Hey there fellow backtrackers and pentesters,

after months of in-depth metasploit-juggling and learning about stuff like .exe-injections, encryptions, etc., I recently went on to learn more about wifi-network(ing) attacks like MITM, ARP-spoofing and so on.

Long story short: When running sslstrip 0.9 (BT5R3) during a MITM-attack my current victim-machine (Win7, not patched, no AV, firewall opened for web, network-printers, etc.) constantly alerts that someone may be faking the desired website (i.e. gmail, fb, and others) and asks me to actively add an exception for this insecure protocol. Real bummer in a pentest.

Is there any way to prevent firefox from detecting sslstrip's work and passing me to the desired site without asking for a permisson / exception?

Thanks in advance,

Carns