Jump to content

Search the Community

Showing results for tags 'sslstrip'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • Hak5 Gear
    • Hak5 Cloud C²
    • New USB Rubber Ducky
    • WiFi Pineapple
    • Bash Bunny
    • Key Croc
    • Packet Squirrel
    • Shark Jack
    • Signal Owl
    • LAN Turtle
    • Screen Crab
    • Plunder Bug
    • WiFi Coconut
  • O.MG (Mischief Gadgets)
    • O.MG Cable
    • O.MG DemonSeed EDU
  • Legacy Devices
    • Classic USB Rubber Ducky
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapples Mark I, II, III
  • Hak5 Shows
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests

  1. I was pointed to this by an LE contact: http://insider.foxnews.com/2018/02/07/google-tracking-you-tucker-carlsons-report-silicon-valley-surveillance-capitalism The kit used by the reporter - anyone know what it is? I can tell that these are being used: The device in the middle is a Throwing Star Lan Tap: https://greatscottgadgets.com/throwingstar/ The device on the right is an Intel CPU stick: https://www.amazon.com/Intel-Compute-Computer-processor-BOXSTK2m3W64CC/dp/B01AZC4IKK The rest of it looks like probably standard WiFi, maybe a large battery to power the whole setup. I'd guess SSLstrip or something similar to penetrate https, but what about the software being used? Anyone know what it might be? I also assume this kit isn't a package, but if so, the LE guy wants one :)
  2. Hello Folks, I am actually facing the problem with HSTS when i perform MITM , i would like to know if i could filter the website i want to track during the attack , example : don't redirect www.facebook.com to my MITM Thanks in advance !
  3. hi anyone know why pineapple wifi mark MK5, ver 2.4.0 not capturing anything on sslstrip. I am not talking about the username or password, i know sslstrip don't work but it don't even display anything like pages i visit .. i have installed the module and enabled it. it show sslstrip running but nothing is displaying/capturing nothing is showing up.
  4. Hi I'm experimenting with Ettercap to perform MiTM attacks, and DNS-spoof. My setup exists out of two laptops. Laptop A running Kali Linux 2.0 and is the 'attacker' machine (IP: 192.168.0.131), and Laptop B running Windows 7 as 'victim' (IP: 192.168.0.150). I'm encountering a few problems when I try this, first of all, the command 'route' doesn't find my actual default gateway. It says the default is '192.168.0.0', but Ettercap and the Windows machine say it is '192.168.0.1' which is the correct one. But that ain't he biggest problem, the biggest problem is, that my DNS-spoof attack is working when performing it using the Ettercap-GUI. But as soon as I try to do it by using the terminal it fails; it doesn't even intercept the requests made from the victim. My command: ettercap -T -q -i wlan0 -M arp:remote -P dns_spoof //192.168.0.1//192.168.0.150// What is wrong with this command, because the attack works in graphical mode there is something wrong with the command, not with my network setup. I also made a video showing the problem: https://sendvid.com/8o8p2ssz like you can see there it is working graphical, but not from terminal using the command. And than my second question Can someone point me in the right direction/tutorial on how to use this attack with SSLstrip? This to perform a downgrade attack to also be able to DNS-spoof SSL-protected (HTTPS) websites. Of course I have searched myself, but none tutorial or video found showing it with Ettercap etc. Thanks!
  5. Hi i think it is a waste investing in pineapple wifi for hacks considering that sslstrip don't work anymore because of hsts on all new browsers. Is there any new updates on this? Thanks.
  6. Hello, i have a mkv that i have had laying around for a while so i decided to get into trying it out. I am currently studying computer science but have only worked in windows. I understand this device is just a linux box with software on it. I have been trying to do MiM attacks on myself but i have noticed that SSLstrip only works on a site without HTTPS. That is most websites.. Is there a way around this? if not, what else can this box do?
  7. Hey Everyone, I am using Mark V and Firmware Version: 2.4.0 I am able to set up successfully, internet is shared, infusions are installed etc. Even I am able to use the recon module but when I try to use PineAP its getting failed, not sure the reason why? Even SSLStrip is not showing any logs etc.. It seems the SSLStrip is not working properly, however it shows that SSLStrip is started. Even DeAuth is not working. It seems none of the pentest tools working. Can anyone help me??
