Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 26

Thread: Man in the middle attack against Windows Xp SP3 with Backtrack 4 R1 - problem

  1. #11
    Administrator sickness's Avatar
    Join Date
    Jan 2010
    Location
    Behind the screen.
    Posts
    2,921

    Default Re: Man in the middle attack against Windows Xp SP3 with Backtrack 4 R1 - problem

    hakermania, use ettercap with sslstrip )
    Back|track giving machine guns to monkeys since 2007 !

    Do not read the Wiki, most your questions will not be answered there !
    Do not take a look at the: Forum Rules !

  2. #12
    Junior Member
    Join Date
    Jan 2010
    Posts
    33

    Default Re: Man in the middle attack against Windows Xp SP3 with Backtrack 4 R1 - problem

    I'll try this out and I'll let you know!
    LoooL

  3. #13
    Junior Member
    Join Date
    Jan 2010
    Posts
    33

    Default Re: Man in the middle attack against Windows Xp SP3 with Backtrack 4 R1 - problem

    I did a lot of tries to capture passwds with ssl encryption but I was unlucky!!!
    When I was trying to do this, neither normal passwds nor ssl encrypted were captured!!!
    ..
    LoooL

  4. #14
    Administrator sickness's Avatar
    Join Date
    Jan 2010
    Location
    Behind the screen.
    Posts
    2,921

    Default Re: Man in the middle attack against Windows Xp SP3 with Backtrack 4 R1 - problem

    Which guide are you following ?
    Back|track giving machine guns to monkeys since 2007 !

    Do not read the Wiki, most your questions will not be answered there !
    Do not take a look at the: Forum Rules !

  5. #15
    Member Mr-Protocol's Avatar
    Join Date
    Jan 2010
    Location
    Ohio
    Posts
    142

    Default Re: Man in the middle attack against Windows Xp SP3 with Backtrack 4 R1 - problem

    From my understanding you are wondering why until you start SSL Strip the users have no access to the web/ssl sites.

    The reason is you are forwarding ports to a service that isn't running.

    iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 8080

    With that you are taking port 80 traffic and redirecting to port 8080. Great but nothing is listening on port 8080.

    When you start sslstrip you have it listen for port 8080 and sslstrip forwards on the packets to the world.

  6. #16
    My life is this forum Snayler's Avatar
    Join Date
    Jan 2010
    Posts
    1,418

    Default Re: Man in the middle attack against Windows Xp SP3 with Backtrack 4 R1 - problem

    Quote Originally Posted by Mr-Protocol View Post
    Great but nothing is listening on port 8080.
    Wrong...
    Code:
    sslstrip -l 8080
    SSLStrip is listening on port 8080.

  7. #17
    Member Mr-Protocol's Avatar
    Join Date
    Jan 2010
    Location
    Ohio
    Posts
    142

    Default Re: Man in the middle attack against Windows Xp SP3 with Backtrack 4 R1 - problem

    Quote Originally Posted by hakermania View Post
    Code:
    echo 1 > /proc/sys/net/ipv4/ip_forward
    iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 8080
    arpspoof -i eth0 -t 192.168.1.4 192.168.1.1 [here network at victim is disabled]
    (in new terminal) sslstrip -l 8080 [here is enabled again]
    Quote Originally Posted by Snayler View Post
    Wrong...
    Code:
    sslstrip -l 8080
    SSLStrip is listening on port 8080.
    SSL Strip was not running when the victim lost internet. When the OP ran SSLStrip after the forwarding and arpspoof, internet access to the "test station/vic" was working.
    Last edited by Mr-Protocol; 08-10-2010 at 09:54 PM.

  8. #18
    My life is this forum Snayler's Avatar
    Join Date
    Jan 2010
    Posts
    1,418

    Default Re: Man in the middle attack against Windows Xp SP3 with Backtrack 4 R1 - problem

    Quote Originally Posted by hakermania View Post
    Unfortunately, when I tried to do this against a machine running win xp sp3, the network was gone even when I gave sslstrip -l 8080.
    Quote Originally Posted by Mr-Protocol View Post
    SSL Strip was not running when the victim lost internet. When the OP ran SSLStrip after the forwarding and arpspoof, internet access to the "test station/vic" was working.
    That was in Ubuntu case, OP's problem is with Windows not having internet access even after running sslstrip.

  9. #19
    Member Mr-Protocol's Avatar
    Join Date
    Jan 2010
    Location
    Ohio
    Posts
    142

    Default Re: Man in the middle attack against Windows Xp SP3 with Backtrack 4 R1 - problem

    Not sure but it should work the same.

    I've done MITM with XP SP3 in my lab for a presentation in my Networking Forensics course.

    Something with the initial setup must be wrong. Or he needs to clear the ARP cache on his router and Machines.
    Last edited by Mr-Protocol; 08-10-2010 at 10:03 PM.

  10. #20
    My life is this forum Snayler's Avatar
    Join Date
    Jan 2010
    Posts
    1,418

    Default Re: Man in the middle attack against Windows Xp SP3 with Backtrack 4 R1 - problem

    hakermania, an important question: Have you uncommented the iptables part in etter.conf?

    Also, try using ettercap arp poisoning capabilities instead of arpspoof, because it's odd that you don't have connectivity after running arpspoof.

Page 2 of 3 FirstFirst 123 LastLast

Similar Threads

  1. Replies: 2
    Last Post: 08-23-2010, 10:53 AM
  2. Acceso a Windows 7 por Medio de SET (Java Applet Attack)
    By šĜrτĦacK in forum BT Videos - ES
    Replies: 0
    Last Post: 05-01-2010, 07:36 PM
  3. [Video] Man In The Middle (MITM) Attack (ettercap, metasploit, sbd)
    By imported_g0tmi1k in forum OLD BT4 Videos
    Replies: 6
    Last Post: 01-16-2010, 08:47 PM
  4. Replies: 2
    Last Post: 07-08-2009, 08:56 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •