Re: NEW SCRIPT Capturing Passwords With sslstrip AIRSSL.sh
Hi (I edit my post as I understand better what is my problem).
First thanks a lot for this script !
Here is the situation.
- I can create the fake AP and I can see it and connect it from another computer.
- I have a "good" IP address on my client computer (10.0.0.21 gw:10.0.0.1) BUT I can't access to Internet.
It is very strange because from my client if I launch a "tracert 66.249.92.104" (google.com), I can see that the computer is able to access to some ip address on the internet but "nothing".
So the forwarding seems to work because I can ping "some" ip address but not every one and so it is impossible to surf on the web while connected to the fake AP!
What could be the problem please ? (MTU problem ?)
Thank you
Re: NEW SCRIPT Capturing Passwords With sslstrip AIRSSL.sh
Hi killadaninja, just wanted to pop in and say thanks for stealing my work without giving me credit.
http://www.backtrack-linux.org/forum...-tutorial.html
Re: NEW SCRIPT Capturing Passwords With sslstrip AIRSSL.sh
I am having the same issue with DHCP. Only the computer running Windows 7 is able to receive an IP via DHCP. I tried it on an iPhone and computer running XP Pro SP3 and I was unable to get an IP.
As for the guy that said that the ssid was hidden, when I first ran the script, it wasnt showing the ssid that I had created. Seemed to be an issue with airbase. After a reboot, it was working fine. Not sure what was causing the problem.
Re: NEW SCRIPT Capturing Passwords With sslstrip AIRSSL.sh
Quote:
Originally Posted by
Deathray
Wow. You're the only person to come up with this technique, and no one, with the same information at hand, could of wrote a similar script? Impressive. Clearly your work is beyond us.
On a side note, excellent script killadaninja.
Re: NEW SCRIPT Capturing Passwords With sslstrip AIRSSL.sh
Quote:
Originally Posted by
Onemajorflaw
Wow. You're the only person to come up with this technique, and no one, with the same information at hand, could of wrote a similar script? Impressive. Clearly your work is beyond us.
On a side note, excellent script killadaninja.
No, but I am the one person who took the time making it work and writing the script. I completely agree it's not rocket science but for someone new at Linux I actually worked pretty hard on sorting out all the small details and fixing the small issues I encountered. That's why it kind of shocked me reading through killadninja's "howto" recognizing my own words and way's of formulating myself, thinking wtf!? Well my feelings aside and to the more moral part; If he wrote this from the bottom up, awesome! But all I see is my script with killadaninja's name on it and sslstrip added. Which to be honest would also be completely cool with me, as long as he at least mentioned me and didn't try and pretend something else. But life's to short for matters like these ^^ (i say after the wall of text, doh) I'm just glad to see people are benefiting from the work of multiple people combined ;)
Re: NEW SCRIPT Capturing Passwords With sslstrip AIRSSL.sh
Hi,
Thank you for the script, i've tested it and it's great! ... i just a question here, i tried to run the dns_spoof plug in on ettercap.. the script is still working and the when i do nslookup from the victim pc i get the spoofed IPs; however, from the browser, the victim isn't directed to the spoofed IP and he's still going to the real sites.. when checked the dns packets in wireshark, i saw that the dns queries were directed to the internet gateway and the real responses are directed back the victim.. so i think there should be something with iptables to solve this issue, i've tried a lot to play with them, but still same thing.. any idea? please help me :)
Re: NEW SCRIPT Capturing Passwords With sslstrip AIRSSL.sh
Quote:
Originally Posted by
Deathray
Quote:
Originally Posted by
Deathray
No, but I am the one person who took the time making it work and writing the script. I completely agree it's not rocket science but for someone new at Linux I actually worked pretty hard on sorting out all the small details and fixing the small issues I encountered. That's why it kind of shocked me reading through killadninja's "howto" recognizing my own words and way's of formulating myself, thinking wtf!? Well my feelings aside and to the more moral part; If he wrote this from the bottom up, awesome! But all I see is my script with killadaninja's name on it and sslstrip added. Which to be honest would also be completely cool with me, as long as he at least mentioned me and didn't try and pretend something else. But life's to short for matters like these ^^ (i say after the wall of text, doh) I'm just glad to see people are benefiting from the work of multiple people combined ;)
Are you joking? I will hold my tounge except for saying you do have some cheek Deathray coming to another persons thread making unjust claims, of coarse 2 scripts using airbase for a MITM attack are going to look near identical, a 1000 people could write it and ALL 1000 would look as similar as mine and yours, would it be possible to do it any other way? If for some reason you feel you deserve credit where 0 credit is due the best thing to do would have been to pm me, what you done was rude and obnoxious AND wrong. I will not be filling up this thread with an argument (if you think you still have one), if you feel some reason to continue the discussion feel free to pm me
Quote:
Originally Posted by
Onemajorflaw
Wow. You're the only person to come up with this technique, and no one, with the same information at hand, could of wrote a similar script? Impressive. Clearly your work is beyond us.
On a side note, excellent script killadaninja.
Hear hear, and thank you.
Quote:
Originally Posted by
xraystyle
Regardless of who wrote the script, I'd like to get it to work, and it's close. I think I've figured out what the problem was that people were having with dhcpd and the "permission denied" error.
If you're trying to get this running on Ubuntu as I am, you'll have this problem because apparmor screws with dhcpd3. You have to disable the dchpd3 profile in apparmor.
Code:
sudo ln -s /etc/apparmor.d/usr.sbin.dhcpd3 /etc/apparmor.d/disable/
sudo apparmor_parser -R /etc/apparmor.d/usr.sbin.dhcpd3
See apparmor documentation here:
https://help.ubuntu.com/community/AppArmor
Once that's done it keeps apparmor from screwing with the dhcp server. My dhcp xterm window would just crash every time i tried to run the script before this. You may get another "permission denied" error in the xterm window but it doesn't seem to affect the function of the dhcp server. You can watch the "discover-offer-request-acknowledge" sequence go by in the ettercap window and your victim machine will get an ip address.
Now that we've gotten that out of the way, here's my problem:
Once the victim machine gets an ip, it can't access the internet. The forwarding isn't working for some reason.
Side note: I did add the bits suggested earlier in the thread to use airmon-ng to start wlan0 and then set the interface to mon0. The script would error out otherwise.
Any ideas?
--xraystyle
Are you sure you have not configured ettercap to forward, you DO NOT want ettercap to be controlling forwarding, ie in the etter config the forwarding lines should remain commented.
Re: NEW SCRIPT Capturing Passwords With sslstrip AIRSSL.sh
This is a great script — thanks for sharing!
I'm having trouble getting the DHCP component working properly as well. I'm running a bone-stock BT4f live-cd with an RTL8187 chipset.
All of the individual processes seem to run properly (no error messages), but IP addresses aren't divvied. Any suggestions?
