Hi killadaninja, just wanted to pop in and say thanks for stealing my work without giving me credit.
http://www.backtrack-linux.org/forum...-tutorial.html
Re: NEW SCRIPT Capturing Passwords With sslstrip AIRSSL.sh
Hi (I edit my post as I understand better what is my problem).
First thanks a lot for this script !
Here is the situation.
- I can create the fake AP and I can see it and connect it from another computer.
- I have a "good" IP address on my client computer (10.0.0.21 gw:10.0.0.1) BUT I can't access to Internet.
It is very strange because from my client if I launch a "tracert 66.249.92.104" (google.com), I can see that the computer is able to access to some ip address on the internet but "nothing".
So the forwarding seems to work because I can ping "some" ip address but not every one and so it is impossible to surf on the web while connected to the fake AP!
What could be the problem please ? (MTU problem ?)
Thank you
Last edited by iautran; 07-11-2010 at 12:15 PM.
Re: NEW SCRIPT Capturing Passwords With sslstrip AIRSSL.sh
Hi killadaninja, just wanted to pop in and say thanks for stealing my work without giving me credit.
http://www.backtrack-linux.org/forum...-tutorial.html
Last edited by Deathray; 07-21-2010 at 10:25 PM.
Re: NEW SCRIPT Capturing Passwords With sslstrip AIRSSL.sh
I am having the same issue with DHCP. Only the computer running Windows 7 is able to receive an IP via DHCP. I tried it on an iPhone and computer running XP Pro SP3 and I was unable to get an IP.
As for the guy that said that the ssid was hidden, when I first ran the script, it wasnt showing the ssid that I had created. Seemed to be an issue with airbase. After a reboot, it was working fine. Not sure what was causing the problem.
Re: NEW SCRIPT Capturing Passwords With sslstrip AIRSSL.sh
Wow. You're the only person to come up with this technique, and no one, with the same information at hand, could of wrote a similar script? Impressive. Clearly your work is beyond us.Originally Posted by Deathray
On a side note, excellent script killadaninja.
Last edited by Onemajorflaw; 07-20-2010 at 10:48 PM.
Re: NEW SCRIPT Capturing Passwords With sslstrip AIRSSL.sh
No, but I am the one person who took the time making it work and writing the script. I completely agree it's not rocket science but for someone new at Linux I actually worked pretty hard on sorting out all the small details and fixing the small issues I encountered. That's why it kind of shocked me reading through killadninja's "howto" recognizing my own words and way's of formulating myself, thinking wtf!? Well my feelings aside and to the more moral part; If he wrote this from the bottom up, awesome! But all I see is my script with killadaninja's name on it and sslstrip added. Which to be honest would also be completely cool with me, as long as he at least mentioned me and didn't try and pretend something else. But life's to short for matters like these ^^ (i say after the wall of text, doh) I'm just glad to see people are benefiting from the work of multiple people combined
Last edited by Deathray; 07-22-2010 at 01:44 PM.
Regardless of who wrote the script, I'd like to get it to work, and it's close. I think I've figured out what the problem was that people were having with dhcpd and the "permission denied" error.
If you're trying to get this running on Ubuntu as I am, you'll have this problem because apparmor screws with dhcpd3. You have to disable the dchpd3 profile in apparmor.
See apparmor documentation here: https://help.ubuntu.com/community/AppArmorCode:sudo ln -s /etc/apparmor.d/usr.sbin.dhcpd3 /etc/apparmor.d/disable/ sudo apparmor_parser -R /etc/apparmor.d/usr.sbin.dhcpd3
Once that's done it keeps apparmor from screwing with the dhcp server. My dhcp xterm window would just crash every time i tried to run the script before this. You may get another "permission denied" error in the xterm window but it doesn't seem to affect the function of the dhcp server. You can watch the "discover-offer-request-acknowledge" sequence go by in the ettercap window and your victim machine will get an ip address.
Now that we've gotten that out of the way, here's my problem:
Once the victim machine gets an ip, it can't access the internet. The forwarding isn't working for some reason.
Side note: I did add the bits suggested earlier in the thread to use airmon-ng to start wlan0 and then set the interface to mon0. The script would error out otherwise.
Any ideas?
--xraystyle
Regardless of who wrote the script, I'd like to get it to work, and it's close. I think I've figured out what the problem was that people were having with dhcpd and the "permission denied" error.
