Jump to content

Search the Community

Showing results for tags 'sslsplit'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • Hak5 Gear
    • Hak5 Cloud C²
    • New USB Rubber Ducky
    • WiFi Pineapple
    • Bash Bunny
    • Key Croc
    • Packet Squirrel
    • Shark Jack
    • Signal Owl
    • LAN Turtle
    • Screen Crab
    • Plunder Bug
    • WiFi Coconut
  • O.MG (Mischief Gadgets)
    • O.MG Cable
    • O.MG DemonSeed EDU
  • Legacy Devices
    • Classic USB Rubber Ducky
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapples Mark I, II, III
  • Hak5 Shows
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests

Found 5 results

  1. Hi there, as the subject states I am looking for a detailed Guide how to implement SSLSplit on a Raspberry Pi or the Pineapple on actual firmware. I know there is a module on the Pineapple for this, but currently It won't work (I think there are Problems with creating certificates). I alredy tried most of the guides I could find on google, however they ended up not allow any traffic to pass or refuse connections to the access point once SSLSplit is started. Since troubleshooting with this guides hadn't worked with around 20h of work, I would like to know if anybody here has an approcved guide which I may follow to get SSLSplit working. Thanks in advance, Noti
  2. When using SSLSplit, we know that the browsers give an unsecure connection error because the certificates are not valid, but I have read that if one were to buy a valid certifricate and use that, they can avoid the browser warning. If I were to buy a SSL certificate, how would I about doing this with the WiFi Pineapple SSLSplit module?
  3. Hey peeps, just wanted to let you know about a little writeup I did for getting SSLsplit up and runnning on the WiFi pineapple Mark V. I was using my pineapple on a pentest on a mobile app recently. I wanted to break open the SSL connection the App made to a specific host. Proxy redirection did not work as the app was using non HTTP traffic over the SSL tunnel. So Burp was unable to interpreter the traffic. Here I learned about SSLsplit: a great tool for full SSL traffic decoding regardless of what protocol is used over the SSL tunnel. I wanted to use it on my Pineapple, but was unable to find a how-to. So I made a writeup on how to get it working. Check it out at http://champagneandsecurity.wordpress.com/2014/07/26/sslsplit-on-wifi-pineapple/ Its a non GUI apporach, but it works like a charm and lead to some very interesting results with my app pentest :) I hope it helps others trying to achieve the same.
  4. I can't imagine this would be too difficult but it would be nice to have a SSL split infusion since ssltrip is fazing out ever since HSTs started becoming popular.
  5. I just flashed the new firmware and downloaded sslsplit on my pineapple. I started it and then went for a bus ride, and a walk around the city. When I got home I opened up the log file and I can see a lot of information like this- 2014-08-15 11:38:00 UTC ssl [172.16.42.228]:46824 [198.142.186.29]:443 sni:- crt:google.com/google.com/*.2mdn.net/*.android.com/*.appengine.google.com/*.au.doubleclick.net/*.cc-dt.com/*.cloud.google.com/*.de.doubleclick.net/*.doubleclick.com/*.doubleclick.net/*.fls.doubleclick.net/*.fr.doubleclick.net/*.google-analytics.com/*.google.ac/*.google.ad/*.google.ae/*.google.af/*.google.ag/*.google.al/*.google.am/*.google.as/*.google.at/*.google.az/*.google.ba/*.google.be/*.google.bf/*.google.bg/*.google.bi/*.google.bj/*.google.bs/*.google.bt/*.google.by/*.google.ca/*.google.cat/*.google.cc/*.google.cd/*.google.cf/*.google.cg/*.google.ch/*.google.ci/*.google.cl/*.google.cm/*.google.cn/*.google.co.ao/*.google.co.bw/*.google.co.ck/*.google.co.cr/*.google.co.hu/*.google.co.id/*.google.co.il/*.google.co.im/*.google.co.in/*.google.co.je/*.google.co.jp/*.google.co.ke/*.google.co.kr/*.google.co.ls/*.google.co.ma/*.google.co.mz/*.google.co.nz/*.google.co.th/*.google.co.tz/*.google.co.ug/*.google.co.uk/*.google.co.uz/*.google.co.ve/*.google.co.vi/*.google.co.za/*.google.co.zm/*.google.co.zw/*.google.com/*.google.com.af/*.google.com.ag/*.google.com.ai/*.google.com.ar/*.google.com.au Being new to the pineapple and sslsplit I'm not quite sure what I have done wrong. There is a lot of data, but I can't seem to find any user names or passwords. I ran sslsplit with PineAP and Karma but was I supposed to start something else at the same time? I read http://champagneandsecurity.wordpress.com/2014/07/26/sslsplit-on-wifi-pineapple/%C2'> but it looked to me like a guide for the command line sslsplit and not an infusion. Was I supposed to follow this to the tee because all I did was click start, Any help would be really appreciated.
×
×
  • Create New...