Page 8 of 8 FirstFirst ... 678
Results 71 to 79 of 79

Thread: [Video] How to: Snifff SSL / HTTPS (sslstrip)

  1. #71
    Moderator g0tmi1k's Avatar
    Join Date
    Feb 2010
    Posts
    1,771

    Default Re: [Video] How to: Snifff SSL / HTTPS (sslstrip)

    Quote Originally Posted by dfzquery View Post
    Absolutely great tutorial!


    Wrote earlier I was experiencing some trouble with sslstrip and the Iptables.
    NEVERMIND!
    I did forward it to --to-ports 10000
    changed it to 8080 and now it works great!

    Thanks man!
    Great to hear you have it working



    Quote Originally Posted by jFcOOd View Post
    10x man for the tutorial i rly love it easy simple and effective
    Thanks for the thanks, good to hear its working for you.



    Quote Originally Posted by trixify View Post
    Thanks for great video!

    I have an problem to do this on my new NETGEAR router, all computers who ware connected to this new router gets an IP: 10.0.0.X and the router IP gateway is: 10.0.0.1

    Ettercap only find 10.0.0.1 the router default gateway when i scan, the other computers who is connect to it doesnt show up, can't find them. Why's that? Is it to good secured? How will i do to see the other victims who are connected to this router?
    Can you verify that you are connected? Can you ping another host on the network? Are you going from wireless to wired? Log in to the router, and have a look at the security settings.



    Quote Originally Posted by PHPMyEttercap View Post
    First of all thanks to g0tmi1k for this amazing tutorial !

    However I was able to sniff SSL passwords without typing all these commands. All I did was uncomment the 2 lines from /etc/etter.conf then run Ettercap with ARP Poisonning. Then I was able to sniff all ssl passwords without problem. What am I doing wrong ?

    2nd question : I hacked my own network (I'm the admin) with Ettercap. Do I need do delete the fake certificates installed on the victim's computer during the test ? If I don't delete them, is it possible for a hacker who breaks into my network to "reuse" these fake certificates ? thanks.
    Yes, you can use ettercap to do the MITM rather than using arpspoof like in the video.

    It sounds like the issue is that on your target computer, as you have already allow the fake certificate! Hence why it HTTPS. (You have allowed the fake certificate to the expectation list?)
    The idea behind SSLStrip is that the target doesn't have to accept the fake certificate, as it removes the certificate all together.
    Try using another client or removing the certificate from the expectation, or use a different browser - see if it is still working for you.

    This guide doesn't install a fake certificate...
    And yes. If you have added it to accept a fake certificate, I'm sure you would be vulnerable. It’s best to remove it ASAP.



    Quote Originally Posted by PeopleInPower View Post
    I g0t Mi1k!
    Thanks a lot for this, took a bit of tweeking to get things going smoothly but in the end everything was peachy! Again, thank you!

    So this was my first successful 'hack', if you will! Like I said it took a bit of tweeking to get going, but any bumps I hit were because I lacked a full understanding of what I was doing... So I'm just gonna list off a couple of things I'm uncertain of.

    So I'm on my own private address space on my little LAN. Finest.
    I'm using Ettercaps GUI, to carry out the ARP spoofing. - failed on my first attempt to execute this in Shell, I'll get back to it later. For now the GUI will suffice.

    Our first command:
    Code:
    echo 1 >/proc/sys/net/ipv4/ip_forward
    What exactly is happening here? I examined the file hoping for a hint as to what this is & what it's doing - but to no avail. What kind of file is this?
    I'm taking a stab at it what this command does.
    Are we simply setting our attacking machine to allow forwarding of any IPs that we intercept?

    After that I think I understand whats happening... so ya that's all for now!
    Where should my step in security exploits be, any recommendations?

    Thanks again g0tMi1k.
    Hugs etc etc


    P.S.

    I tested this out on the following:
    Gmail
    Hotmail (Cert warning flashed up once after logon.)
    (Chrome, page layout distorted after logon)
    Vodafone.com
    warez-bb

    Browsers:
    Opera
    Chrome
    Firefox

    All was well.
    Code:
    echo 1 >/proc/sys/net/ipv4/ip_forward
    This enables IP forwarding. This is needed to forward IP packets from one source to another. e.g. From the target to the router! Otherwise they will not have internet access.
    The file is either 0 or 1, which disables or enables ip_forwarding and its just a text file

    I’m not sure what you mean by
    Where should my step in security exploits be, any recommendations?
    Thank you for your results regarding which sites you tried and browsers used. Always good to know.
    Have you...g0tmi1k?

