Page 2 of 2 FirstFirst 12
Results 11 to 18 of 18

Thread: sslstrip does nothing

  1. #11
    Just burned his ISO
    Join Date
    Jul 2011
    Posts
    1

    Default Re: sslstrip does nothing

    Please let me know if you find the reason why in the first network you tried sslstrip doesn't function , i have the same problem.

  2. #12
    Very good friend of the forum maverik35's Avatar
    Join Date
    Sep 2009
    Location
    Debian land
    Posts
    734

    Default Re: sslstrip does nothing

    Quote Originally Posted by BOner View Post
    Please let me know if you find the reason why in the first network you tried sslstrip doesn't function , i have the same problem.
    Ok..First of all, you need to know that iptables is a "tool" to config the firewall in Linux, due to complexity of doing it without a tool..That tool is iptables.
    When you use iptables, you are configuring the firewall, you are Adding a rule to the PREROUTING chain in NAT table, and the rule is: "all TCP protocol traffic with destination Port 80 (meaning that all incoming traffic
    thru port 80) will take an action (-j takes effect if rule complies), what? REDIRECT that traffic to a port xxxx...Now, iptables redirects the traffic to port 10000 or 8080 or whatever the port you set.
    Now, sslstrip will be in port 10000 (default) awaitting the traffic, if you set -l option in sslstrip, you can assign a diferent port.
    Sslstrip start to act, disect the info and creates a favicon (if set that way), etc..Accordingly to what you configured in sslstrip.
    Now, if it does not disect anything it could be because there is no info to disect in port 10000, 8080, or the port you are deviating the info to...sslstrip does its job, the thing is, there is no info there to disect..
    Try to run nmap with -sC -sV -sS in your computer, check if the sslstrip is located at the port you set it. It should be listening there..If it is so, then info is not getting there..Try to analyze trafic with wireshark and filter port 80 and port 10000 (or the port where the sslstrip is listening at)...See what info you are getting..That is what I would do...
    Hope this helps...

  3. #13
    Just burned his ISO
    Join Date
    Mar 2012
    Posts
    5

    Default Re: sslstrip does nothing

    Hi to all.I have the same problem i tried almost everything but still sslstrip.log is emty.I tried with versions of sslstrip 0.8,0.9.0.7 but result=0.I don't know what to do to finally get data from my pc.Noobs questions shoud i try configure my browser with about:config (maybe java or flash player) or i have to try to remove from python anything(python-crypto or whateveryelse).Sorry for my english
    regards

  4. #14
    Senior Member ShadowMaster's Avatar
    Join Date
    Jul 2011
    Location
    /root
    Posts
    189

    Default Re: sslstrip does nothing

    Which browser are you people using? some, like chrome do not allow non-ssl connections to certain sites. others, like firefox, have security addons that force ssl connections.
    World Domination is such an ugly phrase. I prefer the term World Optimization.

  5. #15
    Just burned his ISO
    Join Date
    Mar 2012
    Posts
    5

    Default Re: sslstrip does nothing

    orginally posted by ShadowMaster
    Which browser are you people using? some, like chrome do not allow non-ssl connections to certain sites. others, like firefox, have security addons that force ssl connections.
    Thanks for reply friend.I am with mozilla firefox(3.6.27).This is old version,but i have olso second OS installed on my pc(ubuntu 11.10)it is same result no data,not anything
    regards

  6. #16
    Just burned his ISO
    Join Date
    Mar 2012
    Posts
    5

    Default Re: sslstrip does nothing

    Hi,and thanks for reply,that answer i publish for the second time.I hope this time finally is publish from moderators.I am with mozilla-firefox(3.6.27)

  7. #17
    Senior Member
    Join Date
    Jul 2009
    Posts
    135

    Default Re: sslstrip does nothing

    Quote Originally Posted by M00kaw View Post
    When you type: gmail.com your browser connects to http://gmail.com:80 and you then get re-directed to https://gmail.com:443
    Thats where sslstrip comes into the big picture.. You write: iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000

    You dont write iptables -t nat -A PREROUTING -p tcp --destination-port 443 -j REDIRECT --to-port 10000

    So try and write gmail.com facebook.com paypal.com etc. Just dont manually write https :-)

    edit:

    to clear things out - sslstrip listens to port 80 and when there's a redirect to https on port 443, it will strip the ssl...
    If you want to learn more about ssl-strip and how it works etc. there's a nice video from Blackhat 2009 with Moxie Marlinspike (the author of ssl-strip), telling a lot about his script..

    look under Randomized Videos
    http://teh-geek.com/?page_id=475
    Not to be a prick but i would hate for someone to be mis-informed by a minor typo/mistake. SSLstrip does not listen to port 80. Its basically a proxy (Like burpsuite). With burp, you usually would modify your browsers proxy settings to point to it so it can intercept http communications. With sslstrip, iptables is configured to redirects destination port 80 communications to the sslstrip proxy. Sslstrip then watches for attempts to switch over from un-encrypted http communications to encrypted https communications and does it magic.

  8. #18
    Just burned his ISO
    Join Date
    Mar 2012
    Posts
    5

    Default Re: sslstrip does nothing

    I try to reinstall and sslstrip and notice this:
    ldconfig: /usr/lib/libpcre.so.3 is not a symbolic link
    Maybe i have to make individulal link to libpcre.so.3 using ldconfig but how i mean:
    ldconfig -l libpcre.so.3 and then??????

    I will be very grateful if someone tell me how to solve this problem
    regards

    PS:I solved my problem with that link,but still i can't get data from my router,anyway maybe i made mistake somewhere
    regards

Page 2 of 2 FirstFirst 12

Similar Threads

  1. Parsing SSLStrip with definitions.sslstrip in easy-cred
    By ericmilam in forum BackTrack 5 Experts Section
    Replies: 3
    Last Post: 06-28-2011, 09:40 PM
  2. Parsing SSLStrip with definitions.sslstrip in easy-cred
    By ericmilam in forum BackTrack 5 Beginners Section
    Replies: 0
    Last Post: 05-31-2011, 08:39 PM
  3. sslstrip help
    By rogue040 in forum OLD BackTrack 4 Software Related Issues
    Replies: 0
    Last Post: 03-29-2010, 02:42 AM
  4. sslstrip v0.7
    By Mr-Protocol in forum Tool Requests
    Replies: 2
    Last Post: 01-18-2010, 06:33 AM
  5. sslstrip
    By muminrz in forum OLD BT4 Feature Requests
    Replies: 1
    Last Post: 02-28-2009, 03:25 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •