Hi ComaX,
good job.
One suggestion...why don't you include the option to start ettercap in text mode? it would be a great thing i think! (it's just a suggestion of course!!!).
Printable View
Hi ComaX,
good job.
One suggestion...why don't you include the option to start ettercap in text mode? it would be a great thing i think! (it's just a suggestion of course!!!).
Thanks !Quote:
Originally Posted by Ubuntu4life
I don't know when you posted that, but I missed answers for a time... Anyway, that's done ! lauche the script with -e or --etter ;)Quote:
Originally Posted by michelinok
Also, I'm planning on adding DNS-spoofing feature in the next big update. That might take some time though, since I got back on Black Ops lately :p
What I would love to hear, is your input and latest features I added : stoping/resuming/etc. the realtime parsing and the ettercap option ;)
As always, don't hesitate to make any suggestion, even grammar-wise if ever I misspelled something.
My website is not up-to-date, but the script version as I write this is 0.9 and the download button will retrieve the last version ;)
Hey there ComaX ..
I haven't used your script (yet), but I've been very inspired by the code you've written..
I'm currently working on a script that set's up a fake access point, runs ssl-strip and then greps the sslstrip.log..
I really had issues figuring out how to cat sslstrip.log | grep username/password, but after I read your code, I noticed how you did. Really nice way of doing it..
I'm planning on using the code in my script, if you don't mind? (and of course the credit will go out to you;> )
//M00kaw
No problem, please do ;) Good luck on your script !Quote:
Originally Posted by M00kaw
Hi comaX,
for the ettercap question...maybe my english is not so good...but i meant using ettercap for sniffing passwords instead of using your parsing algorithm.
Any idea about of using ettercap this way? (or am i missing somthing?)
Oops, I misunderstood you. Well, that is possible but it would require saving pcap file and running etter-something to parse cookies, and that's not really where I'm headed. Maybe I could add an option to use ettercap instead of my parsing, but that would defeat hours of work trying to achieve that all by myself (and that was one hell of a work !), so my ego wouldn't like that very much (yup, I'm French :p ).Quote:
Originally Posted by michelinok
Seriously, I'll give it a try, it could be handy ;)
Hi, your script works almost perfect. I do have 1 major issue though. Whenever I am using it, the attacked machines will not reach any webpage in first attempt (Throws error 303 on Macs). Refreshing the page will, however, load it perfectly normal. I've tried to track down the problem, and I think it is something with sslstrip, but I am not completely sure
Happens from time to time for me too... But the script is not at fault here, so there's not much I can do to help ! Have you tried doing the attack manually to check if it does the same thing ? I believe it will, but it's worth giving it a shot !Quote:
Originally Posted by Nucci
Yep, i have the same problem, it's a sslstrip issue though.. And it's from the 0.9 version, cause versions < 0.9 dont have that bug, anyway, speed improvements and other bugs have been fixed in 0.9, so i'd recommend you stick to this version and wait for Moxie to fix it. How's that update going ComaX? :)Quote:
Originally Posted by Nucci
I didn't have much time those last days between parties, lack of sleep, my work on Maemo's version of yamas, lack of sleep, real work, and some more lack of sleep :p. But we're getting close to an end on the handled version, so I'll get back on track with this one to provide new features as soon as I can !Quote:
Originally Posted by Binx_23
I'll keep you guys posted !
And since there isn't as much feedback as before, I suppose people are pretty much satisfied with the current version, so I don't *need* to do much right now. Only new features that can wait !