Hello to everyone, Im new here.. Im not very new but Im here..
I was reading this document:wich I think is very usefull, dont you think?Code:www . thoughtcrime . org/papers/ocsp-attack.pdf
I've work with sslstrip, arpspoof and ettercap together, but the message in the browser telling that "Conection not Trusted" is not cute at all right ?
So, with SSLSniff its suppoused that the message is gone, but..
Does anyone know how to apply this ?
You dont search much huh?
Please BSDKiller, don't say "SSLSniff". I hate it. (Just kidding).
If you search a little bit more at least here at the forum, as Purehate suggest you to do, then you will understand why I hate SSLSniff.
ok well i tried it but it didnt work.
I did everything just like the video and it didnt work.Code:root@bsdkiller:/usr/bin/sslstrip-0.7# cat sslstrip.log | grep www root@bsdkiller:/usr/bin/sslstrip-0.7# cat sslstrip.log | grep www
You know, thats what I dont like about forums, first of all Purehate, you dont even know if I have searched or not about this..
And I made reference to SSLSniff cuz of the document I was asking you all to read so you know what Im talking about..
Even tho that I am asking for help its obvious that I'd like some.. So.. why do you take the time to answer if your answer doesnt help in anyway ? Why dont you tell me instead "read about this" or "search about this".. it would be usefull and a good answer, dont u think?
I don't want to be devil's advocate for Purehate but it looks at least to me, I was doing allot of research about sslsniff, that you haven't search much.
You can look here:
I am sorry if I understand wrong and for my bad English.
Please have patience.
NIck the Geek; thank you for that information, this is much better than the last xD I think im gonna be all day testing to see if it works xD but thank u so much
and Some1, i've seen that video already, but thank u.
In fact, i am writing a tutorial that when I finish it im gonna post here, its about the same of you video, but the reason is that in that video you still get the "Connection not trusted" msg.. and as I said we dont want that xD
I think is becouse in the video they are still using SSLv1 instead SSLv2.
Thank u so much xD
If somebody has any idea, please, let me know.
grep -ai passw sslstrip.log |more