check_ssh -ne 0; then
600+
601+ if test -f $ssl_path/include/openssl/ssl.h; then
602+ COPTS="$COPTS -I$ssl_path/include"
603+ LIBS="$LIBS -L$ssl_path/lib -lssl -lcrypto"
604+ AC_DEFINE(HAVE_OPENSSL,1)
605+ ac_cv_ec_ssh=yes
606+ AC_MSG_RESULT(yes)
607+ elif test -f $ssl_path/ssl/include/openssl/ssl.h; then
608+ COPTS="$COPTS -I$ssl_path/ssl/include"
609+ LIBS="$LIBS -L$ssl_path/ssl/lib -lssl -lcrypto"
610+ AC_DEFINE(HAVE_OPENSSL,1)
611+ ac_cv_ec_ssh=yes
612+ AC_MSG_RESULT(yes)
613+ elif test -f /usr/include/openssl/ssl.h; then
614+ LIBS="$LIBS -lssl -lcrypto"
615+ AC_DEFINE(HAVE_OPENSSL,1)
616+ ac_cv_ec_ssh=yes
617+ AC_MSG_RESULT(yes)
618+ else
619+ AC_MSG_RESULT(no)
620+ ac_cv_ec_ssh=no
621+ AC_MSG_WARN(**********************************************)
622+ AC_MSG_WARN(* OpenSSL is NOT installed in your system !! *)
623+ AC_MSG_WARN(* SSH support will NOT be available... *)
624+ AC_MSG_WARN(**********************************************)
625+ fi
626+
627+ AC_PATH_PROG(OPENSSL_PATH, "openssl",, "$PATH:/usr/local/ssl/bin")
628+ if test -n "$OPENSSL_PATH"; then
629+ AC_DEFINE_UNQUOTED(OPENSSL_PATH, "$OPENSSL_PATH")
630+ else
631+ AC_DEFINE_UNQUOTED(OPENSSL_PATH, "")
632+ fi
633+
634+fi
635+
636+
637+dnl -----------
638+dnl -- HTTTS --
639+dnl -----------
640+
641+AC_MSG_CHECKING([if --enable-https option is specified])
642+AC_ARG_ENABLE(https, [ --enable-https permit https dissection (invasive).],
643+[ case "$enableval" in
644+ yes)
645+ if test "$OS" = "MACOSX" -o "$OS" = "SOLARIS" -o "$OS" = "CYGWIN"; then
646+ AC_MSG_RESULT(NOT available on this OS)
647+ ac_cv_ec_https=no
648+ else
649+ AC_DEFINE(PERMIT_HTTPS,1)
650+ AC_MSG_RESULT(yes)
651+ ac_cv_ec_https=yes
652+ fi
653+ ;;
654+ no) AC_MSG_RESULT(no)
655+ ac_cv_ec_https=no
656+ ;;
657+ esac ],
658+ if test "$OS" = "MACOSX" -o "$OS" = "SOLARIS" -o "$OS" = "CYGWIN"; then
659+ AC_MSG_RESULT(NOT available on this OS)
660+ ac_cv_ec_https=no
661+ elif test "$OS" = "OPENBSD" -o "$OS" = "FREEBSD" -o "$OS" = "NETBSD"; then
662+ AC_MSG_RESULT(no.)
663+ ac_cv_ec_https=no
664+ AC_MSG_WARN(***************************************************)
665+ AC_MSG_WARN(* HTTPS dissection in in ALPHA state under BSD... *)
666+ AC_MSG_WARN(* I discourage you to enable it. *)
667+ AC_MSG_WARN(* But if you want use at your own risk *)
668+ AC_MSG_WARN(***************************************************)
669+ else
670+ AC_MSG_RESULT(yes. enabled by default.)
671+ AC_DEFINE(PERMIT_HTTPS,1)
672+ ac_cv_ec_https=yes
673+ fi
674+
675+)
676+
677+
678+dnl ===============
679+dnl FINISHED !!
680+dnl ===============
681+
682+AC_SUBST(COPTS)
683+
684+EC_MESSAGE(Writing output files)
685+
686+PLUGINS=`ls ./plugins | grep -v -E "Make|CVS" | awk ' { printf "%s ", $1 } '`
687+AC_SUBST(PLUGINS)
688+
689+makeplug=`ls ./plugins | grep -v -E "Make|CVS" | awk '{ printf("plugins/%s/Makefile ", $1) }'`
690+
691+AC_OUTPUT(ettercap.spec ettercap.8 Makefile $makeplug plugins/Makefile)
692+
693+
694+dnl ===============
695+dnl THE SUMMARY
696+dnl ===============
697+
698+
699+EC_MESSAGE(Ettercap has been configured as follow)
700+
701+echo "=================================================="
702+echo
703+ EC_CHECK_OPTION(" Install directory: ",${prefix})
704+echo
705+echo
706+ EC_CHECK_OPTION(" DEBUG mode ....... ",${ac_cv_ec_debug})
707+ EC_CHECK_OPTION(" NCURSES support .. ",${ac_cv_ec_ncurses})
708+ EC_CHECK_OPTION(" FORM support ..... ",${ac_cv_ec_form})
709+ EC_CHECK_OPTION(" PLUGIN support ... ",${ac_cv_ec_plugin})
710+ EC_CHECK_OPTION(" SSH support ...... ",${ac_cv_ec_ssh})
711+ EC_CHECK_OPTION(" HTTPS support .... ",${ac_cv_ec_https})
712+echo
713+echo "=================================================="
714+echo
715+echo
716+echo For a list of all possible make processes, type \`${SB}make help${EB}\`
717+echo
718+echo
719+
720+
721+
449fed60 722+EC_CHECK_DATE()
2e13c635
MM
723+
724diff -uNr ettercap-0.6.4.orig/ettercap.8 ettercap-0.6.4/ettercap.8
725--- ettercap-0.6.4.orig/ettercap.8 Thu Jan 1 01:00:00 1970
726+++ ettercap-0.6.4/ettercap.8 Sat Feb 16 16:50:12 2002
1d0ff707 727@@ -0,0 +1,552 @@
728+.\" ettercap -- a ncurses-based sniffer/interceptor utility for switched LAN
729+.\"
730+.\" Copyright (C) 2001 ALoR <alor@users.sourceforge.net>, NaGA <crwm@freemail.it>
731+.\"
732+.\" This program is free software; you can redistribute it and/or modify
733+.\" it under the terms of the GNU General Public License as published by
734+.\" the Free Software Foundation; either version 2 of the License, or
735+.\" (at your option) any later version.
736+.\"
737+.\" This program is distributed in the hope that it will be useful,
738+.\" but WITHOUT ANY WARRANTY; without even the implied warranty of
739+.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
740+.\" GNU General Public License for more details.
741+.\"
742+.\" You should have received a copy of the GNU General Public License
743+.\" along with this program; if not, write to the Free Software
744+.\" Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
745+.de Sp
746+.if n .sp
747+.if t .sp 0.4
748+..
749+.TH ETTERCAP "8" "20010906" "ettercap 0.5.4"
750+.SH NAME
751+.B ettercap 0.5.4 \- A multipurpose sniffer over switched LANs
752+
753+.SH SYNOPSIS
754+.B ettercap
755+[\fIOPTIONS\fR] [\fIHOST:PORT\fR] [\fIHOST:PORT\fR] [\fIMAC\fR] [\fIMAC\fR]
756+
757+.SH DESCRIPTION
758+Ettercap was born as a sniffer for switched LAN (and obviously even "hubbed" one),
759+but during the development process it has gained more and more feature that have
760+changed it to a powerful and flexible tool for man-in-the-middle attacks.
761+It supports active and passive dissection of many protocols (even ciphered ones)
762+and includes many feature for network and host analysis (such as OS fingerprint).
763+.PP
764+It has five sniffing methods:
765+.br
766++ IPBASED, the packets are filtered matching IP:PORT source and IP:PORT dest
767+.br
768++ MACBASED, packets filtered matching the source and dest MAC address. (useful
769+to sniff connections through gateway)
770+.br
771++ ARPBASED, uses arp poisoning to sniff in switched LAN between two hosts
772+(full-duplex m-i-t-m).
773+.br
774++ SMARTARP, uses arp poisoning to sniff in switched LAN from a victim host to all other
775+hosts knowing the entire list of the hosts (full-duplex m-i-t-m).
776+.br
777++ PUBLICARP, uses arp poison to sniff in switched LAN from a victim host to all other
778+hosts (half-duplex).
779+.br
780+With this method the ARP replies are sent in broadcast, but if ettercap has the complete
781+host list (on start up it has scanned the LAN) SMARTARP method is automatically selected,
782+and the arp replies are sent to all the hosts but the victim, avoiding conflicting MAC
783+addresses as reported by win2K.
784+.PP
785+The most relevant ettercap features are:
786+.PP
787+.B Characters injection in an established connection :
788+you can inject character to server (emulating commands) or to client (emulating replies)
789+maintaining the connection alive !!
790+.PP
791+.B SSH1 support :
792+you can sniff User and Pass, and even the data of an SSH1 connection. ettercap is the
793+first software capable to sniff an SSH connection in FULL-DUPLEX
794+.PP
795+.B HTTPS support :
796+you can sniff http SSL secured data... and even if the connection is made through a PROXY
797+.PP
798+.B Plug-ins support :
799+You can create your own plugin using the ettercap's API.
800+.PP
801+.B Password collector for :
802+TELNET, FTP, POP, RLOGIN, SSH1, ICQ, SMB, MySQL, HTTP, NNTP, X11, NAPSTER, IRC, RIP, BGP,
803+SOCKS 5, IMAP 4, VNC (other protocols coming soon...)
804+.PP
805+.B Packet filtering/dropping:
806+You can set up a filter chain that search for a particular string (even hex) in the TCP
807+or UDP payload and replace it with yours or drop the entire packet.
808+.PP
809+.B OS fingerprint:
810+you can fingerprint the OS of the victim host and even its network adapter (it uses the
811+nmap (c) Fyodor database)
812+.PP
813+.B Kill a connection:
814+from the connections list you can kill all the connections you want
815+.PP
816+.B Packet factory:
817+You can create and sent packet forged on the fly. The factory let you to forge from Ethernet
818+header to application level.
819+
820+.PP
821+.SH OPTIONS
822+Options that make sense together can generally be combined. ettercap will warn the user
823+about unsupported option combinations.
824+.TP
825+.B SNIFFING METHODS
826+.TP
827+\fB\-a\fR, \fB\-\-arpsniff\fR
828+ARP BASED sniffing
829+.br
830+This is THE sniffing method for switched LAN, and if you want to use the man-in-the-middle
831+technique you have to use it. In conjunction with the silent mode (-z option) you must
832+specify two IP and two MAC for ARPBASED (full-duplex) or one IP and one MAC for PUBLICARP
833+(half-duplex). in PUBLICARP the ARP replies are sent in broadcast, but if ettercap has
834+the complete host list (on start up it has scanned the LAN) SMARTARP method is automatically
835+selected, and the arp replies are sent to all the hosts but the victim, and an hash table
836+is created to re-route back the packet form victim to client obtaining in this way a full-duplex
837+man in the middle attack.
838+.br
839+Filters that have as action a replacement or a drop, can be used only with ARPBASED
840+sniffing because it is necessary to re-adjust the sequence number in full-duplex in order
841+to maintain the connection alive.
842+.TP
843+\fB\-s\fR, \fB\-\-sniff\fR
844+IP BASED sniffing
845+.br
846+This is the good old style sniffing method. It rocks on "hubbed" LAN, but useless on switched
847+ones. You can choose the target specifying only source, only dest, with or without port, or
848+nothing (to sniff all connections). A special ip "ANY" means from or to every host.
849+.TP
850+\fB\-m\fR, \fB\-\-macsniff\fR
851+MAC BASED sniffing (you must select two host for this)
852+.br
853+Very useful to sniff TCP traffic with remote hosts. On hubbed LANs if you want to sniff a
854+connection through a gateway is useless to specify the victim's ip and the gateway's ip,
855+because the packet are for an external host, not for the gateway. So you can use this method.
856+Simply specify the victim's MAC and the gateway's MAC and you will see all the connections
857+from and to the Internet.
858+
859+
860+.TP
861+.B GENERAL OPTIONS
862+.TP
863+\fB\-N\fR, \fB\-\-simple\fR
864+NON interactive mode (without ncurses)
865+.br
866+This method is useful if you want to launch ettercap from a script or if you already
867+know some informations of your target or if you want to launch ettercap in background
868+collecting data or password for you (in combination with the --quiet option).
869+.br
870+Some features are not available in this method, obviously the ones which requires
871+interaction with the user, such as characters injection. But others (for example filtering)
872+are fully supported, so you can set up ettercap to poison two host (a victim and its gateway)
873+and to filter all its connection on the port 80 and replace some string with others,
874+all its traffic to the Internet will be changed as you wish.
875+.TP
876+\fB\-z\fR, \fB\-\-silent\fR
877+start in silent mode (no arp storm on start up)
878+.br
879+If you want to launch ettercap with a non invasive method (some NIDS may raise a warn
880+if they detects too much arp request). You have to know all the requested data of the
881+target in order to use this options. For example if you want to poison two host, you need
882+the two IP and the two MAC addresses of the victims.
883+If you select ipsniff or macsniff this method is automatically selected, because you don't
884+need to know the list of the host in the LAN.
885+.br
886+To know the entire list of the hosts use "ettercap -Nl", but remember that it is a invasive
887+method.
888+.TP
889+\fB\-b\fR, \fB\-\-broadping\fR
890+use a broadcast ping instead of arp storm on start up.
891+.br
892+this method is less intrusive, but even less accurate. some hosts will not respond at the
893+broadcast ping (es. Windows) so they remain invisible to this method. Useful if you want to
894+scan a LAN with Linux hosts. As usual you can combine this option with --list to have a
895+list of the hosts "ettercap -Nlb"
896+.TP
897+\fB\-D\fR, \fB\-\-delay <n sec>\fR
898+the delay in seconds between the arp replies if you have selected an ARP poison sniffing
899+method. This is useful if you want to be less aggressive in the poisoning. On many OS the
900+default validity interval of the arp cache is more than a minute (on FreeBSD is 1200 sec).
901+.br
902+The default delay value is 30 sec.
903+.TP
904+\fB\-Z\fR, \fB\-\-stormdelay <n usec>\fR
905+the delay in micro-seconds between the arp request on arp storm at start up.
906+This is useful if you want to be less aggressive in the scanning. Many IDS will report
907+massive arp request, but if you send them in a slower rate, they will not report any strange
908+behavior.
909+.br
910+The default delay value is 1500 usec.
911+.TP
912+\fB\-S\fR, \fB\-\-spoof <IP>\fR
913+If you want to elude some IDS, you can specify a spoofed IP used to scan the LAN with
914+arp request. The source MAC can't be spoofed because a well configured switch will block
915+your request.
916+.TP
917+\fB\-H\fR, \fB\-\-hosts <IP1[,IP2][,IP3][,...]>\fR
918+on start up, scan only these hosts.
919+.br
920+this is useful if you want to use an ARP scanning of the LAN but only on certain IPs.
921+so you can benefit from a ARP scan but remaining less invasive.
922+Useful even if you want to do PUBLIC ARP but you want to poison only specific hosts.
923+since with a list PUBLIC ARP is automatically converted to SMARTARP, only these host
924+will be poisoned and you can leave untouched the arp caches of the other hosts.
925+.br
926+the IP list must be in dotted notation and separated by comma (without black spaces
927+between them), you can use wildcards.
928+.br
929+eg: 192.168.0.2? --> from 20 to 29
930+.br
931+ 192.168.0.1* --> host 1, from 10 to 19 and from 100 to 199
932+.TP
933+\fB\-d\fR, \fB\-\-dontresolve\fR
934+don't resolve IPs on start up. this is useful if you experience an insane "Resolving
935+n hostnames..." message on start up. This is due to a very slow DNS in your environment.
936+.TP
937+\fB\-i\fR, \fB\-\-iface <IFACE>\fR
938+network interface to be used for all the operation. you can even specify network aliases
939+in order to scan a subnet with different ip form your current one.
940+.TP
941+\fB\-n\fR, \fB\-\-netmask <NETMASK>\fR
942+the netmask used to scan the LAN. (in dotted notation). the default is your current
943+ifconfig netmask. but your netmask is for example 255.255.0.0 I encourage you to specify
944+a more restrictive one, if you managed to do an ARP scanning on start up.
945+.TP
946+\fB\-e\fR, \fB\-\-etterconf <FILENAME>\fR
947+use the config file instead of command line options
948+.br
949+etter.conf example file is packaged in the tarball, refer to it to know how to write a
950+config file. all the instruction are written in this example. via the conf file you
951+can disable selectively one protocol dissector or move it on one other port.
952+.br
953+command line options and config file can be mixed for much flexibility, but remember
954+that the options in the config file override the command line, so if in etter.conf
955+you have specified IFACE: eth0, and you launch "ettercap -i eth1 -e etter.conf"
956+the selected iface will be eth0.
957+.br
958+NOTE: the "-e etter.conf" options has to be specified after all other options.
959+.TP
960+\fB\-v\fR, \fB\-\-version\fR
961+check for the latest ettercap version.
962+.br
963+All operation are under your control. Every step requires a user confirmation.
964+With this option ettercap will connect to the http://ettercap.sourceforge.net:80 web
965+side and ask for the page /latest.php. then the result are parsed and compared with
966+your current version. If there is a newer version available, ettercap will ask you if
967+you want to wget it. (wget must be in the path).
968+.br
969+If you want to automatically answer yes at all the question add the option -y
970+.TP
971+\fB\-h\fR, \fB\-\-help\fR
972+prints the help screen with a short summary of the available options.
973+
974+
975+
976+.TP
977+.B SILENT MODE OPTIONS (only combined with -N)
978+.TP
979+\fB\-u\fR, \fB\-\-udp\fR
980+sniff only UDP packets (default is TCP).
981+This option is only useful in "simple" mode, if you start ettercap in interactive mode
982+both TCP and UDP are sniffed.
983+.TP
984+\fB\-R\fR, \fB\-\-reverse\fR
985+sniff all the connection but the selected one. This option is useful if you are using
986+ettercap on a remote machine and you want to sniff all the traffic but you connection from
987+local to remote, because including it will sniff even the ettercap output and it will be
988+screwed up...
989+.TP
990+\fB\-p\fR, \fB\-\-plugin <NAME>\fR
991+run the plugin "NAME".
992+.br
993+most plugins need a destination host. simply specify it after plugin name, in fact
994+hosts are parsed on command line as first the DEST and so the SOURCE.
995+.br
996+To have a list of the available plugins use "list" (without quotes) as plugin name.
997+.br
998+More detailed info about plugins and about how to write your own are found in the
999+README.PLUGINS file.
1000+.Sp
1001+Currently these plugins are shipped with the official distro:
1002+.Sp
1003+ arpcop -- Report suspicious ARP replies (developed by acelent)
1004+.br
1005+ banshee -- They kill without discretion...
1006+.br
1007+ dummy -- Dummy plugin. It does nothing ! (only a template)
1008+.br
1009+ golem -- nice D.O.S. BE CAREFUL !!
1010+.br
1011+ leech -- Isolate a host from the LAN
1012+.br
1013+ lurker -- try to search for other ettercap
1014+.br
1015+ imp -- Retrieves some Windows names
1016+.br
1017+ ooze -- Ping a host
1018+.br
1019+ phantom -- Sniff/Spoof DNS requests
1020+.br
1021+ shadow -- A very simple SYN/TCP port scanner
1022+.br
1023+ spectre -- flood a switched LAN with random MAC addresses
1024+.br
1025+ triton -- Try to discover the LAN's gateway
1026+.TP
1027+\fB\-l\fR, \fB\-\-list\fR
1028+lists all the hosts in the LAN, reporting each MAC address.
1029+.br
1030+Commonly combined options are -b (for broadcast ping) and -d (don't resolve hostname).
1031+.TP
1032+\fB\-C\fR, \fB\-\-collect\fR
1033+collect all users and password from the hosts specified on command line.
1034+.br
1035+Password collector are configured in the config file (etter.conf), if you want
1036+you can disable them selectively or move them on other port. This is useful if you
1037+don't want to sniff SSH connection (the key change alert will raise suspects) but
1038+want to sniff all other supported protocols. Or even if you know that a host has the
1039+telnet service on port 4567, simply move the telnet dissector on 4567/tcp
1040+.TP
1041+\fB\-f\fR, \fB\-\-fingerprint <HOST>\fR
1042+do OS fingerprinting on HOST.
1043+.br
1044+This option uses the same database and the same method used by
1045+.I nmap (c) Fyodor <fyodor@insecure.org>
1046+so I report a piece of its man page :
1047+.Sp
1048+This option activates remote host identification via TCP/IP fingerprinting. In other
1049+words, it uses a bunch of techniques to detect subtleties in the underlying operating
1050+system network stack of the computers you are scanning. It uses this information to
1051+create a 'fingerprint' which it compares with its database of known OS fingerprints
1052+(the nmap-os-fingerprints file) to decide what type of system you are scanning.
1053+.Sp
1054+the -f options even provides you the vendor of the network adapter of the scanned host.
1055+the info are stored in the mac-fingerprints database.
1056+.TP
1057+\fB\-x\fR, \fB\-\-hexview\fR
1058+to dump data in hex mode.
1059+.br
1060+TIP: while sniffing you can change the visualization mode by hitting 'a' for ascii or 'x' for hex.
1061+on line help is recalled by 'h'.
1062+.TP
1063+\fB\-L\fR, \fB\-\-logtofile\fR
1064+if used alone logs all data to specific file(s). it crates a separate file for each connection
1065+in the form "YYYYMMDD-P-IP:PORT-IP:PORT.log"
1066+.br
1067+if used with -C (collector) it creates a file with all the password sniffed in the session in
1068+the form "YYYYMMDD-collected-pass.log"
1069+.TP
1070+\fB\-q\fR, \fB\-\-quiet\fR
1071+"demonize" ettercap.
1072+.br
1073+useful if you want to log all data in background. this options will detach
1074+ettercap from the current tty and set it as a demon collecting data to files. it must be
1075+combined with -NL (or -NLC) otherwise it has no effects. Obviously the sniffing method
1076+is required, so you have to combine it with this option.
1077+.TP
1078+\fB\-k\fR, \fB\-\-newcert\fR
1079+create a new cert file for HTTPS man-in-the-middle.
1080+.br
1081+useful if you want to create a certfile with social engineered information...
1082+.br
1083+the new file is created in the current working directory. to permanently substitute the
1084+default cert file (etter.sll.crt) you have to overwrite /usr/share/ettercap/etter.ssl.crt
1085+.TP
1086+\fB\-F\fR, \fB\-\-filter <FILENAME>\fR
1087+load the filters chains from FILENAME
1088+.br
1089+the Filtering chains file is written in pseudo XML format. You can write by hand this
1090+file or (better) use the ncurses interface to let ettercap create it (press 'F' in the
1091+connection list interface). If you are skilled in XML parsing, you can write your own
1092+program to make a filter chain file.
1093+.Sp
1094+the rules are simple:
1095+.Sp
1096+If the proto <proto> AND the source port <source> AND the dest port <dest> AND the payload <search>
1097+match the rules, after the filter as done its action <action>, it jumps in the chain
1098+to the filter id specified in the <goto> field, else it jumps to <elsegoto>.
1099+If these field are left blank the chain is interrupted. Source and dest port equal to
1100+0 (zero) means ANY port. You can use wildcards in the search string (see README for detail)
1101+.Sp
1102+NOTE: with this options filter are enabled by default, if you want to
1103+disable them on the fly, press "S" (for source) or "D" (for dest) while sniffing
1104+.Sp
1105+NOTE: on command line the hosts are parsed as "ettercap -F etter.filter DEST SOURCE", so
1106+the first host is bound to the dest chain and the second to the source chain.
1107+.Sp
1108+VERY IMPORTANT: the source chain is applied to data COMING FROM source and NOT GOING TO
1109+source. keep this in mind !! the same is for dest...
1110+.TP
1111+\fB\-c\fR, \fB\-\-check\fR
1112+check if you were poisoned by other poisoners in the LAN
1113+.TP
1114+\fB\-t\fR, \fB\-\-linktype\fR
1115+check if you are on a switched LAN or not... Sometimes this discovery method can fail.
1116+don't trust it at 100%
1117+
1118+
1119+.SH TARGET SPECIFICATION
1120+The targets are parsed on command line in reverse order. The first host is the DEST and the
1121+second is the SOURCE. this doesn't care if you are sniffing in ip based mode, because
1122+source and dest are ignored, but if you are filtering the connection this is crucial for
1123+the binding of the related filter chain.
1124+.br
1125+The reverse order is due to a more intuitive interface for plugins. because some plugins
1126+need the dest host to be specified, it is simpler to type:
1127+"ettercap -Np ooze victim" than "ettercap -Np ooze NOONE victim".
1128+.br
1129+The targets can be specified in dotted notation (192.168.0.1) or with their symbolic name
1130+(victim.mynet.org). Only within the -H (--hosts) option you can use wildcards.
1131+
1132+
1133+.SH INTERACTIVE MODE
1134+The interactive mode (ncurses mode) is automatically selected if ettercap is launched
1135+without the option -N . Explain what you can do with it will take pages and pages... and I'm
1136+not a good writer... so if you don't know what can you do in some circumstances, simply
1137+press 'H' and a help screen will popup. there you can find a detailed list of all available
1138+commands.
1139+
1140+
1141+.SH EXAMPLES
1142+Here are some examples of using ettercap.
1143+.TP
1144+.B ettercap -b
1145+.Sp
1146+On startup use broadcast ping to scan the LAN instead of ARP request all the
1147+subnet IPs.
1148+.TP
1149+.B ettercap -H "192.168.0.?,192.168.0.3?,192.168.0.2*"
1150+.Sp
1151+On startup scan only the host 192.168.0.1-9, 192.168.0.30-39, 192.168.0.2,
1152+192.168.0.20-29 and 192.168.0.200-255.
1153+if the PUBLICARP method will be selected only these host will be poisoned.
1154+.TP
1155+.B ettercap -s 192.168.0.1 192.168.0.2
1156+.Sp
1157+Enter the interactive mode and sniff only the connections between 192.168.0.1 and 192.168.0.2
1158+.TP
1159+.B ettercap -Nzs -F etter.filter 192.168.0.1 192.168.0.2
1160+.Sp
1161+Load filter from etter.filter and activate them on all the connection between 192.168.0.1
1162+and 192.168.0.2 . Only Log action will be supported because it is a -s (ipsniffing) method.
1163+192.168.0.1 is bound to the dest chain and 192.168.0.2 to the source one.
1164+To enable even the replacement and drop actions you have to launch "ettercap -Nza -F
1165+etter.filter IP IP MAC MAC"
1166+.TP
1167+.B ettercap -zs -e etter.conf
1168+.Sp
1169+Use the ip based sniffing mode and load the other option from the config file (etter.conf).
1170+Note that options in the file override command line.
1171+.TP
1172+.B ettercap -Nzs victim.my.net ANY:80
1173+.Sp
1174+Sniffs in console mode (non interactive) only the connection to and from "victim.my.net"
1175+starting or ending to all other hosts but on port 80 (www). data are dumped in ASCII
1176+mode. to dump in HEX mode add the -x option.
1177+.TP
1178+.B ettercap -NRzs remote.host.net:23 my.local.host.com
1179+.Sp
1180+Useful to sniffs in console mode (non interactive) all the connection on a remote LAN
1181+on which you are executing ettercap. this example will prevent to show your telnet (:23)
1182+connection from "my.local.host.com" to "remote.host.net".
1183+.TP
1184+.B ettercap -Nclt
1185+.Sp
1186+This will provide you the entire list of hosts in the LAN. Will check if someone is
1187+poisoning you and will report its IP. Will tell you if you are on a switched LAN or not.
1188+.TP
1189+.B ettercap -NCLzs --quiet
1190+.Sp
1191+This will detach ettercap from console and log to a file all the collected password.
1192+Only works if the LAN is hubbed, or if collected password are directed to your host.
1193+.TP
1194+.B ettercap -NCza -D 100 192.168.0.1 192.168.0.2 55:23:A5:B4:C7:89 00:A3:56:FE:4F:6D
1195+.Sp
1196+Collect password to stdout on a switched LAN. this will poison the two host 192.168.0.1
1197+and 192.168.0.2 each other. The delay between arp replies is set to 100 sec.
1198+.TP
1199+.B ettercap -Np triton
1200+.Sp
1201+Launch the plugin "triton" that will try to passively search for the LAN gateway.
1202+.TP
1203+.B ettercap -Np ooze victim.mynet.org
1204+.Sp
1205+Launch the plugin "ooze" that will portscan the host "victim.mynet.org" that will be translated
1206+with the right IP
1207+
1208+.SH PLATFORMS
1209+Linux 2.0.x 2.2.x 2.4.x
1210+.br
1211+FreeBSD 4.x
1212+.br
1213+OpenBSD 2.[789]
1214+.br
1215+NetBSD 1.5
1216+.br
1217+Mac OS X (darwin 1.3)
1218+
1219+
1220+.SH FILES
1221+/usr/share/ettercap/etter.conf - the config file
1222+.br
1223+/usr/share/ettercap/etter.filter - the filter chains
1224+.br
1225+/usr/share/ettercap/etter.ssl.crt - the SSL certificate for HTTPS m-i-t-m
1226+.br
1227+/usr/share/ettercap/mac-fingerprints - the network adapter vendor database
1228+.br
1229+/usr/share/ettercap/nmap-os-fingerprints - the nmap (c) Fyodor os fingerprint
1230+.br
1231+/usr/doc/ettercap-0.5.4/* - the DOCUMENTATION
1232+
1233+
1234+.SH AUTHORS
1235+Alberto Ornaghi (ALoR) <alor@users.sourceforge.net>
1236+.br
1237+Marco Valleri (NaGA) <crwm@freemail.it>
1238+
1239+
1240+.SH AVAILABILITY
1241+http://ettercap.sourceforge.net/download/
1242+.Sp
1243+Or if you want to do an automatic check of the latest version try "ettercap -vy"
1244+
1245+
1246+.SH BUGS
1247+Our software never has bugs.
1248+.br
1249+It just develops random features. ;)
1250+.PP
1251+.B KNOWN-BUGS
1252+.PP
1253+- It is better that you don't launch ettercap on a host that is a gateway
1254+because it needs to disable ip_forwarding, it may cause problem with routing.
1255+.PP
1256+- You cannot use plugins on yourself. outgoing link layer packets are not
1257+captured by the same socket, so they will be ignored.
1258+.PP
1259+- While poisoning on a switched LAN, ettercap won't sniff the traffic made
1260+by your host to others. the technical reason is: otherwise ettercap will
1261+forward your packets two time (and this is not good...) the artistic
1262+reason is: why sniffing yourself with a man-in-the-middle method ? use
1263+simple sniffing instead ! ;)
1264+.PP
1265+- While sniffing in Public ARP mode, ettercap can "view" only one way of
1266+the connection, so some protocol dissectors can fail...
1267+.PP
1268+- under X11 resizing the xterm can give a corrupted visualization of the
1269+interface. SIGWINCH is *partially* supported.
1270+.PP
1271+- ettercap doesn't handle fragmented packets... only the first segment
1272+will be displayed by the sniffer. However all the fragments are correctly
1273+forwarded.
1274+.PP
1275++ please send bug-report, patches or suggestions to <alor@users.sourceforge.net>
1276+or visit http://ettercap.sourceforge.net/forum/ and post it in the BUGS section.
1277+.PP
1278++ to report a bug, recompile ettercap with 'configure --enable-debug'
1279+and attach ettercap_debug.log to the mail in which U explain the problem.
2e13c635
MM
1280diff -uNr ettercap-0.6.4.orig/ettercap.spec ettercap-0.6.4/ettercap.spec
1281--- ettercap-0.6.4.orig/ettercap.spec Thu Jan 1 01:00:00 1970
1282+++ ettercap-0.6.4/ettercap.spec Sat Feb 16 16:50:12 2002
1d0ff707 1283@@ -0,0 +1,40 @@
1284+%define prefix /usr
1285+
1286+Summary: ettercap is a ncurses-based sniffer/interceptor utility
1287+Name: ettercap
1288+Version: 0.5.4
1289+Release: 1
1290+Serial: 20010906
1291+Packager: ALoR <alor@users.sourceforge.net>
1292+Source: http://ettercap.sourceforge.net/download/%{name}-%{version}.tar.gz
1293+URL: http://ettercap.sourceforge.net/
1294+License: GPL
1295+Group: Networking/Utilities
1296+Prefix: %{prefix}
1297+Buildroot: %{_tmppath}/%{name}-%{version}-root
1298+
1299+%description
1300+ettercap is a multipurpose sniffer/interceptor/logger for switched or "hubbed" LAN.
1301+
1302+%prep
1303+%setup -q
1304+
1305+%build
1306+./configure --prefix=%{prefix} --disable-debug --mandir=%{_mandir}
1307+make
1308+make plug-ins
1309+
1310+%install
1311+rm -rf $RPM_BUILD_ROOT
1312+make install DESTDIR=$RPM_BUILD_ROOT
1313+make plug-ins_install DESTDIR=$RPM_BUILD_ROOT
1314+
1315+%clean
1316+rm -rf $RPM_BUILD_ROOT
1317+
1318+%files
1319+%defattr(-,root,root)
1320+%{_mandir}/man8/*
1321+%doc COPYING README README.PLUGINS HISTORY CHANGELOG AUTHORS TODO THANKS KNOWN-BUGS PORTINGS
1322+%{prefix}/bin/*
1323+%{prefix}/share/ettercap/*
This page took 0.316235 seconds and 4 git commands to generate.