  2. #72
    Just burned his ISO
    Join Date
    Mar 2011
    Posts
    1

    Default Re: [Video] How to: Snifff SSL / HTTPS (sslstrip)

    HI
    thnx to g0tMi1k
    i have problem with this method
    when i use this ,it will be show
    Immagini allegate Immagini allegate

  3. #73
    Administrator sickness's Avatar
    Join Date
    Jan 2010
    Location
    Behind the screen.
    Posts
    2,921

    Default Re: [Video] How to: Snifff SSL / HTTPS (sslstrip)

    Quote Originally Posted by dehcade View Post
    HI
    thnx to g0tMi1k
    i have problem with this method
    when i use this ,it will be show
    Modify the etter.conf for ettercap, and change the GID and UID to 0
    Back|track giving machine guns to monkeys since 2007 !

    Do not read the Wiki, most your questions will not be answered there !
    Do not take a look at the: Forum Rules !

  4. #74
    Just burned his ISO svalluke's Avatar
    Join Date
    Mar 2011
    Posts
    6

    Thumbs up Re: [Video] How to: Snifff SSL / HTTPS (sslstrip)

    Thanx g0tmilk
    very useful
    I have one question, when i use ettercap for all hosts, no body will have an access to internet
    Code:
    ettercap -TqM ARP:REMOTE // // -i wlan0
    but, when specific IP:
    Code:
    ettercap -TqM ARP:REMOTE /(AP)/ /(victim)/ -i wlan0
    works perfect.

    any ideas???

  5. #75
    Moderator g0tmi1k's Avatar
    Join Date
    Feb 2010
    Posts
    1,771

    Default Re: [Video] How to: Snifff SSL / HTTPS (sslstrip)

    Quote Originally Posted by svalluke View Post
    Thanx g0tmilk
    very useful
    I have one question, when i use ettercap for all hosts, no body will have an access to internet
    Code:
    ettercap -TqM ARP:REMOTE // // -i wlan0
    but, when specific IP:
    Code:
    ettercap -TqM ARP:REMOTE /(AP)/ /(victim)/ -i wlan0
    works perfect.

    any ideas???
    Check IP forwarding.
    You could try using arpspoof instead.
    Have you...g0tmi1k?

  6. #76
    Just burned his ISO svalluke's Avatar
    Join Date
    Mar 2011
    Posts
    6

    Default Re: [Video] How to: Snifff SSL / HTTPS (sslstrip)

    Quote Originally Posted by g0tmi1k View Post
    Check IP forwarding.
    You could try using arpspoof instead.

    It's not working.... i google it but i get nothing until now ... i will give answer back when i find it

  7. #77
    Just burned his ISO
    Join Date
    Feb 2011
    Location
    The Milky Way
    Posts
    3

    Thumbs up Re: [Video] How to: Snifff SSL / HTTPS (sslstrip)

    Quote Originally Posted by g0tmi1k View Post
    i’m not sure what you mean by
    Where should my step in security exploits be, any recommendations?
    thank you for your results regarding which sites you tried and browsers used. Always good to know.
    Your welcome!
    I was referring to what security exploit I should look into/try next. I guess I'll try some WEP cracking or something along those lines. Gotta get around to familiarize myself with airCrack & the likes!

    Again thanks for the vid & all the others you've posted...really nice to have!

  8. #78
    Moderator g0tmi1k's Avatar
    Join Date
    Feb 2010
    Posts
    1,771

    Default Re: [Video] How to: Snifff SSL / HTTPS (sslstrip)

    Quote Originally Posted by svalluke View Post
    It's not working.... i google it but i get nothing until now ... i will give answer back when i find it
    Well, do you get any errors?
    Can you see the traffic in wireshark?



    Quote Originally Posted by PeopleInPower View Post
    Your welcome!
    I was referring to what security exploit I should look into/try next. I guess I'll try some WEP cracking or something along those lines. Gotta get around to familiarize myself with airCrack & the likes!

    Again thanks for the vid & all the others you've posted...really nice to have!
    Sounds like a plan! Best of luck with it and cheers for the feedback =)
    Have you...g0tmi1k?

  9. #79
    Just burned his ISO
    Join Date
    Mar 2011
    Posts
    2

    Default Re : [Video] How to: Snifff SSL / HTTPS (sslstrip)

    good video

Page 8 of 8 FirstFirst ... 678

Similar Threads

  1. Sickness - Password Sniffing with SSLStrip.
    By sickness in forum BackTrack Videos
    Replies: 35
    Last Post: 09-17-2010, 01:16 PM
  2. creating BT4 USB persistent video
    By jimmy in forum Beginners Forum
    Replies: 0
    Last Post: 02-12-2010, 11:45 PM
  3. sslstrip w/ My Wired-Wireless Network
    By MassAppeal in forum Beginners Forum
    Replies: 11
    Last Post: 02-11-2010, 05:56 AM
  4. Video Capture Software
    By sprouty in forum Beginners Forum
    Replies: 4
    Last Post: 01-25-2010, 11:16 AM
  5. sslstrip v0.7
    By Mr-Protocol in forum Tool Requests
    Replies: 2
    Last Post: 01-18-2010, 06:33 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •