ip6tables table 'nat' does not exist - Cant insert firewall redirects.

[illuminat33d]

Hi, i need help with this. I have a Nexus 5x with Kali Nethunter kernel 3.10.83-Re4son-3.5, i configured the etter.conf and uncomment the # in redir_command_on/off and ipv6 redir command_on/off, i have selected iptables with legacy and when init ettercap -T -i wlan1 this says

Greets! ;)

PD : Someone know this error at init of arpspoof : unknown physical layer type 0x212

[koeppea]

Since the platform is Android which is similar to Linux but is not really Linux it's hard to tell. Actually I don't know why ip6tables is not available and how Android is doing IPv6 firewalling.

What you can try to go w/o IPv6 support. Either by leaving the redir6_command_(on|off) commands commented out or by re-compiling Ettercap without IPv6 support (-DENABLE_IPV6=Off when configuring using cmake).

BTW: You only need these commands if you want to do SSL interception. If you just want to do MITM w/o intercepting SSL, you can leave all redir6?_command_(on|off) commented out.

[illuminat33d]

Works compiling without ipv6.!!! Thanks!! Other question, sslstrip, its works for get passwords and logins ? Because i do MITM :

ettercap -T -i wlan1 -M arp /IPVictim/ -P autoadd

This capture the ssl but no get the login data and i do the ipv4 forward = 1

I tested in diferent browsers but no capture the login and some times not load the website completed..

Greets thanks for reply!!

[koeppea]

sslstrip plugin aims for substituting https:// links with http:// links. It depends on the webserver configuration or webapp if the website is also working using HTTP. sslstrip works on port 80 - so unencrypted HTML.

Your ettercap call is lacking the second target specification. you should also submit the remote keyword for ARP MITM so that it's also doing MITM for traffic destined outside the local network.

ettercap -T -i wlan1 -M arp:remote /$gateway_IP/ /$victim_IP/

Doing MITM over wireless is not that reliable as when doing on wire. Some Wireless infrastructure supresses ARP messages to reduce unnecessary broadcast traffic over the air.

You might try to play with the configuration parameters arp_poison_smart and arp_poison_request instead of arp_poison_reply. In some wireless environments, this can improve the reliability of the poisoning.

Successful MITM depends on many factors and it's not given that it will be able at all. In general, a very well understanding of the underlying mechanics and protocols and the surrounding environment is crucial.

[koeppea]

Closing this issue, since disabling IPv6 support at compile time fixed the issue.