← 返回命令列表

Linux command

ettercap 命令

文本

复制后可按需替换文件名、目录或参数。

常用示例

Start graphical

ettercap -G

ARP poisoning

ettercap -Tq -M arp:remote /[target1]// /[target2]//

Sniff on interface

ettercap -Tq -i [eth0]

Use text interface

ettercap -T

Load plugin

ettercap -Tq -P [dns_spoof]

Read from pcap

ettercap -T -r [capture.pcap]

Write captured packets

ettercap -Tq -w [output.pcap] -M arp /[target]// /[gateway]//

Run as daemon

ettercap -D -M arp /[target]// /[gateway]//

说明

Ettercap is a comprehensive suite for man-in-the-middle attacks on LAN. It supports active and passive protocol analysis, including features for network and host analysis. The tool can intercept traffic through ARP poisoning, allowing packet sniffing, injection, and filtering. Plugins extend functionality for DNS spoofing, OS fingerprinting, and more. Ettercap is used for network security testing, protocol analysis, and penetration testing on authorized networks.

参数

-G
Graphical (GTK) interface.
-T
Text-only interface.
-M _METHOD_
MITM attack method.
-i _INTERFACE_
Network interface.
-P _PLUGIN_
Load plugin.
-r _FILE_
Read from pcap file.
-w _FILE_
Write to pcap file.
-q
Quiet mode (suppress packet content display).
-D
Daemonize ettercap (run in background).
-F _FILE_
Load a filter file (compiled with etterfilter).
-L _FILE_
Log all traffic to this file.
--help
Display help information.

FAQ

What is the ettercap command used for?

Ettercap is a comprehensive suite for man-in-the-middle attacks on LAN. It supports active and passive protocol analysis, including features for network and host analysis. The tool can intercept traffic through ARP poisoning, allowing packet sniffing, injection, and filtering. Plugins extend functionality for DNS spoofing, OS fingerprinting, and more. Ettercap is used for network security testing, protocol analysis, and penetration testing on authorized networks.

How do I run a basic ettercap example?

Run `ettercap -G` in a terminal, then adjust file names, paths, flags, or remote targets for your system.

What does -G do in ettercap?

Graphical (GTK) interface.