Page 3 of 9 FirstFirst 12345 ... LastLast
Results 21 to 30 of 88

Thread: NEW SCRIPT Capturing Passwords With sslstrip AIRSSL.sh

  1. #21
    Just burned his ISO
    Join Date
    Jul 2010
    Posts
    2

    Default Re: NEW SCRIPT Capturing Passwords With sslstrip AIRSSL.sh

    Hi (I edit my post as I understand better what is my problem).

    First thanks a lot for this script !

    Here is the situation.
    - I can create the fake AP and I can see it and connect it from another computer.
    - I have a "good" IP address on my client computer (10.0.0.21 gw:10.0.0.1) BUT I can't access to Internet.

    It is very strange because from my client if I launch a "tracert 66.249.92.104" (google.com), I can see that the computer is able to access to some ip address on the internet but "nothing".

    So the forwarding seems to work because I can ping "some" ip address but not every one and so it is impossible to surf on the web while connected to the fake AP!

    What could be the problem please ? (MTU problem ?)

    Thank you
    Last edited by iautran; 07-11-2010 at 12:15 PM.

  2. #22
    Just burned his ISO
    Join Date
    Mar 2010
    Posts
    5

    Default Re: NEW SCRIPT Capturing Passwords With sslstrip AIRSSL.sh

    Hi killadaninja, just wanted to pop in and say thanks for stealing my work without giving me credit.
    http://www.backtrack-linux.org/forum...-tutorial.html
    Last edited by Deathray; 07-21-2010 at 10:25 PM.

  3. #23
    Junior Member
    Join Date
    Jan 2010
    Posts
    46

    Default Re: NEW SCRIPT Capturing Passwords With sslstrip AIRSSL.sh

    I am having the same issue with DHCP. Only the computer running Windows 7 is able to receive an IP via DHCP. I tried it on an iPhone and computer running XP Pro SP3 and I was unable to get an IP.


    As for the guy that said that the ssid was hidden, when I first ran the script, it wasnt showing the ssid that I had created. Seemed to be an issue with airbase. After a reboot, it was working fine. Not sure what was causing the problem.

  4. #24
    Just burned his ISO
    Join Date
    Jul 2010
    Posts
    12

    Default Re: NEW SCRIPT Capturing Passwords With sslstrip AIRSSL.sh

    Quote Originally Posted by Deathray View Post
    Hi killadaninja, just wanted to pop in and say thanks for stealing my work without giving me credit.
    http://www.backtrack-linux.org/forum...-tutorial.html
    Wow. You're the only person to come up with this technique, and no one, with the same information at hand, could of wrote a similar script? Impressive. Clearly your work is beyond us.

    On a side note, excellent script killadaninja.
    Last edited by Onemajorflaw; 07-20-2010 at 10:48 PM.

  5. #25
    Just burned his ISO
    Join Date
    Mar 2010
    Posts
    5

    Default Re: NEW SCRIPT Capturing Passwords With sslstrip AIRSSL.sh

    Quote Originally Posted by Onemajorflaw View Post
    Wow. You're the only person to come up with this technique, and no one, with the same information at hand, could of wrote a similar script? Impressive. Clearly your work is beyond us.

    On a side note, excellent script killadaninja.
    No, but I am the one person who took the time making it work and writing the script. I completely agree it's not rocket science but for someone new at Linux I actually worked pretty hard on sorting out all the small details and fixing the small issues I encountered. That's why it kind of shocked me reading through killadninja's "howto" recognizing my own words and way's of formulating myself, thinking wtf!? Well my feelings aside and to the more moral part; If he wrote this from the bottom up, awesome! But all I see is my script with killadaninja's name on it and sslstrip added. Which to be honest would also be completely cool with me, as long as he at least mentioned me and didn't try and pretend something else. But life's to short for matters like these ^^ (i say after the wall of text, doh) I'm just glad to see people are benefiting from the work of multiple people combined
    Last edited by Deathray; 07-22-2010 at 01:44 PM.

  6. #26
    Just burned his ISO
    Join Date
    Jul 2010
    Posts
    1

    Default

    Regardless of who wrote the script, I'd like to get it to work, and it's close. I think I've figured out what the problem was that people were having with dhcpd and the "permission denied" error.

    If you're trying to get this running on Ubuntu as I am, you'll have this problem because apparmor screws with dhcpd3. You have to disable the dchpd3 profile in apparmor.

    Code:
    sudo ln -s /etc/apparmor.d/usr.sbin.dhcpd3 /etc/apparmor.d/disable/
    sudo apparmor_parser -R /etc/apparmor.d/usr.sbin.dhcpd3
    See apparmor documentation here: https://help.ubuntu.com/community/AppArmor

    Once that's done it keeps apparmor from screwing with the dhcp server. My dhcp xterm window would just crash every time i tried to run the script before this. You may get another "permission denied" error in the xterm window but it doesn't seem to affect the function of the dhcp server. You can watch the "discover-offer-request-acknowledge" sequence go by in the ettercap window and your victim machine will get an ip address.

    Now that we've gotten that out of the way, here's my problem:

    Once the victim machine gets an ip, it can't access the internet. The forwarding isn't working for some reason.

    Side note: I did add the bits suggested earlier in the thread to use airmon-ng to start wlan0 and then set the interface to mon0. The script would error out otherwise.

    Any ideas?

    --xraystyle

    Regardless of who wrote the script, I'd like to get it to work, and it's close. I think I've figured out what the problem was that people were having with dhcpd and the "permission denied" error.

    If you're trying to get this running on Ubuntu as I am, you'll have this problem because apparmor screws with dhcpd3. You have to disable the dchpd3 profile in apparmor.

    Code:
    sudo ln -s /etc/apparmor.d/usr.sbin.dhcpd3 /etc/apparmor.d/disable/
    sudo apparmor_parser -R /etc/apparmor.d/usr.sbin.dhcpd3
    See apparmor documentation here: https://help.ubuntu.com/community/AppArmor

    Once that's done it keeps apparmor from screwing with the dhcp server. My dhcp xterm window would just crash every time i tried to run the script before this. You may get another "permission denied" error in the xterm window but it doesn't seem to affect the function of the dhcp server. You can watch the "discover-offer-request-acknowledge" sequence go by in the ettercap window and your victim machine will get an ip address.

    Now that we've gotten that out of the way, here's my problem:

    Once the victim machine gets an ip, it can't access the internet. The forwarding isn't working for some reason.

    Side note: I did add the bits suggested earlier in the thread to use airmon-ng to start wlan0 and then set the interface to mon0. The script would error out otherwise.

    Any ideas?

    --xraystyle
    Last edited by Archangel-Amael; 07-24-2010 at 06:20 PM.

  7. #27
    Just burned his ISO
    Join Date
    Jul 2010
    Posts
    4

    Default

    im having the problems with DHCP as well, from the victim pc i cannot obtain an IP address via DHCP

    hypothesis no. 1: DHCP on my lan router is somehow confusing things, i am going to try turning it off and assign static IP's to the internet interface on wlan0

    well i tried turning off DHCP on my lan (which wlan0 connects to)

    yet still i am unable to receive an IP on the victim via DHCP

    i set a static ip on the victim (10.0.0.2 /24 mask) yet still the script is not functioning for me....

    i cannot browse www from the victim


    im a bit stuck as to what to try next, i will try adding the lines which others have reported to have helped them
    Last edited by Archangel-Amael; 07-24-2010 at 06:19 PM.

  8. #28
    Just burned his ISO
    Join Date
    Jul 2010
    Posts
    1

    Default Re: NEW SCRIPT Capturing Passwords With sslstrip AIRSSL.sh

    Hi,

    Thank you for the script, i've tested it and it's great! ... i just a question here, i tried to run the dns_spoof plug in on ettercap.. the script is still working and the when i do nslookup from the victim pc i get the spoofed IPs; however, from the browser, the victim isn't directed to the spoofed IP and he's still going to the real sites.. when checked the dns packets in wireshark, i saw that the dns queries were directed to the internet gateway and the real responses are directed back the victim.. so i think there should be something with iptables to solve this issue, i've tried a lot to play with them, but still same thing.. any idea? please help me

  9. #29
    Very good friend of the forum killadaninja's Avatar
    Join Date
    Oct 2007
    Location
    London, United Kingdom.
    Posts
    526

    Default Re: NEW SCRIPT Capturing Passwords With sslstrip AIRSSL.sh

    Quote Originally Posted by Deathray View Post
    Hi killadaninja, just wanted to pop in and say thanks for stealing my work without giving me credit.
    http://www.backtrack-linux.org/forum...-tutorial.html
    Quote Originally Posted by Deathray View Post
    No, but I am the one person who took the time making it work and writing the script. I completely agree it's not rocket science but for someone new at Linux I actually worked pretty hard on sorting out all the small details and fixing the small issues I encountered. That's why it kind of shocked me reading through killadninja's "howto" recognizing my own words and way's of formulating myself, thinking wtf!? Well my feelings aside and to the more moral part; If he wrote this from the bottom up, awesome! But all I see is my script with killadaninja's name on it and sslstrip added. Which to be honest would also be completely cool with me, as long as he at least mentioned me and didn't try and pretend something else. But life's to short for matters like these ^^ (i say after the wall of text, doh) I'm just glad to see people are benefiting from the work of multiple people combined
    Are you joking? I will hold my tounge except for saying you do have some cheek Deathray coming to another persons thread making unjust claims, of coarse 2 scripts using airbase for a MITM attack are going to look near identical, a 1000 people could write it and ALL 1000 would look as similar as mine and yours, would it be possible to do it any other way? If for some reason you feel you deserve credit where 0 credit is due the best thing to do would have been to pm me, what you done was rude and obnoxious AND wrong. I will not be filling up this thread with an argument (if you think you still have one), if you feel some reason to continue the discussion feel free to pm me

    Quote Originally Posted by Onemajorflaw View Post
    Wow. You're the only person to come up with this technique, and no one, with the same information at hand, could of wrote a similar script? Impressive. Clearly your work is beyond us.

    On a side note, excellent script killadaninja.
    Hear hear, and thank you.


    Quote Originally Posted by xraystyle View Post
    Regardless of who wrote the script, I'd like to get it to work, and it's close. I think I've figured out what the problem was that people were having with dhcpd and the "permission denied" error.

    If you're trying to get this running on Ubuntu as I am, you'll have this problem because apparmor screws with dhcpd3. You have to disable the dchpd3 profile in apparmor.

    Code:
    sudo ln -s /etc/apparmor.d/usr.sbin.dhcpd3 /etc/apparmor.d/disable/
    sudo apparmor_parser -R /etc/apparmor.d/usr.sbin.dhcpd3
    See apparmor documentation here: https://help.ubuntu.com/community/AppArmor

    Once that's done it keeps apparmor from screwing with the dhcp server. My dhcp xterm window would just crash every time i tried to run the script before this. You may get another "permission denied" error in the xterm window but it doesn't seem to affect the function of the dhcp server. You can watch the "discover-offer-request-acknowledge" sequence go by in the ettercap window and your victim machine will get an ip address.

    Now that we've gotten that out of the way, here's my problem:

    Once the victim machine gets an ip, it can't access the internet. The forwarding isn't working for some reason.

    Side note: I did add the bits suggested earlier in the thread to use airmon-ng to start wlan0 and then set the interface to mon0. The script would error out otherwise.

    Any ideas?

    --xraystyle
    Are you sure you have not configured ettercap to forward, you DO NOT want ettercap to be controlling forwarding, ie in the etter config the forwarding lines should remain commented.
    Last edited by killadaninja; 08-05-2010 at 12:58 AM.
    Sometimes I try to fit a 16-character string into an 8–byte space, on purpose.

  10. #30
    Just burned his ISO
    Join Date
    Aug 2010
    Posts
    1

    Default Re: NEW SCRIPT Capturing Passwords With sslstrip AIRSSL.sh

    This is a great script — thanks for sharing!

    I'm having trouble getting the DHCP component working properly as well. I'm running a bone-stock BT4f live-cd with an RTL8187 chipset.

    All of the individual processes seem to run properly (no error messages), but IP addresses aren't divvied. Any suggestions?

Page 3 of 9 FirstFirst 12345 ... LastLast

Similar Threads

  1. Replies: 44
    Last Post: 04-08-2011, 02:30 AM
  2. Replies: 6
    Last Post: 10-08-2010, 11:40 PM
  3. sslstrip with ettercap or airspoof not capturing password
    By danielgc in forum OLD BackTrack 4 General Support
    Replies: 3
    Last Post: 08-29-2009, 10:29 PM
  4. Capturing passwords on a big LAN!
    By dxi5t in forum OLD Pentesting
    Replies: 5
    Last Post: 06-10-2008, 05:05 PM
  5. Wifiopn-cap: automated OPN Network capturing script
    By teknecal in forum OLD Tutorials and Guides
    Replies: 2
    Last Post: 04-21-2008, 01:39 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •