Forum Thread: Python Credential Sniffer (Small Patch)

Python Credential Sniffer (Small Patch)

Alright, this is a little "patch" to the previous version. This way, you can enter or something like that as the target. That way you can sniff the whole network for credentials.


  • Ability to sniff the whole network
  • No "spam" from ARPspoof. The only output is the credentials now.


  • ARPspoof (I accidentally left that in after removing SSLstrip)
  • Gateway detector (not needed without ARPspoof)

Still working on HSTS support! I will replace the removed tools to go with SSLstrip+.

Download the patch here...

C|H of C3

16 Responses

Hi. When I run the script it says:
Incorrect number of token (///) in TARGET !!

Do I have to delete the '/' in the subprocess call to fix this, or the script will work fine either way?

I have no idea why it doesn't work. It should work as long as you do instead of

But when you run it with that range ( does it give you this error:
Incorrect number of token (///) in TARGET !!

Or is something specific to my machine?

Well, whatever your LAN's IP range is. For me its, but for others it could be (most commonly). I was just giving an example. You must use your own subnet range. Can you send me a picture of your actions?

Yeah that's my LAN's IP range.
Of course:

I'm running it in ubuntu, could that be the problem?

It shouldn't be...

Could you show me the source code?

Directly from vim:

Hmm, nothing wrong there. There's no reason it shouldn't work that I can see. I'll do some experimenting later.

Has anyone else with the same subnet made this work?

Well, I did the same thing you did in Kali, and everything worked. It is either the version of Ettercap (syntax might be different), or might be Ubuntu. I'll try it on Ubuntu now.

Yeah, it looks like Ubuntu is the problem. It didn't work for me in that either. Ettercap is on v0.8.2 just like on Kali, so I have no idea why it does that. Incompatibility... sorry about that. If you find a way to fix it, please share.

Ok, I'll do some research. Thanks!

No, don't delete the slashes. There are part of the Ettercap configuration.

Ok. I was confused about that.

Without looking at your code I can tell you that this kinda generic error has occurred in previous versions of ettercap. Seems to have something to do with IPv6 being enabled in most cases. The number of slashes is different I'm sure.

Good job also can this be impletmented in other languages such as C++ or Perl ?
Also this sniffer do you have to be connected to there network ?
Or you just enter there IP address

Yeah, you should be in target's network.

Share Your Thoughts

  • Hot
  • Active