SSLstrip

[strakar]

Hello, i have a question...

I saw a video on youtube and was reading backtrack tutorials and i found one interesting tutorial about sslstrip well i'm not trying attempting to steal any e-mail or facebook password or whatever, just trying to get more and more knowledge about backtrack it self. So i saw this tutorial and think it is interesting redirecting https to http and i know that ppl who use it for evil purposes should/could go to jail.

Well i'm trying to make it on my own network. I'm using my desktop and my laptop and both are connected to my router and i will try to "attack" through the laptop, my question is after i use all the commands, successfully redirect the https to http and close all consoles is the IPTABLE still changed? i mean it will still redirect the port 80 traffic to the port where sslstrip is working? Since it is my own network there is no problem because i already know my passwords, im just concerned if this will prevent me to ever use https again.

Thank you

[strakar]

I mean if i use: « echo "1"> /proc/sys/net/ipv4/ip_forward » the ipforwarding is enabled and « echo "0"> /proc/sys/net/ipv4/ip_forward » is disable but the rest of the commands change any table or something? thanks

[M00kaw]

either reboot your attacking machine, or this should do it:

iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chain

you can throw it in a document and run it as a script like this:

#!/bin/bash
iptables --flush &&
iptables --table nat --flush &&
iptables --delete-chain &&
iptables --table nat --delete-chain &&
echo 'ip-tables flushed'