If you're trying to get this running on Ubuntu as I am, you'll have this problem because apparmor screws with dhcpd3. You have to disable the dchpd3 profile in apparmor.
See apparmor documentation here: https://help.ubuntu.com/community/AppArmorCode:sudo ln -s /etc/apparmor.d/usr.sbin.dhcpd3 /etc/apparmor.d/disable/ sudo apparmor_parser -R /etc/apparmor.d/usr.sbin.dhcpd3
Once that's done it keeps apparmor from screwing with the dhcp server. My dhcp xterm window would just crash every time i tried to run the script before this. You may get another "permission denied" error in the xterm window but it doesn't seem to affect the function of the dhcp server. You can watch the "discover-offer-request-acknowledge" sequence go by in the ettercap window and your victim machine will get an ip address.
Now that we've gotten that out of the way, here's my problem:
Once the victim machine gets an ip, it can't access the internet. The forwarding isn't working for some reason.
Side note: I did add the bits suggested earlier in the thread to use airmon-ng to start wlan0 and then set the interface to mon0. The script would error out otherwise.
Any ideas?
--xraystyle
Last edited by Archangel-Amael; 07-24-2010 at 06:20 PM.
im having the problems with DHCP as well, from the victim pc i cannot obtain an IP address via DHCP
hypothesis no. 1: DHCP on my lan router is somehow confusing things, i am going to try turning it off and assign static IP's to the internet interface on wlan0
well i tried turning off DHCP on my lan (which wlan0 connects to)
yet still i am unable to receive an IP on the victim via DHCP
i set a static ip on the victim (10.0.0.2 /24 mask) yet still the script is not functioning for me....
i cannot browse www from the victim
im a bit stuck as to what to try next, i will try adding the lines which others have reported to have helped them
Last edited by Archangel-Amael; 07-24-2010 at 06:19 PM.
Re: NEW SCRIPT Capturing Passwords With sslstrip AIRSSL.sh
Hi,
Thank you for the script, i've tested it and it's great! ... i just a question here, i tried to run the dns_spoof plug in on ettercap.. the script is still working and the when i do nslookup from the victim pc i get the spoofed IPs; however, from the browser, the victim isn't directed to the spoofed IP and he's still going to the real sites.. when checked the dns packets in wireshark, i saw that the dns queries were directed to the internet gateway and the real responses are directed back the victim.. so i think there should be something with iptables to solve this issue, i've tried a lot to play with them, but still same thing.. any idea? please help me
Re: NEW SCRIPT Capturing Passwords With sslstrip AIRSSL.sh
Are you joking? I will hold my tounge except for saying you do have some cheek Deathray coming to another persons thread making unjust claims, of coarse 2 scripts using airbase for a MITM attack are going to look near identical, a 1000 people could write it and ALL 1000 would look as similar as mine and yours, would it be possible to do it any other way? If for some reason you feel you deserve credit where 0 credit is due the best thing to do would have been to pm me, what you done was rude and obnoxious AND wrong. I will not be filling up this thread with an argument (if you think you still have one), if you feel some reason to continue the discussion feel free to pm meNo, but I am the one person who took the time making it work and writing the script. I completely agree it's not rocket science but for someone new at Linux I actually worked pretty hard on sorting out all the small details and fixing the small issues I encountered. That's why it kind of shocked me reading through killadninja's "howto" recognizing my own words and way's of formulating myself, thinking wtf!? Well my feelings aside and to the more moral part; If he wrote this from the bottom up, awesome! But all I see is my script with killadaninja's name on it and sslstrip added. Which to be honest would also be completely cool with me, as long as he at least mentioned me and didn't try and pretend something else. But life's to short for matters like these ^^ (i say after the wall of text, doh) I'm just glad to see people are benefiting from the work of multiple people combined
Hear hear, and thank you.
Are you sure you have not configured ettercap to forward, you DO NOT want ettercap to be controlling forwarding, ie in the etter config the forwarding lines should remain commented.
Last edited by killadaninja; 08-05-2010 at 12:58 AM.
Sometimes I try to fit a 16-character string into an 8–byte space, on purpose.
Re: NEW SCRIPT Capturing Passwords With sslstrip AIRSSL.sh
This is a great script — thanks for sharing!
I'm having trouble getting the DHCP component working properly as well. I'm running a bone-stock BT4f live-cd with an RTL8187 chipset.
All of the individual processes seem to run properly (no error messages), but IP addresses aren't divvied. Any suggestions?
Posting Permissions