  8. Hello, I'm trying to encrypt ssl, I have information that happens to .key file the certificate with wireshark but to me does not work. Do you know how to encrypt ssl. Testing Sslstrip/ sslstrip2 but probably no longer works. Use Kali linux 2.0
  9. Hi, I m new to pentesting. I have got my pineapple nano last month. i have been learning by watching tutorials available on internet since then. Most of the material available is related to the nano's predecessors. And i have found that some of them dont work anymore or i m not being guided appropriately. Modules like SSLsplit, DNSspoof, DNSMasq Spoof, Evil portal etc dont seem to work anymore. Like SSLsplit and DNSMasq dont seem to work in case of https sites. On browsers like chrome, firefox etc. the sites like facebook, gmail, etc. dont even open when i try to dnsspoof, and secondly the data is still encrypted after using sslsplit. Infact we just cant open the site without https. So i needed to know that after the implementation of HSTS, have these modules become completely useless??? or is there some way around using them? P.S. I m a newbie so please guide me thoroughly.. :)
  10. I've done some searching, but most everything that comes up is for the Mark IV and installing sslstrip. I haven't seen a post that specifically covers "sslstrip is not running ..." I've enabled sslstrip and once I click refresh (due to it not working) it states "sslstrip is not running..." but shows that it's still enabled. If you X out of the window and go to the home screen, it shows it's still enabled, but if you go back into sslstrip its disabled. I tried resetting to the defaults using the dip switches, reinstalled sslstrip and it seems like it works if I don't enable Karma first, but once I enabled Karma it was all over. Is this a known issue that my search fu didn't find, or am I doing something wrong?
  11. Hi there, Im new with pineapple, i receive mine 3 days ago. I follow the instructions to first run and update without any problem. I install sslstrip 2.1 from pine bar (It is the main function , which led me to buy the pine) with no problem, connect my pine to my home wifi through client mode, and connect another computer to the access point created by pineapple. This ap work fine, with internet connection. When i start sslstrip, i think it starts as it should be, it appears the info about the log file as been created (or something like this), but when i go to the computer connected to the AP from pine, it opens https and http normally, and sslstrip log still empty and nothing happen. (not normal i think). I search the forum, and found posts about HSTS, that sslstrip not work with it, but the problem i have, does not seem related to it because it open all pages normally. How to solve this? While i search about sslstrip and sslstrip i found some posts about Delorean, but little information about it and how to use it. I installed it, and connect to ssh through PuTTY on windows (my first time with ssh),and try to run - delorean -h , but it appears that there is no delorean. How to start and use delorean? I need a solution to get post data from https, how to achieve this with pineapple those days? Delorean with sslstrip together do the job? If i need to post here some data from pineapple who needs to get from ssh, pls tell me what i need to write in ssh to get the necessary information. Thanks.
  12. After reading countless threads about SSLSTRIP not working on systems such as Safari, Firefox, and Chrome I wanted to inquire about something that was released at Defcon Asia... SSLSTRIP 2 and DNS2PROXY https://github.com/LeonardoNve/sslstrip2 This is a new version of Moxie´s SSLstrip with the new feature to avoid HTTP Strict Transport Security (HSTS) protection mechanism. This version changes HTTPS to HTTP as the original one plus the hostname at html code to avoid HSTS. Check my slides at BlackHat ASIA 2014 OFFENSIVE: EXPLOITING DNS SERVERS CHANGES for more information. For this to work you also need a DNS server that reverse the changes made by the proxy, you can find it athttps://github.com/LeonardoNve/dns2proxy. Demo video at: http://www.youtube.com/watch?v=uGBjxfizy48 The DNS Proxy I am having a really hard time following the instructions, I've tried to contact the developer for clarification but no luck. Anyone else care to chime in on how to setup dns2proxy? - > Also is there anyone willing to take on the challenge on adding this as an infusion to the pineapple? My understanding is this would allow you to compromise all browsers such as Safari, Chrome, and Firefox? The demo video interestingly enough shows quite vividly proof of concept -- just trying to figure out how to do this? I'm running a few Kali Linux machines, can someone clarify how I'm supposed to setup the DNS proxy? To the ENTIRE Hak5 Team; Thankyou for working on a device that is truly amazing and endless with opportunity. We are only limited by our creativity when it comes to deployment with this awesome device. I took it upon myself to invest in all the bells and whistles that came with the Mark 5. Lets talk about build quality - FIRST CLASS! This thing is scary - To the untrained eye you wouldn't have ANY idea what it is... To the trained idea, the only term that comes to mind is pwned and operated. PineAP: ... so thats what Dogma does -- and thats why karma doesn't work as expected anymore :D -- Soooo many questions on this forum could be answered by watching this regarding Karma.. Chris Haralson https://www.youtube.com/channel/UCK15ED34btB3NZznGIXQuwA This guys videos and guides are first class - aimed at people with my skill sets I really couldn't ask for anything to be clearer. I am anxiously awaiting your future guides and videos.. (*I check back everyday*). My office :D And a snazzy little pic of some pineapples....
  13. Hi, im trying to get the sslstrip module to work and kinda does but when I get any output it its "encripted", here is an example: sslstrip output_1443084213.log [september 24 2015 08:43:52] 2015-09-24 08:43:47,291 POST Data (csi.gstatic.com): 2015-09-24 08:43:52,232 POST Data (vassg142.ocsp.omniroot.com): 0U0S0Q0O0M0 +ä-Rè™òP:îBˆ9÷–0Qø½ú¯swÆÇùKM§Ñ3¯¯r=µá…ì»±÷ÏaÓ'jˆ›¦|C also the domain name is not the one that I enter on the browser, any ideas why this happens and how can I fix this thanks
  14. Hey, I really need some help! MY WiFi Pineapple does not do noting you or anyone does from Krama to sslstrip. I really need some help and trying everything to make it work but nothing works. I do the step by step videos and what not but It keep not working right. Nothing shows in the sslstrip when i run it and try facebook... Karma seemd not to work for me i have to manually get on the WiFi pineapple. It just might be me missing a step somehow but i don't think i am. If anyone can help by saying what it might be it might just save me from going crazy.
  15. Hello, I am new to this hacking stuff. I'm curious so I'm trying out new things. One thing I came across is SSLstrip...I read about it and its use so I wanted to try it on a system. But after doing the steps as given in the video How To: Use SSLstrip On Kali Linux by Chris Haralson on YouTube, the victim system is still opening HTTPS. I tried using SSLstrip from BackTrack 5 r3 also...but I wasn't successful. I know I'm missing something..Please help me.
  16. A while back Em3rgency from Top-Hat-Sec created a script that worked in BackTrack. I recently modified it to work in Kali. Check it out for your Fake AP pleasure. Check out my blog for the script at http://goo.gl/UFYMg3 http://wp.me/p479Vp-1p instead. Let me know if you run into any problems running it.
  17. Description: This infusion will inject HTML code into a response from a server. The issue with ettercap and other proxies is that they cannot inject into SSL sessions as a result of the encryption. This infusion takes Moxie's SSLstrip and uses that as the proxy that injects code. This architecture provides 2 main benefits: Strip SSL from sessions before injecting code which allows for a larger attack surface. An asynchronous, non-blocking socket proxy provided by twisted-web gives much better performance from the client's point of view. The attacks that can be implemented from this are endless.. SSLstrip for stealing passwords and inject BeEf hook.. or Java Applets... or Browser_AutoPwn in an Iframe.. All these and more will be possible via JasagerPwn or manually. Feature Set: Installer - The installer will setup the SSLStrip dependencies. This will probably even fix your normal sslstrip infusion if you're having issues with it.Note: This does not use the default SSLStrip on the system since SSLStrip had to be modified for this purpose. Log Output - Displays the log standard output that is generated by the modified SSLStrip. Yes.. you can get passwords still in here in the process. Attacker (single address) filter - Pretty self explanitory, this adds a '! -s attacker_ip' in the iptables rule so you do not inject code into your own browsing sessions. Injection Code Editor - Allows you to enter in any arbitrary code into the text editor. Note, if you have an attack running and modify this code - you need to restart the attack. Auto Refresh Enable/Disable and Logging in Small Tile Screenshot (Interface): Screenshot (Basic Alert Pop-up): Credit: Infusion GUI: Whistle Master SSLStrip: Moxie Marlinspike Cheers!
  18. Haz3

    Sensepost MANNA

    Looks like I missed a great Defcon this year, including a presentation from Senseposts Dominic White and Ian de Villiers on their new Wireless attack toolkit - MANNA https://github.com/sensepost/mana It includes amongst other things: hostapd-manna - modified hostapd that implements new karma attacks and looks a lot like PineAP crackapd - a tool for offloading the cracking of EAP creds to an external tool and re-adding them to the hostapd EAP config (auto crack 'n add) sslstrip-hsts - Modified sslstrip Firelamb - captures and writes cookies to a firefox profile for easy use. I've only had a quick play with it, but there's some great ideas and I love the way the different attacks are rolled into a toolkit. Maybe some ideas here for future Pineapple development?
  19. hi, It seem that sslstrip is not working in version 2.04 it start normal, but it wont strip ssl of on normal sites, I do not know what i am doing wrong. Pam
  20. Hi everyone, As I just recieved my pineapple mark IV, some questions come to me... With the implementation of hsts, sslstrip became a little bit inefficient... (even if I can harvest some of my credentials). I'd like to know a few things : Does someone already test dns2proxy with sslstrip2 from Leonardo Nve ? https://github.com/LeonardoNve How does it works? Cause i'm quite new to this, and i wasn't able to make them work together on my computer. It's ok for the dns which redirect sites to a fake adress when i do a nslookup (like facebook pointing to 192.168.0.123) but sslstrip didn't return me anything. And, it is possible to make an infusion of those to script for a pineapple? (mark IV if possible). And there is the last one, the one i'm ashamed of... how to change my dhcp conf? Sorry if my english seems wierd, i'm french. And thanks :)
  21. Ettercap and sslstrip will not install on my MK5. Notifications says they install successfully; but when I go back to the infusion list is says they need to be updated again. I have tried removing and rebooting but no love. Still does the same thing on these 2 infusions.
  22. Hello, I just received my wifi pineapple mark v, I put sslstrip running, but I only worked on hotmail.com, if I try to go to facebook or youtube the security HTTPS still on, can someone help me on this?. thank you
  23. Hi guys, On my blog I wrote a post about MitM attack using SSLStrip + arpspoof. It's in Italian so I don't know if u can undestand: http://www.gianlucaghettini.net/intercettazione-traffico-https-e-recupero-dati-sensibili/ Other than the actual attack (which is very well known) I focused on the HSTS policy and how it is useful to prevent such attacks. Do you known any successful attempt to break such security policy? Poisoning the DNS cache of the target host could lead to a scenario in which the target browser goes to a fake domain, receive a forged HTTP header with a max-age value of zero: Strict-Transport-Security: max-age=0; includeSubDomains and then get redirected to the real site. The HSTS RFC says that browser SHOULD ignore the HSTS header when in HTTP mode but maybe this very specific check was not implemented on all browser.
  24. Hello all, I am having an issue with redirecting traffic for sslstrip using iptables, I have tried to use these commands: iptables -t nat -A PREROUTING -i wlan0 -p tcp --dport 80 -j REDIRECT --to-port 60000 iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 60000 Which should redirect http traffic from port 80 to 60000, where I would have my sslstrip listening, however, nothing happens. After applying the above rule I test using tcpdump -i wlan0 'port 60000' and no traffic is seen, while port 80 has traffic. I have tried flushing all tables (iptables -F, iptables -t nat -F) and running the above rules, to no avail. If anyone has any ideas any help would be appreciated.
  25. Hi, i'm using a pineapple wifi V and i cannot use sslstrip working correctly. When i start karma all is working well and if i connect to a fake wifi that pineapple make i can navigate to internet through it. But if i start sslstrip i cannot navigate to any site. Just loading.... I check /proc/sys/net/ipv4/ip_forwarding and it's set to 1. I use wlan1 to connect to a wifi in client mode and wlan0 with karma to make fake access point. Anyone can help me? When i start sslstrip my output is line in image i attached
×
×
  • Create New...