Related Security Tools

Disclaimer

Read before using

Authors

UCSniff Special Thanks

A special thanks goes out to all of the developers, contributors, and authors of Ettercap. Ettercap is simply an awesome security tool. We re-used the ARP Poisoning, dissector design, and re-direction capabilities of Ettercap within UCSniff.

Linux Installation

Dependencies

Basic Dependencies (Ubuntu 12.04, Mint Linux 13 - not tested, only built)

IMPORTANT NOTE:
UCSniff 3.20 has been developed and tested on the 32-bit version of the Ubuntu 12.04. These instructions also work for Mint Linux 13, but we have not test UCSniff on Mint Linux 13 at this time. We currently can't support it with 64-bit versions of Linux.

  • apt-get update
  • apt-get install build-essential
  • apt-get install zlib1g-dev liblzo2-dev
  • apt-get install libpcap0.8-dev libnet1-dev
  • apt-get install libasound2-dev
  • apt-get install libbz2-dev

GUI Dependencies

  • apt-get install libx11-dev
  • apt-get install libxext-dev
  • apt-get install libfreetype6-dev

Realtime Video Monitor Dependencies

Note: The minimum version required for vlc and libvlc-dev is at least 2.0.1 (Twoflower) or later.

  • apt-get install vlc
  • apt-get install libvlc-dev

A/V Muxing Dependencies

  • apt-get install libavformat-dev (this should also install libavutil-dev and libavcodec-dev)
  • apt-get install libavdevice-dev
  • apt-get install libswscale-dev
  • apt-get install libavfilter-dev
  • apt-get install libx264-dev
  • apt-get install libav-tools

Optional A/V Player/Muxing tools

  • apt-get install mplayer
  • apt-get instll mencoder

Remove the pulse audio debian package, if previously installed:

apt-get remove pulseaudio

Install from Source


Default UCSniff Installation

UCSniff compiles and runs well on Ubuntu 12.04. The following steps show a simple installation of UCSniff for VoIP and Video-only sniffing:

  1. tar -zxvf ucsniff-xxx.tar.gz
  2. cd ucsniff-xxx
  3. ./configure
  4. make
  5. make install

Features supported:

  • Audio Eavesdropping
  • Video Eavesdropping (creates h264 format file)
  • Creates an avi file and muxes audio and video
  • Creates a wav file and muxes both forward and reverse audio
  • Realtime Audio Monitor (UCSniff ALSA support)

UCSniff with GUI and Realtime Video Monitor(Recommended)

Note: The configure script option of '--enable-libvlc' enables the realtime video monitor capability of UCSniff

Dependency packages for realtime video monitor:

  • apt-get install vlc
  • apt-get install libvlc-dev
  1. ./configure --enable-libvlc --enable-gui
  2. make
  3. make install

Features supported:

  • Audio Eavesdropping
  • Video Eavesdropping (creates h264 format file)
  • Realtime Audio Monitor
  • GUI Support
  • Realtime Video Monitor
  • Creates an avi file and muxes audio and video
  • Creates a wav file and muxes both forward and reverse audio

    • libav-tools (was FFmpeg) vs. libvlc (Video support differences)

    libav-tools

    • Creates video output files in AVI container
    • Muxes audio and video, so that AVI files can play audio
    • Does not support Realtime Video Monitor

    libvlc

    • Creates video files as .h264 files, which plays in media players like VLC
    • Doesn't mux audio and video for the created .h264 video files
    • Supports Realtime Video Monitor

    Installation with GUI

    1. ./configure --enable-gui
    2. make
    3. make install

    Features supported:

    • Audio Eavesdropping
    • Video Eavesdropping (creates h264 format file)
    • Realtime Audio Monitor
    • GUI Support
    • Creates an avi file and muxes audio and video
    • Creates a wav file and muxes both forward and reverse audio

    UNDEFINED REFERENCE WITH NCURSES

    If you are facing compilation errors saying "undefined reference" to ncurses.h, uninstalling libncurses5-dev debian package followed by recompiling UCSniff should resolve the issue:

    1. apt-get remove libncurses5-dev
    2. ./configure
    3. make
    4. make install