Page 2 of 2 FirstFirst 12
Results 11 to 15 of 15

Thread: sniffing problems with sslstrip

  1. #11
    Member
    Join Date
    Apr 2010
    Posts
    51

    Default Re: sniffing problems with sslstrip

    Ok I will search thanks. So the Yamas script is working? Because in my BT5r1 is not working properly. It can't sniff passwords from gmail and other sites. I have made apt-get install ettercap and I think that I have the new version. Patched? who knows :P I don't get the l3 errors.

    I will check the easy-creds out now. Does the yamas script working for you properly?

    P.S. Did you noticed that when you enable the ipforward the ettercap disables it? It is set to 0 :P Why?

  2. #12
    Member
    Join Date
    Apr 2010
    Posts
    51

    Default Re: sniffing problems with sslstrip

    @ericmillam: I tried and I sniffed succesfully all the creds from my pc when I put http but when I put https:// in front of the url the script can't capture that.I think that the sslstrip takes the request from 80 port and not in 443?

  3. #13
    Senior Member
    Join Date
    Dec 2010
    Posts
    127

    Default Re: sniffing problems with sslstrip

    @khaos Remember SSLStrip attempts to take traffic over 443 and forward that over http. So when you type in something like login.mybank.com. SSLStrip will attempt to make that request over port 80 using http. If the server on the backend accepts that, all traffic will traverse over 80. Now if you type in https://login.mybank.com then SSLStrip will not catch this. However if you are running ettercap, it will. The end user will get a certificate warning, but if they accept it, all their traffic will be encrypted/decrypted with your certificate.

    You can use a tool such as easy-creds which can set everything up for you. I just posted the latest version (3.6) on sourceforge http://sourceforge.net/projects/easy-creds/files/ Or to get version 3.5 just do n apt-get install easy-creds from the BT repos.

    Instruction videos can be found at http://www.youtube.com/Brav0Hax

    Happy hunting

  4. #14
    Member
    Join Date
    Apr 2010
    Posts
    51

    Default Re: sniffing problems with sslstrip

    Thanks for your reply. You have cleared all these things about sslstrip. I will look your video tutorials about easy-creds. Very nice videos and really thank you!

    P.S
    @ericmilam: If we sniffing with arpspoof only (no ettercap) + sslstrip and in iptables we replace destination port from 80 to 443 like thistables -t nat -A PREROUTING -p tcp —destination-port 443 -j REDIRECT —to-ports 10000
    Does sslstrip catch the packets?
    And one last question: Why ettercap replaces the 1 -> 0 in ip_forward? We must put again the echo command after the ettercap run?

    Thanks in advance

  5. #15
    Member
    Join Date
    Apr 2010
    Posts
    51

    Default Re: sniffing problems with sslstrip

    Thanks for your reply. You have cleared all these things about sslstrip. I will look your video tutorials about easy-creds. Very nice videos and really thank you!

    P.S
    @ericmilam: If we sniffing with arpspoof only (no ettercap) + sslstrip and in iptables we replace destination port from 80 to 443 like this: iptables -t nat -A PREROUTING -p tcp —destination-port 443 -j REDIRECT —to-ports 10000
    Does sslstrip catch the packets with this change? Or will not work?
    And one last question: Why ettercap replaces the 1 -> 0 in ip_forward? We must put again the echo command after the ettercap run?

    Thanks in advance

Page 2 of 2 FirstFirst 12

Similar Threads

  1. Sslstrip in a lan - Problems !
    By Carto_ in forum BackTrack 5 Experts Section
    Replies: 18
    Last Post: 12-17-2011, 08:20 PM
  2. Replies: 44
    Last Post: 04-08-2011, 02:30 AM
  3. Replies: 0
    Last Post: 11-28-2010, 01:31 PM
  4. Problem with Password Sniffing with SSLStrip
    By Eatme in forum Beginners Forum
    Replies: 7
    Last Post: 10-01-2010, 08:24 AM
  5. Sickness - Password Sniffing with SSLStrip.
    By sickness in forum BackTrack Videos
    Replies: 35
    Last Post: 09-17-2010, 01:16 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •