View previous topic :: View next topic |
Author |
Message |
ev56o Apprentice
Joined: 26 Jan 2010 Posts: 180
|
Posted: Thu Mar 04, 2010 10:48 am Post subject: Prob con Ettercap e Iptables, forse un Bug. |
|
|
Code: |
marco m # ettercap -G
ettercap NG-0.7.3 copyright 2001-2004 ALoR & NaGA
Dissector "dns" not supported (etter.conf line 70)
iptables: No chain/target/match by that name.
iptables: No chain/target/match by that name.
iptables: No chain/target/match by that name.
iptables: No chain/target/match by that name.
iptables: No chain/target/match by that name.
iptables: No chain/target/match by that name.
iptables: No chain/target/match by that name.
iptables: No chain/target/match by that name.
iptables: No chain/target/match by that name.
|
a questo punto chiudo l' applicazione normalmente...
Code: |
FATAL: Module ip_tables not found.
iptables v1.4.3.2: can't initialize iptables table `nat': Permission denied (you must be root)
Perhaps iptables or your kernel needs to be upgraded.
FATAL: Module ip_tables not found.
iptables v1.4.3.2: can't initialize iptables table `nat': Permission denied (you must be root)
Perhaps iptables or your kernel needs to be upgraded.
FATAL: Module ip_tables not found.
iptables v1.4.3.2: can't initialize iptables table `nat': Permission denied (you must be root)
Perhaps iptables or your kernel needs to be upgraded.
FATAL: Module ip_tables not found.
iptables v1.4.3.2: can't initialize iptables table `nat': Permission denied (you must be root)
Perhaps iptables or your kernel needs to be upgraded.
FATAL: Module ip_tables not found.
iptables v1.4.3.2: can't initialize iptables table `nat': Permission denied (you must be root)
Perhaps iptables or your kernel needs to be upgraded.
FATAL: Module ip_tables not found.
iptables v1.4.3.2: can't initialize iptables table `nat': Permission denied (you must be root)
Perhaps iptables or your kernel needs to be upgraded.
FATAL: Module ip_tables not found.
iptables v1.4.3.2: can't initialize iptables table `nat': Permission denied (you must be root)
Perhaps iptables or your kernel needs to be upgraded.
FATAL: Module ip_tables not found.
iptables v1.4.3.2: can't initialize iptables table `nat': Permission denied (you must be root)
Perhaps iptables or your kernel needs to be upgraded.
FATAL: Module ip_tables not found.
iptables v1.4.3.2: can't initialize iptables table `nat': Permission denied (you must be root)
Perhaps iptables or your kernel needs to be upgraded.
|
e restituisce quest' output. |
|
Back to top |
|
|
Kernel78 Moderator
Joined: 24 Jun 2005 Posts: 3654
|
Posted: Thu Mar 04, 2010 2:04 pm Post subject: |
|
|
prova a lanciarlo con l'opzione -T invece di -G e vediamo se ti da altre segnalazioni _________________ Le tre grandi virtù di un programmatore: pigrizia, impazienza e arroganza. (Larry Wall).
Prima di postare un file togli i commenti con Code: | grep -vE '(^[[:space:]]*($|(#|!|;|//)))' |
|
|
Back to top |
|
|
ev56o Apprentice
Joined: 26 Jan 2010 Posts: 180
|
Posted: Fri Mar 05, 2010 12:32 pm Post subject: |
|
|
Sembra non cambiare niente:
Code: |
marco m # ettercap -T
ettercap NG-0.7.3 copyright 2001-2004 ALoR & NaGA
Dissector "dns" not supported (etter.conf line 70)
iptables: No chain/target/match by that name.
iptables: No chain/target/match by that name.
iptables: No chain/target/match by that name.
iptables: No chain/target/match by that name.
iptables: No chain/target/match by that name.
iptables: No chain/target/match by that name.
iptables: No chain/target/match by that name.
iptables: No chain/target/match by that name.
iptables: No chain/target/match by that name.
Listening on eth0... (Ethernet)
eth0 -> 00:17:31:5C:BF:B0 192.168.0.62 255.255.255.0
Privileges dropped to UID 65534 GID 65534...
28 plugins
39 protocol dissectors
53 ports monitored
7587 mac vendor fingerprint
1698 tcp OS fingerprint
2183 known services
Starting Unified sniffing...
Text only Interface activated...
Hit 'h' for inline help
Fri Mar 5 13:29:30 2010
TCP 192.168.0.62:49386 --> 213.158.72.24:80 | FA
Fri Mar 5 13:29:30 2010
TCP 213.158.72.24:80 --> 192.168.0.62:49386 | RA
Fri Mar 5 13:29:32 2010
TCP 192.168.0.62:46947 --> 204.187.15.12:80 | FA
Fri Mar 5 13:29:33 2010
TCP 192.168.0.62:49387 --> 213.158.72.24:80 | FA
Fri Mar 5 13:29:33 2010
TCP 213.158.72.24:80 --> 192.168.0.62:49387 | RA
Fri Mar 5 13:29:33 2010
TCP 192.168.0.62:46950 --> 204.187.15.12:80 | FA
Fri Mar 5 13:29:37 2010
TCP 192.168.0.62:46957 --> 204.187.15.12:80 | FA
Fri Mar 5 13:29:37 2010
TCP 192.168.0.62:46956 --> 204.187.15.12:80 | FA
Fri Mar 5 13:29:38 2010
TCP 192.168.0.62:46946 --> 204.187.15.12:80 | FA
Fri Mar 5 13:29:40 2010
TCP 192.168.0.62:46951 --> 204.187.15.12:80 | FA
Inline help:
[vV] - change the visualization mode
[pP] - activate a plugin
[lL] - print the hosts list
[oO] - print the profiles list
[cC] - print the connections list
[sS] - print interfaces statistics
[<space>] - stop/cont printing packets
[qQ] - quit
Fri Mar 5 13:29:49 2010
TCP 192.168.0.62:46959 --> 204.187.15.12:80 | FA
Fri Mar 5 13:29:49 2010
TCP 192.168.0.62:46960 --> 204.187.15.12:80 | FA
Fri Mar 5 13:29:50 2010
TCP 192.168.0.62:46955 --> 204.187.15.12:80 | FA
Fri Mar 5 13:29:51 2010
TCP 192.168.0.62:46954 --> 204.187.15.12:80 | FA
Closing text interface...
Unified sniffing was stopped.
FATAL: Module ip_tables not found.
iptables v1.4.3.2: can't initialize iptables table `nat': Permission denied (you must be root)
Perhaps iptables or your kernel needs to be upgraded.
FATAL: Module ip_tables not found.
iptables v1.4.3.2: can't initialize iptables table `nat': Permission denied (you must be root)
Perhaps iptables or your kernel needs to be upgraded.
FATAL: Module ip_tables not found.
iptables v1.4.3.2: can't initialize iptables table `nat': Permission denied (you must be root)
Perhaps iptables or your kernel needs to be upgraded.
FATAL: Module ip_tables not found.
iptables v1.4.3.2: can't initialize iptables table `nat': Permission denied (you must be root)
Perhaps iptables or your kernel needs to be upgraded.
FATAL: Module ip_tables not found.
iptables v1.4.3.2: can't initialize iptables table `nat': Permission denied (you must be root)
Perhaps iptables or your kernel needs to be upgraded.
FATAL: Module ip_tables not found.
iptables v1.4.3.2: can't initialize iptables table `nat': Permission denied (you must be root)
Perhaps iptables or your kernel needs to be upgraded.
FATAL: Module ip_tables not found.
iptables v1.4.3.2: can't initialize iptables table `nat': Permission denied (you must be root)
Perhaps iptables or your kernel needs to be upgraded.
FATAL: Module ip_tables not found.
iptables v1.4.3.2: can't initialize iptables table `nat': Permission denied (you must be root)
Perhaps iptables or your kernel needs to be upgraded.
FATAL: Module ip_tables not found.
iptables v1.4.3.2: can't initialize iptables table `nat': Permission denied (you must be root)
Perhaps iptables or your kernel needs to be upgraded.
| . |
|
Back to top |
|
|
Kernel78 Moderator
Joined: 24 Jun 2005 Posts: 3654
|
Posted: Fri Mar 05, 2010 1:12 pm Post subject: |
|
|
giusto un paio di domande:
- hai compilato il kernel con il supporto per iptables ?
- lanci il programma da root ? _________________ Le tre grandi virtù di un programmatore: pigrizia, impazienza e arroganza. (Larry Wall).
Prima di postare un file togli i commenti con Code: | grep -vE '(^[[:space:]]*($|(#|!|;|//)))' |
|
|
Back to top |
|
|
ev56o Apprentice
Joined: 26 Jan 2010 Posts: 180
|
Posted: Fri Mar 05, 2010 2:25 pm Post subject: |
|
|
Code: |
m@marco ~ $ cat /usr/src/conf | grep TABLE
CONFIG_HAVE_UNSTABLE_SCHED_CLOCK=y
# CONFIG_RELOCATABLE is not set
CONFIG_CPU_FREQ_TABLE=y
CONFIG_IP_MULTIPLE_TABLES=y
# CONFIG_IPV6_MULTIPLE_TABLES is not set
CONFIG_NETFILTER_XTABLES=y
CONFIG_IP_NF_IPTABLES=y
CONFIG_IP6_NF_IPTABLES=y
CONFIG_INPUT_TABLET=y
# CONFIG_TABLET_USB_ACECAD is not set
# CONFIG_TABLET_USB_AIPTEK is not set
# CONFIG_TABLET_USB_GTCO is not set
# CONFIG_TABLET_USB_KBTAB is not set
# CONFIG_TABLET_USB_WACOM is not set
|
Ho compilato il kernel con il supporto ad iptables e lancio ettercap da root. Il prog iptables sembra funzionare correttamante:
Code: |
marco m # iptables
iptables v1.4.3.2: no command specified
Try `iptables -h' or 'iptables --help' for more information.
| . |
|
Back to top |
|
|
ago Developer
Joined: 01 Mar 2008 Posts: 1527 Location: Milan, Italy
|
Posted: Sun Jun 06, 2010 2:26 pm Post subject: |
|
|
il problema nasce nel momento in cui togli i commenti in e hai un qualcosa del genere: Code: | iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000 |
ora indipendentemente da ettercap se lanci il tutto su una shell da lo stesso errore, per risolvere il tutto basta fare una modifica nel kernel, quindi avere: Code: | CONFIG_IP_NF_TARGET_REDIRECT=m |
Per fare tutto ciò basta andare a spuntare come modulo:
Code: | [*] Networking support --->
Networking options --->
[*] Network packet filtering framework (Netfilter) --->
IP: Netfilter Configuration --->
<M> Full NAT
<M> REDIRECT target support |
In più per evitare errori come: Code: | FATAL: Module ip_tables not found. | si dovrebbero tenere i moduli iptables marcati come M e non builtin (*) |
|
Back to top |
|
|
oRDeX Veteran
Joined: 19 Oct 2003 Posts: 1325 Location: Italy
|
Posted: Fri Jun 11, 2010 4:55 pm Post subject: |
|
|
moduli o built-in cambia poco alla fine..basta che se è modulo, questo sia caricato nel momento dell'utilizzo.
dato che l'errore dice proprio che non trova la tabella di "NAT" devi inserire nel kernel appunto questo modulo di iptables che ti fornisce tale tabella. |
|
Back to top |
|
|
ago Developer
Joined: 01 Mar 2008 Posts: 1527 Location: Milan, Italy
|
Posted: Fri Jun 11, 2010 6:47 pm Post subject: |
|
|
oRDeX wrote: | moduli o built-in cambia poco alla fine..basta che se è modulo, questo sia caricato nel momento dell'utilizzo.
dato che l'errore dice proprio che non trova la tabella di "NAT" devi inserire nel kernel appunto questo modulo di iptables che ti fornisce tale tabella. |
più che altro credo che vada abilitata se stai "nattando" qualcosa no?
probabilmente se il pc fa da router... |
|
Back to top |
|
|
|