There is a ssl-strip package in bt4 that works.
sslstrip errors
Hey everybody, i know i'm new to the forums and i genuinely try to not post questions up right off the bat after joining a new group, but I have been having problems with the sslstrip command in the virtualized VMware image of Backtrack 4 pre final. in my installation it didn't seem to exist so i downloaded the newest version of it from throughtcrime.org then extracted
after installing, the program is accessable from a bash shell in /root, and i can run --help and see the sslstrip options, i can also just launch the script with no tac augmentations. but when i try to specify a port via a command likeCode:tar zxvf sslstrip-0.5.tar.gz cd sslstrip-0.5 python setup.py install
i get the responce :Code:sslstrip -s -l 8080
i have tried and tried looking through pages and pages of information trying to find somebody who has resolved this problem and what i am doing wrong, as it seems to be working for most other people.Code:Traceback (most recent call last): File "/usr/bin/sslstrip", line 108, in <module> main(sys.argv[1:]) File "/usr/bin/sslstrip", line 101, in main reactor.listenTCP(listenPort, strippingFactory) File "/usr/lib/python2.5/site-packages/twisted/internet/posixbase.py", line 328, in listenTCP p.startListening() File "/usr/lib/python2.5/site-packages/twisted/internet/tcp.py", line 737, in startListening skt.bind((self.interface, self.port)) File "<string>", line 1, in bind TypeError: an integer is required
before launching sslstrip the commands i had issued before were of course the
after that i tried to issue the commandCode:echo "1" > /proc/sys/net/ipv4/ip_forward iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 8080
even without any filtering augmentations, just to see if i could get it to launch on that port, and still it gives me the errorCode:sslstrip -l 8080
is there something i am fundementally doing wrong trying to launch this redirect? It seems to me that sslstrip is just not working properly with augmentation commands, as it will launch fine if i strictly type inCode:Traceback (most recent call last): File "/usr/bin/sslstrip", line 108, in <module> main(sys.argv[1:]) File "/usr/bin/sslstrip", line 101, in main reactor.listenTCP(listenPort, strippingFactory) File "/usr/lib/python2.5/site-packages/twisted/internet/posixbase.py", line 328, in listenTCP p.startListening() File "/usr/lib/python2.5/site-packages/twisted/internet/tcp.py", line 737, in startListening skt.bind((self.interface, self.port)) File "<string>", line 1, in bind
Thanks for your help guys, and i'm sorry to be asking such questions so early into my time on the boardCode:sslstrip ##and i recieve the following until i Ctrl-C out of it root@bt:~# sslstrip sslstrip 0.5 by Moxie Marlinspike running... ^Croot@bt:~#
There is a ssl-strip package in bt4 that works.
if i may, in the version i'm using i cannot find it for the life of me. i've searched everywhere, it's not in privilege escilation and ferret is not installed either. where exactly should it be? and if it's just a glitch with the vmware image i'm using how would one normally go about adding it? as i have already installed the package from throughtcrime.org without success when launching with augmentations
thanks in advance, and i appreciate any imput, thanks again
find / -name ssl-strip
or
apt-cache search ssl-strip
Thanks for helping parachute, i've ran searches and apparently it's not in the vmware image of backtrack 4
multiple spellings returned no working directory :S, and i mean i'm not trying to ask stupid questions, as i've of course gone through and installed the package manually with the thoughtcrime.org v0.5 package, but i still get errors when i try to use the script as i mentioned below. Any ideas on if i need another package or to update something in order to get it to function properly?Code:root@bt:~# find / -name sslstrip root@bt:~# find / -name ssl-strip root@bt:~# find / -name sslstrip.py root@bt:~# apt-cache search sslstrip root@bt:~# apt-cache search ssl-strip root@bt:~#
i appreciate all the help
I used sslstrip on bt4 (pf) vmware image and it worked just fine. Try writing, for example, sslstrip -a -k -f in a console window and see what you get...Originally Posted by Deviant Socket
i have tried and it still doesnt work, so here is exactly what i'm doing
**i start out showing that nothing happens when i try to run sslstrip (bash command not found), then i install the tar.gz setup package that i got from thoughtcrime.org...and you can see exactly what i'm doing
see....when i try and run it with agumentations like trying to make it monitor port 8080 with the -l 8080 command, it does not work but spews out that errorCode:root@bt:~# sslstrip bash: sslstrip: command not found root@bt:~# ls -l total 24 drwxr-xr-x 2 root root 80 2009-09-04 18:20 Desktop drwxr-xr-x 3 root root 240 2009-09-22 20:37 Documents -rw-rw-rw- 1 root root 21257 2009-09-21 16:44 sslstrip-0.5.tar.gz root@bt:~# tar zxvf sslstrip-0.5.tar.gz sslstrip-0.5/ sslstrip-0.5/setup.py sslstrip-0.5/README sslstrip-0.5/COPYING sslstrip-0.5/lock.ico sslstrip-0.5/sslstrip/ sslstrip-0.5/sslstrip/StrippingProxy.py sslstrip-0.5/sslstrip/URLMonitor.py sslstrip-0.5/sslstrip/ServerConnectionFactory.py sslstrip-0.5/sslstrip/__init__.py sslstrip-0.5/sslstrip/ServerConnection.py sslstrip-0.5/sslstrip/ClientRequest.py sslstrip-0.5/sslstrip/SSLServerConnection.py sslstrip-0.5/sslstrip/.#SSLDataShuffler.py sslstrip-0.5/sslstrip/CookieCleaner.py sslstrip-0.5/sslstrip.py root@bt:~# cd sslstrip-0.5 root@bt:~/sslstrip-0.5# python ./setup.py install running install byte-compiling /usr/lib/python2.5/site-packages/sslstrip ***list cut, truncated it for space sake*** COPYING -> /usr/share/sslstrip copying lock.ico -> /usr/share/sslstrip running install_egg_info Writing /usr/lib/python2.5/site-packages/sslstrip-0.5.egg-info Cleaning up... root@bt:~/sslstrip-0.5# cd .. root@bt:~# ls -l total 24 drwxr-xr-x 2 root root 80 2009-09-04 18:20 Desktop drwxr-xr-x 3 root root 240 2009-09-22 20:37 Documents drwxr-xr-x 4 1000 1000 224 2009-09-22 20:38 sslstrip-0.5 -rw-rw-rw- 1 root root 21257 2009-09-21 16:44 sslstrip-0.5.tar.gz root@bt:~# sslstrip -l 8080 Traceback (most recent call last): File "/usr/bin/sslstrip", line 108, in <module> main(sys.argv[1:]) File "/usr/bin/sslstrip", line 101, in main reactor.listenTCP(listenPort, strippingFactory) File "/usr/lib/python2.5/site-packages/twisted/internet/posixbase.py", line 328, in listenTCP p.startListening() File "/usr/lib/python2.5/site-packages/twisted/internet/tcp.py", line 737, in startListening skt.bind((self.interface, self.port)) File "<string>", line 1, in bind TypeError: an integer is required root@bt:~# sslstrip sslstrip 0.5 by Moxie Marlinspike running... ^Croot@bt:~#
but at the end when i just try and launch sslstrip in it's default script with no tac commands added to it, it launches fine but over the default port 10000 with no augmentations
i've also tried using the command
to launch the python script streight from the installer folder without actually compiling and installing the full script, and i get the same resultCode:python ./sslstrip.py -l 8080
......any thoughts???
Hi,
I too have found issues with SSL-Strip right out of the box with BT4.
Just after starting sslsstrip, it returns a blank line. It would seem the application might be returning but no dialog is displayed like it should be.Also like the above poster if try to listen on a different port I get the same error messages.
Solution
Hi
I think i found the answer to this, Im using sslstrip untarred on ubuntu 9.04 , it threw the exact same error,
The Solution to this is to locate where your python modules are installed, ( where the .py file is rather), open up sslstrip.py and check where the script is looking for the modules, My advise is to copy the modules to the location where the script is pointed at,
My Script said sslstrip.whatever.py
the above is the relative path of the modules
I copied the modules into a folder named sslstrip from where the script was actually located.
Hope this was helpful
Thanks
Posting Permissions