Anyone =[ ?
I have the following setup works
[My Laptop@10.0.0.2] < ---- > [My PC@10.0.0.1 & Gateway@10.0.0.138]
Works fine running sslstrip & bt4 vm on my pc as the attacker on my eth0 interface.
What im finding difficult is this setup, it effectively DoS attacks my router.
# Victim on XP [My Laptop@10.0.0.2]
# bt4 VMware [My Laptop@10.0.0.4]
- Victim on XP is connected to the gateway on my 1490 Mini WLAN Card.
- bt4 VMware is using my ALFA'36H to connect to the gateway, so both wireless.
arpspoof between XP@10.0.0.2 & Gateway@10.0.0.138 with interface wlan0 works. But as soon as i do the iptables i effectivly DoS the router and the victim cannot surf the net, so the attack becomes useless.So all im left with is a forum post from remote exploit i found the other day i cannot find again which breifly mentioned not needing sslstrip to do an attack like this because it is only encrypted with wpa/wep not ssl yet and that i can just run airdecap-ng to take off the encryption.Code:iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-ports 10000
So how can i get this working using either method.
And going back to my original scenario with 1 client. If i reversed roles and used bt4 vmware on the laptop would i be able to do this sslstrip attack on the PC? or is it only limited to being ran from the wired side of the network?
Last edited by MassAppeal; 01-20-2010 at 01:37 PM.
Anyone =[ ?
Was the arp spoof successful? Did traffic flow normally without running ssl strip through your "attacking" pc (can use wireshark to verify)? At times when I played with Cain and Abel, it would only do a "one way" spoof because it couldn't complete it. Whether it be windows firewall or the router's firewall or other router/gateway settings that are hindering the arp poison.
Not sure how your wireless router/gateway handles the wireless side. It might put it the wireless on it's own little vlan and not allow it to talk to the rest of the network?And going back to my original scenario with 1 client. If i reversed roles and used bt4 vmware on the laptop would i be able to do this sslstrip attack on the PC? or is it only limited to being ran from the wired side of the network?
I just got a setup working with a Fonera router with Jasager installed (which is basically karma/karmetasploit) which is wired to my laptop and then the laptop connects to an AP wirelessly. All traffic of clients to the Fon goes through the BT4 laptop which I can run SSL Strip just fine.
Last edited by Mr-Protocol; 01-21-2010 at 11:25 AM.
Stupid question: are you poisoning both caches? gw - target + target - gw
im running this arpspoof command, same as i did for eth0 on my wired side.
Code:arpspoof -i wlan0 -t <targetIP> <GatewayIP>
You have to run it twice, one for gw->client, one for client->gw.
Ahh thank you very much, i will try that and see how i go.
Yep, the arp poisoning both ways is what did the trick for me. Thanks.
Ettercap already does arp poisoning both ways. I advice to try it.
Yea i gave ettercap a go and it wouldnt do it for me either, even though it has similar setup as cain & abel i stilll couldnt get it working that way.