diff -uNr ettercap-0.6.4.orig/configure.in ettercap-0.6.4/configure.in --- ettercap-0.6.4.orig/configure.in Mon Feb 11 22:28:37 2002 +++ ettercap-0.6.4/configure.in Sat Feb 16 16:50:12 2002 @@ -401,14 +401,14 @@ ncurses_warn=0 curses_warn=0 - AC_CHECK_HEADERS(ncurses.h,,ncurses_warn=1) + AC_CHECK_HEADERS(ncurses/ncurses.h,,ncurses_warn=1) AC_CHECK_LIB(ncurses,newpad,,ncurses_warn=1) if test $ncurses_warn -ne 1; then AC_DEFINE(HAVE_NCURSES,1) ac_cv_ec_ncurses=yes else - AC_CHECK_HEADERS(curses.h,,curses_warn=1) + AC_CHECK_HEADERS(ncurses/curses.h,,curses_warn=1) AC_CHECK_LIB(curses,newpad,,curses_warn=1) AC_CHECK_LIB(curses,mvwgetnstr,,curses_warn=1) @@ -426,7 +426,7 @@ form_warn=0 if test "$ncurses_warn$curses_warn" = "00"; then - AC_CHECK_HEADERS(form.h,,form_warn=1) + AC_CHECK_HEADERS(ncurses/form.h,,form_warn=1) AC_CHECK_LIB(form,form_win,,form_warn=1) if test $form_warn -ne 1; then @@ -458,12 +458,12 @@ ac_cv_ec_debug=yes ;; no) AC_MSG_RESULT(no.) - CFLAGS="-O3 -funroll-loops -fomit-frame-pointer -Wall" + CFLAGS="${CFLAGS} -funroll-loops -fomit-frame-pointer -Wall" ac_cv_ec_debug=no ;; esac ], AC_MSG_RESULT(no. disabled by default.) - CFLAGS="-O3 -funroll-loops -fomit-frame-pointer -Wall" + CFLAGS="${CFLAGS} -funroll-loops -fomit-frame-pointer -Wall" ac_cv_ec_debug=no ) AC_SUBST(DEBUG) diff -uNr ettercap-0.6.4.orig/configure.in.orig ettercap-0.6.4/configure.in.orig --- ettercap-0.6.4.orig/configure.in.orig Thu Jan 1 01:00:00 1970 +++ ettercap-0.6.4/configure.in.orig Mon Feb 11 22:28:37 2002 @@ -0,0 +1,675 @@ +dnl +dnl ettercap -- configure script +dnl +dnl Copyright (C) 2001 ALoR , NaGA +dnl +dnl This program is free software; you can redistribute it and/or modify +dnl it under the terms of the GNU General Public License as published by +dnl the Free Software Foundation; either version 2 of the License, or +dnl (at your option) any later version. +dnl +dnl This program is distributed in the hope that it will be useful, +dnl but WITHOUT ANY WARRANTY; without even the implied warranty of +dnl MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +dnl GNU General Public License for more details. +dnl +dnl You should have received a copy of the GNU General Public License +dnl along with this program; if not, write to the Free Software +dnl Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. +dnl +dnl $Id$ +dnl + +AC_INIT(src/ec_main.c) +AC_CONFIG_HEADER(config.h) + +SB=`./shtool echo -n -e %B` +EB=`./shtool echo -n -e %b` + +AC_SUBST(SB) +AC_SUBST(EB) + +VERSION=`grep VERSION ./src/include/ec_main.h | cut -f2 -d"\""` +AC_SUBST(VERSION) + +PROG=`grep PROGRAM ./src/include/ec_main.h | cut -f2 -d"\""` +AC_SUBST(PROG) + +EC_MESSAGE(Configuring $PROG-$VERSION) + +SERIAL=`date +%Y%m%d` +AC_SUBST(SERIAL) + +RELEASE=1 +AC_SUBST(RELEASE) + +SOURCES=`ls ./src/ec_*.c | awk ' { printf "%s ", $1 } '` +AC_SUBST(SOURCES) + + +dnl ========================================= +dnl Enable Developmen feature or portings +dnl ========================================= + +AC_ARG_ENABLE(devel, [ --enable-devel enable the undeveloped (alpha) features.], +[ case "$enableval" in + yes) + development=1 + ;; + no) + development=0 + ;; +esac ], + development=0 +) + +dnl ================ +dnl Check the OS +dnl ================ + +AC_CANONICAL_SYSTEM +case "$target_os" in +*linux*) + EC_LINUX_KERNEL() + OS=LINUX + OS_OPT= + ;; +*freebsd*) + EC_FREEBSD_VERSION() + OS=FREEBSD + OS_OPT= + ;; +*netbsd*) + OS=NETBSD + OS_OPT= + ;; +*openbsd*) + OS=OPENBSD + OS_OPT= + ;; +*darwin*) + EC_DARWIN_KERNEL() + OS=MACOSX + OS_OPT= + STRIPOPTION="-x" + ;; +*cygwin*) + if test $development -ne 1; then + echo + echo "CYGWIN PORTING IS IN PROGRESS..." + echo "STAY TUNED FOR THE NEXT RELEASE" + echo + echo "you can try to compile and run it" + echo "by configuring with the --enable-devel flag" + echo "TRY AT YOUR OWN RISK" + echo + exit + fi + OS=CYGWIN + OS_OPT= + ;; +*solaris*) + if test $development -ne 1; then + echo + echo "WE ARE VERY VERY SORRY, BUT STILL NO SOLARIS PORT" + echo "WE ARE WORKING ON IT..." + echo "IF YOU WANT TO CONTRIBUTE WITH PORTING:" + echo "run ./configure --enable-devel " + echo "and report bugs" + echo + exit + fi + OS=SOLARIS + OS_OPT= + ;; +*) + echo + echo "NOT A SUPPORTED SYSTEM / OR SYSTEM NOT RECOGNIZED" + echo + cat PORTINGS + echo + exit + ;; +esac + +AC_SUBST(OS) +AC_SUBST(OS_OPT) +AC_SUBST(STRIPOPTION) + +dnl ====================== +dnl Initialize prefix. +dnl ====================== + +AC_PREFIX_DEFAULT(/usr/local) + +if test "$prefix" = "NONE"; then + prefix="/usr/local" +fi + + +dnl ======================== +dnl Check the C compiler +dnl ======================== + +AC_PROG_CC +AC_PROG_INSTALL +AC_PROG_MAKE_SET +AC_PROG_GCC_TRADITIONAL + +dnl ====================== +dnl Machine Endianness +dnl ====================== + +AC_C_BIGENDIAN + +dnl ====================== +dnl OS specific checks +dnl ====================== + + +if test "$OS" = "LINUX"; then + + dnl =========================== + dnl Check for Socket Packet + dnl =========================== + + EC_PF_PACKET() + EC_SOCK_PACKET() + + if test "$ac_cv_ec_nopf" = 1 && test "$ac_cv_ec_nosock" = 1; then + AC_MSG_WARN(*************************************); + AC_MSG_WARN(* You can't create Socket Packet !! *); + AC_MSG_WARN(*************************************); + exit; + fi + + dnl =========================================== + dnl Check for /proc/sys/net/ipv4/ip_forward + dnl =========================================== + + AC_PATH_PROGS(IPFORWARD,ip_forward,no,/proc/sys/net/ipv4) + if test "$IPFORWARD" = no; then + AC_MSG_WARN(*****************************************************************) + AC_MSG_WARN(* /proc/sys/net/ipv4/ip_forward not found !! *) + AC_MSG_WARN(* please disable manually ip_forwarding before running ettercap *) + AC_MSG_WARN(*****************************************************************) + else + AC_DEFINE(HAVE_PROC_FORWARDING) + fi + +fi + + + +if test "$OS" = "FREEBSD" -o "$OS" = "OPENBSD" -o "$OS" = "NETBSD" -o "$OS" = "MACOSX"; then + + AC_MSG_CHECKING(link-layer packet interface) + + if test -r /dev/bpf0 ; then + AC_MSG_RESULT(found bpf) + elif test -c /dev/bpf0 ; then + AC_MSG_RESULT(found bpf) + else + AC_MSG_WARN(*********************************************************); + AC_MSG_WARN(* /dev/bpf0 not found !! please reconfigure your kernel *); + AC_MSG_WARN(*********************************************************); + exit; + fi + +fi + + + +if test "$OS" = "SOLARIS"; then + + AC_CHECK_HEADERS(sys/bufmod.h sys/dlpi_ext.h) + AC_MSG_CHECKING(for /dev/dlpi device) + if test -c /dev/dlpi; then + AC_MSG_RESULT(yes) + AC_DEFINE(HAVE_DEV_DLPI) + else + AC_MSG_RESULT(no) + dir="/dev/dlpi" + AC_MSG_CHECKING(for $dir directory) + if test -d $dir ; then + AC_MSG_RESULT(yes) + AC_DEFINE_UNQUOTED(DLPI_DEV_PREFIX, "$dir") + else + AC_MSG_RESULT(no) + fi + fi + +fi + +if test "$OS" = "CYGWIN"; then + + AC_MSG_CHECKING(for WinPcap developer's pack) + AC_ARG_WITH(wpdpack, + [ --with-wpdpack=DIR use WinPcap developer's pack in DIR], + [ AC_MSG_RESULT($withval) + if test -f $withval/include/packet32.h -a -f $withval/lib/packet.a; then + COPTS="$COPTS -I$withval/include" + LIBS="$LIBS -L$withval/lib -lpacket -lws2_32" + else + AC_MSG_ERROR(packet32.h or packet.a not found in $withval) + fi ], + [ for dir in ${prefix} ${HOME}/WPdpack ; do + if test -f ${dir}/include/packet32.h -a -f ${dir}/lib/packet.a; then + COPTS="$COPTS -I${dir}/include" + LIBS="$LIBS -L${dir}/lib -lpacket -lws2_32" + have_pcap=yes + break; + fi + done + if test "$have_pcap" != yes; then + AC_MSG_ERROR(WinPcap developer's pack not found) + fi + AC_MSG_RESULT(yes) ]) + +fi + +dnl =========================== +dnl Check for programs path +dnl =========================== + +AC_PATH_PROG(WGET_PATH, "wget") + if test -n "$WGET_PATH"; then + AC_DEFINE_UNQUOTED(WGET_PATH, "$WGET_PATH") + else + AC_DEFINE_UNQUOTED(WGET_PATH, "") + fi + + +dnl ===================== +dnl Check for headers +dnl ===================== + +AC_HEADER_STDC +AC_HEADER_DIRENT +AC_HEADER_TIME +AC_CHECK_HEADERS(getopt.h) +AC_CHECK_HEADERS(fcntl.h termios.h ctype.h) +AC_CHECK_HEADERS(sys/time.h sys/utsname.h) +AC_CHECK_HEADERS(ifaddrs.h) + +dnl These are required !! +AC_CHECK_HEADERS(unistd.h stdlib.h signal.h stdarg.h sys/ioctl.h,, + AC_MSG_WARN(**************************************************); + AC_MSG_WARN(* REQUIRED !! I cant believe U don't have this !!*); + AC_MSG_WARN(**************************************************); + exit) + +AC_CHECK_HEADERS(dirent.h errno.h,, + AC_MSG_WARN(***************); + AC_MSG_WARN(* REQUIRED !! *); + AC_MSG_WARN(***************); + exit) + +AC_CHECK_HEADERS(net/ethernet.h net/if_arp.h net/if.h) +AC_CHECK_HEADERS(netinet/ip.h netinet/ip_icmp.h netinet/tcp.h) +AC_CHECK_HEADERS(sys/sockio.h) + + +dnl ================================================================== +dnl Checks for typedefs, structures, and compiler characteristics. +dnl ================================================================== + +AC_STRUCT_TM +EC_SOCKLEN_CHECK +AC_TYPE_PID_T +AC_TYPE_SIZE_T +AC_C_CONST +AC_LBL_SOCKADDR_SA_LEN +AC_LBL_UNALIGNED_ACCESS + +dnl ===================== +dnl Check for libs +dnl ===================== + +AC_FUNC_MALLOC +AC_FUNC_MEMCMP +AC_TYPE_SIGNAL +AC_FUNC_VPRINTF +EC_PTHREAD_CHECK() +AC_SEARCH_LIBS(log,c m) +AC_SEARCH_LIBS(pow,c m) +AC_SEARCH_LIBS(gethostbyname,c nsl,,AC_MSG_ERROR(libnsl not found.)) +AC_SEARCH_LIBS(socket,c socket,,AC_MSG_ERROR(libsocket not found.)) +AC_SEARCH_LIBS(dn_expand,c resolv,,) +AC_CHECK_FUNCS(getifaddrs) +AC_CHECK_FUNCS(gettimeofday) +AC_CHECK_FUNCS(vsnprintf) +AC_CHECK_FUNCS(select strdup strerror strstr strsignal) +AC_CHECK_FUNCS(uname) + + +dnl =============================== +dnl Check for non standard libs +dnl =============================== + +MISSING="" +MISSLIBS="" + +AC_CHECK_FUNCS(getopt_long,,MISSING="$MISSING ./src/missing/getopt.c ./src/missing/getopt1.c" + MISSLIBS="$MISSLIBS ./src/missing/getopt.o ./src/missing/getopt1.o") +AC_CHECK_FUNCS(strlcat,,MISSING="$MISSING ./src/missing/strlcat.c" + MISSLIBS="$MISSLIBS ./src/missing/strlcat.o") +AC_CHECK_FUNCS(strlcpy,,MISSING="$MISSING ./src/missing/strlcpy.c" + MISSLIBS="$MISSLIBS ./src/missing/strlcpy.o") +AC_CHECK_FUNCS(strsep,,MISSING="$MISSING ./src/missing/strsep.c" + MISSLIBS="$MISSLIBS ./src/missing/strsep.o") +AC_CHECK_FUNCS(memmem,,MISSING="$MISSING ./src/missing/memmem.c" + MISSLIBS="$MISSLIBS ./src/missing/memmem.o") +AC_CHECK_FUNCS(inet_aton,,MISSING="$MISSING ./src/missing/inet_aton.c" + MISSLIBS="$MISSLIBS ./src/missing/inet_aton.o") +AC_CHECK_FUNCS(scandir,,MISSING="$MISSING ./src/missing/scandir.c" + MISSLIBS="$MISSLIBS ./src/missing/scandir.o") + +AC_SUBST(MISSING) +AC_SUBST(MISSLIBS) + + +dnl ======================================= +dnl Check user defined --enable-FEATURE +dnl ======================================= + +EC_MESSAGE(Checking user defined options) + +dnl ----------------------- +dnl -- NCURSES INTERFACE -- +dnl ----------------------- + +check_ncurses=0 +AC_MSG_CHECKING([if --enable-ncurses option is specified]) +AC_ARG_ENABLE(ncurses, [ --enable-ncurses enable the ncurses interface.], +[ case "$enableval" in + yes) + AC_MSG_RESULT(yes.) + check_ncurses=1 + ;; + no) AC_MSG_RESULT(no.) + ;; +esac ], + AC_MSG_RESULT(yes. enabled by default.) + check_ncurses=1 +) + +ac_cv_ec_ncurses=no +ac_cv_ec_form=no + +if test $check_ncurses -ne 0; then + ncurses_warn=0 + curses_warn=0 + + AC_CHECK_HEADERS(ncurses.h,,ncurses_warn=1) + AC_CHECK_LIB(ncurses,newpad,,ncurses_warn=1) + + if test $ncurses_warn -ne 1; then + AC_DEFINE(HAVE_NCURSES,1) + ac_cv_ec_ncurses=yes + else + AC_CHECK_HEADERS(curses.h,,curses_warn=1) + AC_CHECK_LIB(curses,newpad,,curses_warn=1) + AC_CHECK_LIB(curses,mvwgetnstr,,curses_warn=1) + + if test $curses_warn -ne 1; then + AC_DEFINE(HAVE_NCURSES,1) + ac_cv_ec_ncurses=yes + else + AC_MSG_WARN(***********************************************) + AC_MSG_WARN(* NCURSES are NOT available in your system !! *) + AC_MSG_WARN(* Interactive mode will not be supported! *) + AC_MSG_WARN(***********************************************) + fi + fi + + form_warn=0 + + if test "$ncurses_warn$curses_warn" = "00"; then + AC_CHECK_HEADERS(form.h,,form_warn=1) + AC_CHECK_LIB(form,form_win,,form_warn=1) + + if test $form_warn -ne 1; then + AC_DEFINE(HAVE_FORM,1) + ac_cv_ec_form=yes + else + AC_MSG_WARN(**********************************************) + AC_MSG_WARN(* FORM are NOT available in your system !! *) + AC_MSG_WARN(* some interface will be less pleasureful... *) + AC_MSG_WARN(**********************************************) + fi + fi +fi + + + + +dnl ----------- +dnl -- DEBUG -- +dnl ----------- + +AC_MSG_CHECKING([if --enable-debug option is specified]) +AC_ARG_ENABLE(debug, [ --enable-debug create a file for debugging messages.], +[ case "$enableval" in + yes) + DEBUG="-DDEBUG" + CFLAGS="-g -ggdb -Wmissing-prototypes -Werror -Wall" + AC_MSG_RESULT(yes) + ac_cv_ec_debug=yes + ;; + no) AC_MSG_RESULT(no.) + CFLAGS="-O3 -funroll-loops -fomit-frame-pointer -Wall" + ac_cv_ec_debug=no + ;; +esac ], + AC_MSG_RESULT(no. disabled by default.) + CFLAGS="-O3 -funroll-loops -fomit-frame-pointer -Wall" + ac_cv_ec_debug=no +) +AC_SUBST(DEBUG) + +dnl ------------- +dnl -- PLUGINS -- +dnl ------------- + +check_plugins=0 +AC_MSG_CHECKING([if --enable-plugins option is specified]) +AC_ARG_ENABLE(plugins, [ --enable-plugins enable the use of plugins in ettercap.], +[ case "$enableval" in + yes) + AC_MSG_RESULT(yes.) + check_plugins=1 + ;; + no) AC_MSG_RESULT(no.) + ac_cv_ec_plugin=no + ;; +esac ], + AC_MSG_RESULT(yes. enabled by default.) + check_plugins=1 +) + + +if test $check_plugins -ne 0; then + plugins_warn=0 + AC_CHECK_HEADERS(dlfcn.h,,plugins_warn=1) + AC_SEARCH_LIBS(dlopen, dl c,,plugins_warn=1) + + if test $plugins_warn -ne 1; then + AC_DEFINE(PERMIT_PLUGINS,1) + ac_cv_ec_plugin=yes + AC_MSG_CHECKING([for gcc option to produce PIC]) + if test "$OS" = "MACOSX"; then + PICFLAG="-bundle -undefined $ac_cv_ec_undefined -bundle_loader ../../ettercap" + elif test "$OS" = "SOLARIS"; then + PICFLAG="-fPIC -DPIC -shared" + elif test "$OS" = "CYGWIN"; then + PICFLAG="-DPIC -shared" + else + LIBS="$LIBS -rdynamic" + PICFLAG="-fPIC -DPIC -shared" + fi + AC_MSG_RESULT($PICFLAG) + AC_SUBST(PICFLAG) + else + AC_MSG_WARN(***********************************************) + AC_MSG_WARN(* Plugins are NOT supported by your system !! *) + if test "$OS" = "MACOSX"; then + AC_MSG_WARN(* *) + AC_MSG_WARN(* You have to install the dlcompat library... *) + fi + AC_MSG_WARN(***********************************************) + ac_cv_ec_plugin=no + fi +fi + + +dnl --------- +dnl -- SSH -- +dnl --------- + +check_ssh=0 +AC_ARG_WITH(openssl, [ --with-openssl=DIR use OpenSSL in DIR], +[ case "$withval" in + no) + AC_MSG_CHECKING(for OpenSSL) + AC_MSG_RESULT(no) + ac_cv_ec_ssh=no + ;; + *) + AC_MSG_CHECKING(for OpenSSL in $withval) + check_ssh=1 + ssl_path=$withval + ;; + esac ], + [ AC_MSG_CHECKING(for OpenSSL in ${prefix}) + check_ssh=1 + ssl_path=${prefix} + ] +) + + +if test $check_ssh -ne 0; then + + if test -f $ssl_path/include/openssl/ssl.h; then + COPTS="$COPTS -I$ssl_path/include" + LIBS="$LIBS -L$ssl_path/lib -lssl -lcrypto" + AC_DEFINE(HAVE_OPENSSL,1) + ac_cv_ec_ssh=yes + AC_MSG_RESULT(yes) + elif test -f $ssl_path/ssl/include/openssl/ssl.h; then + COPTS="$COPTS -I$ssl_path/ssl/include" + LIBS="$LIBS -L$ssl_path/ssl/lib -lssl -lcrypto" + AC_DEFINE(HAVE_OPENSSL,1) + ac_cv_ec_ssh=yes + AC_MSG_RESULT(yes) + elif test -f /usr/include/openssl/ssl.h; then + LIBS="$LIBS -lssl -lcrypto" + AC_DEFINE(HAVE_OPENSSL,1) + ac_cv_ec_ssh=yes + AC_MSG_RESULT(yes) + else + AC_MSG_RESULT(no) + ac_cv_ec_ssh=no + AC_MSG_WARN(**********************************************) + AC_MSG_WARN(* OpenSSL is NOT installed in your system !! *) + AC_MSG_WARN(* SSH support will NOT be available... *) + AC_MSG_WARN(**********************************************) + fi + + AC_PATH_PROG(OPENSSL_PATH, "openssl",, "$PATH:/usr/local/ssl/bin") + if test -n "$OPENSSL_PATH"; then + AC_DEFINE_UNQUOTED(OPENSSL_PATH, "$OPENSSL_PATH") + else + AC_DEFINE_UNQUOTED(OPENSSL_PATH, "") + fi + +fi + + +dnl ----------- +dnl -- HTTTS -- +dnl ----------- + +AC_MSG_CHECKING([if --enable-https option is specified]) +AC_ARG_ENABLE(https, [ --enable-https permit https dissection (invasive).], +[ case "$enableval" in + yes) + if test "$OS" = "MACOSX" -o "$OS" = "SOLARIS" -o "$OS" = "CYGWIN"; then + AC_MSG_RESULT(NOT available on this OS) + ac_cv_ec_https=no + else + AC_DEFINE(PERMIT_HTTPS,1) + AC_MSG_RESULT(yes) + ac_cv_ec_https=yes + fi + ;; + no) AC_MSG_RESULT(no) + ac_cv_ec_https=no + ;; + esac ], + if test "$OS" = "MACOSX" -o "$OS" = "SOLARIS" -o "$OS" = "CYGWIN"; then + AC_MSG_RESULT(NOT available on this OS) + ac_cv_ec_https=no + elif test "$OS" = "OPENBSD" -o "$OS" = "FREEBSD" -o "$OS" = "NETBSD"; then + AC_MSG_RESULT(no.) + ac_cv_ec_https=no + AC_MSG_WARN(***************************************************) + AC_MSG_WARN(* HTTPS dissection in in ALPHA state under BSD... *) + AC_MSG_WARN(* I discourage you to enable it. *) + AC_MSG_WARN(* But if you want use at your own risk *) + AC_MSG_WARN(***************************************************) + else + AC_MSG_RESULT(yes. enabled by default.) + AC_DEFINE(PERMIT_HTTPS,1) + ac_cv_ec_https=yes + fi + +) + + +dnl =============== +dnl FINISHED !! +dnl =============== + +AC_SUBST(COPTS) + +EC_MESSAGE(Writing output files) + +PLUGINS=`ls ./plugins | grep -v -E "Make|CVS" | awk ' { printf "%s ", $1 } '` +AC_SUBST(PLUGINS) + +makeplug=`ls ./plugins | grep -v -E "Make|CVS" | awk '{ printf("plugins/%s/Makefile ", $1) }'` + +AC_OUTPUT(ettercap.spec ettercap.8 Makefile $makeplug plugins/Makefile) + + +dnl =============== +dnl THE SUMMARY +dnl =============== + + +EC_MESSAGE(Ettercap has been configured as follow) + +echo "==================================================" +echo + EC_CHECK_OPTION(" Install directory: ",${prefix}) +echo +echo + EC_CHECK_OPTION(" DEBUG mode ....... ",${ac_cv_ec_debug}) + EC_CHECK_OPTION(" NCURSES support .. ",${ac_cv_ec_ncurses}) + EC_CHECK_OPTION(" FORM support ..... ",${ac_cv_ec_form}) + EC_CHECK_OPTION(" PLUGIN support ... ",${ac_cv_ec_plugin}) + EC_CHECK_OPTION(" SSH support ...... ",${ac_cv_ec_ssh}) + EC_CHECK_OPTION(" HTTPS support .... ",${ac_cv_ec_https}) +echo +echo "==================================================" +echo +echo +echo For a list of all possible make processes, type \`${SB}make help${EB}\` +echo +echo + + + +EC_CHECK_DATE() + diff -uNr ettercap-0.6.4.orig/ettercap.8 ettercap-0.6.4/ettercap.8 --- ettercap-0.6.4.orig/ettercap.8 Thu Jan 1 01:00:00 1970 +++ ettercap-0.6.4/ettercap.8 Sat Feb 16 16:50:12 2002 @@ -0,0 +1,552 @@ +.\" ettercap -- a ncurses-based sniffer/interceptor utility for switched LAN +.\" +.\" Copyright (C) 2001 ALoR , NaGA +.\" +.\" This program is free software; you can redistribute it and/or modify +.\" it under the terms of the GNU General Public License as published by +.\" the Free Software Foundation; either version 2 of the License, or +.\" (at your option) any later version. +.\" +.\" This program is distributed in the hope that it will be useful, +.\" but WITHOUT ANY WARRANTY; without even the implied warranty of +.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +.\" GNU General Public License for more details. +.\" +.\" You should have received a copy of the GNU General Public License +.\" along with this program; if not, write to the Free Software +.\" Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. +.de Sp +.if n .sp +.if t .sp 0.4 +.. +.TH ETTERCAP "8" "20010906" "ettercap 0.5.4" +.SH NAME +.B ettercap 0.5.4 \- A multipurpose sniffer over switched LANs + +.SH SYNOPSIS +.B ettercap +[\fIOPTIONS\fR] [\fIHOST:PORT\fR] [\fIHOST:PORT\fR] [\fIMAC\fR] [\fIMAC\fR] + +.SH DESCRIPTION +Ettercap was born as a sniffer for switched LAN (and obviously even "hubbed" one), +but during the development process it has gained more and more feature that have +changed it to a powerful and flexible tool for man-in-the-middle attacks. +It supports active and passive dissection of many protocols (even ciphered ones) +and includes many feature for network and host analysis (such as OS fingerprint). +.PP +It has five sniffing methods: +.br ++ IPBASED, the packets are filtered matching IP:PORT source and IP:PORT dest +.br ++ MACBASED, packets filtered matching the source and dest MAC address. (useful +to sniff connections through gateway) +.br ++ ARPBASED, uses arp poisoning to sniff in switched LAN between two hosts +(full-duplex m-i-t-m). +.br ++ SMARTARP, uses arp poisoning to sniff in switched LAN from a victim host to all other +hosts knowing the entire list of the hosts (full-duplex m-i-t-m). +.br ++ PUBLICARP, uses arp poison to sniff in switched LAN from a victim host to all other +hosts (half-duplex). +.br +With this method the ARP replies are sent in broadcast, but if ettercap has the complete +host list (on start up it has scanned the LAN) SMARTARP method is automatically selected, +and the arp replies are sent to all the hosts but the victim, avoiding conflicting MAC +addresses as reported by win2K. +.PP +The most relevant ettercap features are: +.PP +.B Characters injection in an established connection : +you can inject character to server (emulating commands) or to client (emulating replies) +maintaining the connection alive !! +.PP +.B SSH1 support : +you can sniff User and Pass, and even the data of an SSH1 connection. ettercap is the +first software capable to sniff an SSH connection in FULL-DUPLEX +.PP +.B HTTPS support : +you can sniff http SSL secured data... and even if the connection is made through a PROXY +.PP +.B Plug-ins support : +You can create your own plugin using the ettercap's API. +.PP +.B Password collector for : +TELNET, FTP, POP, RLOGIN, SSH1, ICQ, SMB, MySQL, HTTP, NNTP, X11, NAPSTER, IRC, RIP, BGP, +SOCKS 5, IMAP 4, VNC (other protocols coming soon...) +.PP +.B Packet filtering/dropping: +You can set up a filter chain that search for a particular string (even hex) in the TCP +or UDP payload and replace it with yours or drop the entire packet. +.PP +.B OS fingerprint: +you can fingerprint the OS of the victim host and even its network adapter (it uses the +nmap (c) Fyodor database) +.PP +.B Kill a connection: +from the connections list you can kill all the connections you want +.PP +.B Packet factory: +You can create and sent packet forged on the fly. The factory let you to forge from Ethernet +header to application level. + +.PP +.SH OPTIONS +Options that make sense together can generally be combined. ettercap will warn the user +about unsupported option combinations. +.TP +.B SNIFFING METHODS +.TP +\fB\-a\fR, \fB\-\-arpsniff\fR +ARP BASED sniffing +.br +This is THE sniffing method for switched LAN, and if you want to use the man-in-the-middle +technique you have to use it. In conjunction with the silent mode (-z option) you must +specify two IP and two MAC for ARPBASED (full-duplex) or one IP and one MAC for PUBLICARP +(half-duplex). in PUBLICARP the ARP replies are sent in broadcast, but if ettercap has +the complete host list (on start up it has scanned the LAN) SMARTARP method is automatically +selected, and the arp replies are sent to all the hosts but the victim, and an hash table +is created to re-route back the packet form victim to client obtaining in this way a full-duplex +man in the middle attack. +.br +Filters that have as action a replacement or a drop, can be used only with ARPBASED +sniffing because it is necessary to re-adjust the sequence number in full-duplex in order +to maintain the connection alive. +.TP +\fB\-s\fR, \fB\-\-sniff\fR +IP BASED sniffing +.br +This is the good old style sniffing method. It rocks on "hubbed" LAN, but useless on switched +ones. You can choose the target specifying only source, only dest, with or without port, or +nothing (to sniff all connections). A special ip "ANY" means from or to every host. +.TP +\fB\-m\fR, \fB\-\-macsniff\fR +MAC BASED sniffing (you must select two host for this) +.br +Very useful to sniff TCP traffic with remote hosts. On hubbed LANs if you want to sniff a +connection through a gateway is useless to specify the victim's ip and the gateway's ip, +because the packet are for an external host, not for the gateway. So you can use this method. +Simply specify the victim's MAC and the gateway's MAC and you will see all the connections +from and to the Internet. + + +.TP +.B GENERAL OPTIONS +.TP +\fB\-N\fR, \fB\-\-simple\fR +NON interactive mode (without ncurses) +.br +This method is useful if you want to launch ettercap from a script or if you already +know some informations of your target or if you want to launch ettercap in background +collecting data or password for you (in combination with the --quiet option). +.br +Some features are not available in this method, obviously the ones which requires +interaction with the user, such as characters injection. But others (for example filtering) +are fully supported, so you can set up ettercap to poison two host (a victim and its gateway) +and to filter all its connection on the port 80 and replace some string with others, +all its traffic to the Internet will be changed as you wish. +.TP +\fB\-z\fR, \fB\-\-silent\fR +start in silent mode (no arp storm on start up) +.br +If you want to launch ettercap with a non invasive method (some NIDS may raise a warn +if they detects too much arp request). You have to know all the requested data of the +target in order to use this options. For example if you want to poison two host, you need +the two IP and the two MAC addresses of the victims. +If you select ipsniff or macsniff this method is automatically selected, because you don't +need to know the list of the host in the LAN. +.br +To know the entire list of the hosts use "ettercap -Nl", but remember that it is a invasive +method. +.TP +\fB\-b\fR, \fB\-\-broadping\fR +use a broadcast ping instead of arp storm on start up. +.br +this method is less intrusive, but even less accurate. some hosts will not respond at the +broadcast ping (es. Windows) so they remain invisible to this method. Useful if you want to +scan a LAN with Linux hosts. As usual you can combine this option with --list to have a +list of the hosts "ettercap -Nlb" +.TP +\fB\-D\fR, \fB\-\-delay \fR +the delay in seconds between the arp replies if you have selected an ARP poison sniffing +method. This is useful if you want to be less aggressive in the poisoning. On many OS the +default validity interval of the arp cache is more than a minute (on FreeBSD is 1200 sec). +.br +The default delay value is 30 sec. +.TP +\fB\-Z\fR, \fB\-\-stormdelay \fR +the delay in micro-seconds between the arp request on arp storm at start up. +This is useful if you want to be less aggressive in the scanning. Many IDS will report +massive arp request, but if you send them in a slower rate, they will not report any strange +behavior. +.br +The default delay value is 1500 usec. +.TP +\fB\-S\fR, \fB\-\-spoof \fR +If you want to elude some IDS, you can specify a spoofed IP used to scan the LAN with +arp request. The source MAC can't be spoofed because a well configured switch will block +your request. +.TP +\fB\-H\fR, \fB\-\-hosts \fR +on start up, scan only these hosts. +.br +this is useful if you want to use an ARP scanning of the LAN but only on certain IPs. +so you can benefit from a ARP scan but remaining less invasive. +Useful even if you want to do PUBLIC ARP but you want to poison only specific hosts. +since with a list PUBLIC ARP is automatically converted to SMARTARP, only these host +will be poisoned and you can leave untouched the arp caches of the other hosts. +.br +the IP list must be in dotted notation and separated by comma (without black spaces +between them), you can use wildcards. +.br +eg: 192.168.0.2? --> from 20 to 29 +.br + 192.168.0.1* --> host 1, from 10 to 19 and from 100 to 199 +.TP +\fB\-d\fR, \fB\-\-dontresolve\fR +don't resolve IPs on start up. this is useful if you experience an insane "Resolving +n hostnames..." message on start up. This is due to a very slow DNS in your environment. +.TP +\fB\-i\fR, \fB\-\-iface \fR +network interface to be used for all the operation. you can even specify network aliases +in order to scan a subnet with different ip form your current one. +.TP +\fB\-n\fR, \fB\-\-netmask \fR +the netmask used to scan the LAN. (in dotted notation). the default is your current +ifconfig netmask. but your netmask is for example 255.255.0.0 I encourage you to specify +a more restrictive one, if you managed to do an ARP scanning on start up. +.TP +\fB\-e\fR, \fB\-\-etterconf \fR +use the config file instead of command line options +.br +etter.conf example file is packaged in the tarball, refer to it to know how to write a +config file. all the instruction are written in this example. via the conf file you +can disable selectively one protocol dissector or move it on one other port. +.br +command line options and config file can be mixed for much flexibility, but remember +that the options in the config file override the command line, so if in etter.conf +you have specified IFACE: eth0, and you launch "ettercap -i eth1 -e etter.conf" +the selected iface will be eth0. +.br +NOTE: the "-e etter.conf" options has to be specified after all other options. +.TP +\fB\-v\fR, \fB\-\-version\fR +check for the latest ettercap version. +.br +All operation are under your control. Every step requires a user confirmation. +With this option ettercap will connect to the http://ettercap.sourceforge.net:80 web +side and ask for the page /latest.php. then the result are parsed and compared with +your current version. If there is a newer version available, ettercap will ask you if +you want to wget it. (wget must be in the path). +.br +If you want to automatically answer yes at all the question add the option -y +.TP +\fB\-h\fR, \fB\-\-help\fR +prints the help screen with a short summary of the available options. + + + +.TP +.B SILENT MODE OPTIONS (only combined with -N) +.TP +\fB\-u\fR, \fB\-\-udp\fR +sniff only UDP packets (default is TCP). +This option is only useful in "simple" mode, if you start ettercap in interactive mode +both TCP and UDP are sniffed. +.TP +\fB\-R\fR, \fB\-\-reverse\fR +sniff all the connection but the selected one. This option is useful if you are using +ettercap on a remote machine and you want to sniff all the traffic but you connection from +local to remote, because including it will sniff even the ettercap output and it will be +screwed up... +.TP +\fB\-p\fR, \fB\-\-plugin \fR +run the plugin "NAME". +.br +most plugins need a destination host. simply specify it after plugin name, in fact +hosts are parsed on command line as first the DEST and so the SOURCE. +.br +To have a list of the available plugins use "list" (without quotes) as plugin name. +.br +More detailed info about plugins and about how to write your own are found in the +README.PLUGINS file. +.Sp +Currently these plugins are shipped with the official distro: +.Sp + arpcop -- Report suspicious ARP replies (developed by acelent) +.br + banshee -- They kill without discretion... +.br + dummy -- Dummy plugin. It does nothing ! (only a template) +.br + golem -- nice D.O.S. BE CAREFUL !! +.br + leech -- Isolate a host from the LAN +.br + lurker -- try to search for other ettercap +.br + imp -- Retrieves some Windows names +.br + ooze -- Ping a host +.br + phantom -- Sniff/Spoof DNS requests +.br + shadow -- A very simple SYN/TCP port scanner +.br + spectre -- flood a switched LAN with random MAC addresses +.br + triton -- Try to discover the LAN's gateway +.TP +\fB\-l\fR, \fB\-\-list\fR +lists all the hosts in the LAN, reporting each MAC address. +.br +Commonly combined options are -b (for broadcast ping) and -d (don't resolve hostname). +.TP +\fB\-C\fR, \fB\-\-collect\fR +collect all users and password from the hosts specified on command line. +.br +Password collector are configured in the config file (etter.conf), if you want +you can disable them selectively or move them on other port. This is useful if you +don't want to sniff SSH connection (the key change alert will raise suspects) but +want to sniff all other supported protocols. Or even if you know that a host has the +telnet service on port 4567, simply move the telnet dissector on 4567/tcp +.TP +\fB\-f\fR, \fB\-\-fingerprint \fR +do OS fingerprinting on HOST. +.br +This option uses the same database and the same method used by +.I nmap (c) Fyodor +so I report a piece of its man page : +.Sp +This option activates remote host identification via TCP/IP fingerprinting. In other +words, it uses a bunch of techniques to detect subtleties in the underlying operating +system network stack of the computers you are scanning. It uses this information to +create a 'fingerprint' which it compares with its database of known OS fingerprints +(the nmap-os-fingerprints file) to decide what type of system you are scanning. +.Sp +the -f options even provides you the vendor of the network adapter of the scanned host. +the info are stored in the mac-fingerprints database. +.TP +\fB\-x\fR, \fB\-\-hexview\fR +to dump data in hex mode. +.br +TIP: while sniffing you can change the visualization mode by hitting 'a' for ascii or 'x' for hex. +on line help is recalled by 'h'. +.TP +\fB\-L\fR, \fB\-\-logtofile\fR +if used alone logs all data to specific file(s). it crates a separate file for each connection +in the form "YYYYMMDD-P-IP:PORT-IP:PORT.log" +.br +if used with -C (collector) it creates a file with all the password sniffed in the session in +the form "YYYYMMDD-collected-pass.log" +.TP +\fB\-q\fR, \fB\-\-quiet\fR +"demonize" ettercap. +.br +useful if you want to log all data in background. this options will detach +ettercap from the current tty and set it as a demon collecting data to files. it must be +combined with -NL (or -NLC) otherwise it has no effects. Obviously the sniffing method +is required, so you have to combine it with this option. +.TP +\fB\-k\fR, \fB\-\-newcert\fR +create a new cert file for HTTPS man-in-the-middle. +.br +useful if you want to create a certfile with social engineered information... +.br +the new file is created in the current working directory. to permanently substitute the +default cert file (etter.sll.crt) you have to overwrite /usr/share/ettercap/etter.ssl.crt +.TP +\fB\-F\fR, \fB\-\-filter \fR +load the filters chains from FILENAME +.br +the Filtering chains file is written in pseudo XML format. You can write by hand this +file or (better) use the ncurses interface to let ettercap create it (press 'F' in the +connection list interface). If you are skilled in XML parsing, you can write your own +program to make a filter chain file. +.Sp +the rules are simple: +.Sp +If the proto AND the source port AND the dest port AND the payload +match the rules, after the filter as done its action , it jumps in the chain +to the filter id specified in the field, else it jumps to . +If these field are left blank the chain is interrupted. Source and dest port equal to +0 (zero) means ANY port. You can use wildcards in the search string (see README for detail) +.Sp +NOTE: with this options filter are enabled by default, if you want to +disable them on the fly, press "S" (for source) or "D" (for dest) while sniffing +.Sp +NOTE: on command line the hosts are parsed as "ettercap -F etter.filter DEST SOURCE", so +the first host is bound to the dest chain and the second to the source chain. +.Sp +VERY IMPORTANT: the source chain is applied to data COMING FROM source and NOT GOING TO +source. keep this in mind !! the same is for dest... +.TP +\fB\-c\fR, \fB\-\-check\fR +check if you were poisoned by other poisoners in the LAN +.TP +\fB\-t\fR, \fB\-\-linktype\fR +check if you are on a switched LAN or not... Sometimes this discovery method can fail. +don't trust it at 100% + + +.SH TARGET SPECIFICATION +The targets are parsed on command line in reverse order. The first host is the DEST and the +second is the SOURCE. this doesn't care if you are sniffing in ip based mode, because +source and dest are ignored, but if you are filtering the connection this is crucial for +the binding of the related filter chain. +.br +The reverse order is due to a more intuitive interface for plugins. because some plugins +need the dest host to be specified, it is simpler to type: +"ettercap -Np ooze victim" than "ettercap -Np ooze NOONE victim". +.br +The targets can be specified in dotted notation (192.168.0.1) or with their symbolic name +(victim.mynet.org). Only within the -H (--hosts) option you can use wildcards. + + +.SH INTERACTIVE MODE +The interactive mode (ncurses mode) is automatically selected if ettercap is launched +without the option -N . Explain what you can do with it will take pages and pages... and I'm +not a good writer... so if you don't know what can you do in some circumstances, simply +press 'H' and a help screen will popup. there you can find a detailed list of all available +commands. + + +.SH EXAMPLES +Here are some examples of using ettercap. +.TP +.B ettercap -b +.Sp +On startup use broadcast ping to scan the LAN instead of ARP request all the +subnet IPs. +.TP +.B ettercap -H "192.168.0.?,192.168.0.3?,192.168.0.2*" +.Sp +On startup scan only the host 192.168.0.1-9, 192.168.0.30-39, 192.168.0.2, +192.168.0.20-29 and 192.168.0.200-255. +if the PUBLICARP method will be selected only these host will be poisoned. +.TP +.B ettercap -s 192.168.0.1 192.168.0.2 +.Sp +Enter the interactive mode and sniff only the connections between 192.168.0.1 and 192.168.0.2 +.TP +.B ettercap -Nzs -F etter.filter 192.168.0.1 192.168.0.2 +.Sp +Load filter from etter.filter and activate them on all the connection between 192.168.0.1 +and 192.168.0.2 . Only Log action will be supported because it is a -s (ipsniffing) method. +192.168.0.1 is bound to the dest chain and 192.168.0.2 to the source one. +To enable even the replacement and drop actions you have to launch "ettercap -Nza -F +etter.filter IP IP MAC MAC" +.TP +.B ettercap -zs -e etter.conf +.Sp +Use the ip based sniffing mode and load the other option from the config file (etter.conf). +Note that options in the file override command line. +.TP +.B ettercap -Nzs victim.my.net ANY:80 +.Sp +Sniffs in console mode (non interactive) only the connection to and from "victim.my.net" +starting or ending to all other hosts but on port 80 (www). data are dumped in ASCII +mode. to dump in HEX mode add the -x option. +.TP +.B ettercap -NRzs remote.host.net:23 my.local.host.com +.Sp +Useful to sniffs in console mode (non interactive) all the connection on a remote LAN +on which you are executing ettercap. this example will prevent to show your telnet (:23) +connection from "my.local.host.com" to "remote.host.net". +.TP +.B ettercap -Nclt +.Sp +This will provide you the entire list of hosts in the LAN. Will check if someone is +poisoning you and will report its IP. Will tell you if you are on a switched LAN or not. +.TP +.B ettercap -NCLzs --quiet +.Sp +This will detach ettercap from console and log to a file all the collected password. +Only works if the LAN is hubbed, or if collected password are directed to your host. +.TP +.B ettercap -NCza -D 100 192.168.0.1 192.168.0.2 55:23:A5:B4:C7:89 00:A3:56:FE:4F:6D +.Sp +Collect password to stdout on a switched LAN. this will poison the two host 192.168.0.1 +and 192.168.0.2 each other. The delay between arp replies is set to 100 sec. +.TP +.B ettercap -Np triton +.Sp +Launch the plugin "triton" that will try to passively search for the LAN gateway. +.TP +.B ettercap -Np ooze victim.mynet.org +.Sp +Launch the plugin "ooze" that will portscan the host "victim.mynet.org" that will be translated +with the right IP + +.SH PLATFORMS +Linux 2.0.x 2.2.x 2.4.x +.br +FreeBSD 4.x +.br +OpenBSD 2.[789] +.br +NetBSD 1.5 +.br +Mac OS X (darwin 1.3) + + +.SH FILES +/usr/share/ettercap/etter.conf - the config file +.br +/usr/share/ettercap/etter.filter - the filter chains +.br +/usr/share/ettercap/etter.ssl.crt - the SSL certificate for HTTPS m-i-t-m +.br +/usr/share/ettercap/mac-fingerprints - the network adapter vendor database +.br +/usr/share/ettercap/nmap-os-fingerprints - the nmap (c) Fyodor os fingerprint +.br +/usr/doc/ettercap-0.5.4/* - the DOCUMENTATION + + +.SH AUTHORS +Alberto Ornaghi (ALoR) +.br +Marco Valleri (NaGA) + + +.SH AVAILABILITY +http://ettercap.sourceforge.net/download/ +.Sp +Or if you want to do an automatic check of the latest version try "ettercap -vy" + + +.SH BUGS +Our software never has bugs. +.br +It just develops random features. ;) +.PP +.B KNOWN-BUGS +.PP +- It is better that you don't launch ettercap on a host that is a gateway +because it needs to disable ip_forwarding, it may cause problem with routing. +.PP +- You cannot use plugins on yourself. outgoing link layer packets are not +captured by the same socket, so they will be ignored. +.PP +- While poisoning on a switched LAN, ettercap won't sniff the traffic made +by your host to others. the technical reason is: otherwise ettercap will +forward your packets two time (and this is not good...) the artistic +reason is: why sniffing yourself with a man-in-the-middle method ? use +simple sniffing instead ! ;) +.PP +- While sniffing in Public ARP mode, ettercap can "view" only one way of +the connection, so some protocol dissectors can fail... +.PP +- under X11 resizing the xterm can give a corrupted visualization of the +interface. SIGWINCH is *partially* supported. +.PP +- ettercap doesn't handle fragmented packets... only the first segment +will be displayed by the sniffer. However all the fragments are correctly +forwarded. +.PP ++ please send bug-report, patches or suggestions to +or visit http://ettercap.sourceforge.net/forum/ and post it in the BUGS section. +.PP ++ to report a bug, recompile ettercap with 'configure --enable-debug' +and attach ettercap_debug.log to the mail in which U explain the problem. diff -uNr ettercap-0.6.4.orig/ettercap.spec ettercap-0.6.4/ettercap.spec --- ettercap-0.6.4.orig/ettercap.spec Thu Jan 1 01:00:00 1970 +++ ettercap-0.6.4/ettercap.spec Sat Feb 16 16:50:12 2002 @@ -0,0 +1,40 @@ +%define prefix /usr + +Summary: ettercap is a ncurses-based sniffer/interceptor utility +Name: ettercap +Version: 0.5.4 +Release: 1 +Serial: 20010906 +Packager: ALoR +Source: http://ettercap.sourceforge.net/download/%{name}-%{version}.tar.gz +URL: http://ettercap.sourceforge.net/ +License: GPL +Group: Networking/Utilities +Prefix: %{prefix} +Buildroot: %{_tmppath}/%{name}-%{version}-root + +%description +ettercap is a multipurpose sniffer/interceptor/logger for switched or "hubbed" LAN. + +%prep +%setup -q + +%build +./configure --prefix=%{prefix} --disable-debug --mandir=%{_mandir} +make +make plug-ins + +%install +rm -rf $RPM_BUILD_ROOT +make install DESTDIR=$RPM_BUILD_ROOT +make plug-ins_install DESTDIR=$RPM_BUILD_ROOT + +%clean +rm -rf $RPM_BUILD_ROOT + +%files +%defattr(-,root,root) +%{_mandir}/man8/* +%doc COPYING README README.PLUGINS HISTORY CHANGELOG AUTHORS TODO THANKS KNOWN-BUGS PORTINGS +%{prefix}/bin/* +%{prefix}/share/ettercap/*