abxy007 Posted May 30, 2012 Share Posted May 30, 2012 help!! Every time i start sslstrip...mark iv just reboots. Quote Link to comment Share on other sites More sharing options...
PineDominator Posted May 30, 2012 Share Posted May 30, 2012 help!! Every time i start sslstrip...mark iv just reboots. Do you have the swap partition set up and working? not having swap could cause this, pineapple only has 32MB of ram Quote Link to comment Share on other sites More sharing options...
abxy007 Posted May 30, 2012 Share Posted May 30, 2012 (edited) got usb swap setup on a 2 gb card this is what is says when i type free in the command prompt Executing: free total used free shared buffers Mem: 29524 23568 5956 0 1584 -/+ buffers: 21984 7540 Swap: 531212 564 530648 Verififed that usb swap has been enabled.....When I run sslstrip, i see a log file but when I try to get back to the web interface, i cant. It says pineapple not found (Firefox can't establish a connection to the server at 172.16.42.1.) Edited May 31, 2012 by abxy007 Quote Link to comment Share on other sites More sharing options...
Zayne Posted May 31, 2012 Share Posted May 31, 2012 Users in the following thread are having the same problem. I am one of them. Could Not Access Web Interface Quote Link to comment Share on other sites More sharing options...
abxy007 Posted June 1, 2012 Share Posted June 1, 2012 (edited) Users in the following thread are having the same problem. I am one of them. Could Not Access Web Interface I think i got it working because now, I have a Log file on my usb drive. 2012-06-05 10:42:23,853 POST Data (su.ff.avast.com): !xœsJLQJ-,M-.nts.google.com): goog-malware-shavar;a:70649-80675:s:76801-86262:mac goog-phish-shavar;a:210081-215756:s:98770-101489:mac goog-badbinurl-shavar;a:137-5514:s:61-4658:mac goog-csdwhite-sha256;a:1-23:s:1:mac goog-downloadwhite-digest256;a:1-27:s:1-3:mac 2012-06-05 12:27:50,055 POST Data (safebrowsing.clients.google.com): goog-malware-shavar;a:70656-80677:s:76801-86263:mac goog-phish-shavar;a:210081-215761:s:98770-101494:mac goog-badbinurl-shavar;a:137-5514:s:61-4658:mac goog-csdwhite-sha256;a:1-23:s:1:mac goog-downloadwhite-digest256;a:1-27:s:1-3:mac It this correct ? Edited June 6, 2012 by abxy007 Quote Link to comment Share on other sites More sharing options...
Whistle Master Posted June 6, 2012 Author Share Posted June 6, 2012 Seems to be correct to me as you captured some POST data. By the way, I sent a new version to Seb to prevent the module to be started if ssltrip program is not installed first :) Quote Link to comment Share on other sites More sharing options...
abxy007 Posted June 6, 2012 Share Posted June 6, 2012 Seems to be correct to me as you captured some POST data. By the way, I sent a new version to Seb to prevent the module to be started if ssltrip program is not installed first :) So i dont have to enter in any iptables stuff at all for recording secure data? Quote Link to comment Share on other sites More sharing options...
Whistle Master Posted June 7, 2012 Author Share Posted June 7, 2012 No, the setup is done by the module. Quote Link to comment Share on other sites More sharing options...
niggizito Posted June 8, 2012 Share Posted June 8, 2012 (edited) No, the setup is done by the module. I found that once I setup a refresh interval in sslstrip or urlsnarf modules, click Off (to enable them, Off becomes On) then navigate away, the setting is no longer kept. Is it expected behaviour? Edited June 8, 2012 by niggizito Quote Link to comment Share on other sites More sharing options...
Whistle Master Posted June 8, 2012 Author Share Posted June 8, 2012 The refresh option is only to see the output of sslstrip or urlsnarf which is currently running. You can refresh manually or activate the auto-refresh to see the output in real time :) The auto-refresh is not kept if you navigate away. Quote Link to comment Share on other sites More sharing options...
niggizito Posted June 8, 2012 Share Posted June 8, 2012 The refresh option is only to see the output of sslstrip or urlsnarf which is currently running. You can refresh manually or activate the auto-refresh to see the output in real time :) The auto-refresh is not kept if you navigate away. So it's expected...Good to know :-) Thx, WM! Quote Link to comment Share on other sites More sharing options...
abxy007 Posted June 8, 2012 Share Posted June 8, 2012 thanks guys.......im going to test it out on my self with my banking info. Quote Link to comment Share on other sites More sharing options...
mitzie Posted June 10, 2012 Share Posted June 10, 2012 My pineapple just arrived, I flashed it to the newest firmware (2.3.1) but I don't know how to install sslstrip in my pineapple? Can someone help me please? Thanks in advance! Quote Link to comment Share on other sites More sharing options...
PineDominator Posted June 10, 2012 Share Posted June 10, 2012 My pineapple just arrived, I flashed it to the newest firmware (2.3.1) but I don't know how to install sslstrip in my pineapple? Can someone help me please? Thanks in advance! 1. setup a usb thumb drive as per darrens post http://forums.hak5.org/index.php?showtopic=25882 2. now make sure ICS is working. 3. then once that is working ssh in and issue. opkg update opkg --dest usb install sslstrip Quote Link to comment Share on other sites More sharing options...
Whistle Master Posted June 11, 2012 Author Share Posted June 11, 2012 The sslstrip installation is not needed anymore with the last module :) The module checks if sslstrip is installed, if not, it proposes to install it on USB or on internal memory. Quote Link to comment Share on other sites More sharing options...
mitzie Posted June 11, 2012 Share Posted June 11, 2012 @petertfm I have connected with ssh, but when I try to Issue "mkswap /dev/sda2" I get an error:No such file or directory... I have connected the usb, and followed the darren's instructions. I don't get it... Any help? Thanks Quote Link to comment Share on other sites More sharing options...
Whistle Master Posted June 11, 2012 Author Share Posted June 11, 2012 @petertfm I have connected with ssh, but when I try to Issue "mkswap /dev/sda2" I get an error:No such file or directory... I have connected the usb, and followed the darren's instructions. I don't get it... Any help? Thanks If you post in the correct thread, you will get more chance to get it solved ;) Quote Link to comment Share on other sites More sharing options...
abxy007 Posted June 14, 2012 Share Posted June 14, 2012 I now have sslstrip configured and working. I see the "post " function in the log but what I dont see is any "user credentials". I even logged in with my own banking info and nothing happened. Am I doing something wrong? Thanks again for all your help!!! Quote Link to comment Share on other sites More sharing options...
Whistle Master Posted June 14, 2012 Author Share Posted June 14, 2012 I now have sslstrip configured and working. I see the "post " function in the log but what I dont see is any "user credentials". I even logged in with my own banking info and nothing happened. Am I doing something wrong? Thanks again for all your help!!! It happens that SSLstrip does not work with every browser, sites, etc. Quote Link to comment Share on other sites More sharing options...
thaihenry Posted June 16, 2012 Share Posted June 16, 2012 (edited) What ip tables rules did you use to get sslstrip working on a local lan (no ICS) when I use the standard rule: iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-ports 10000 no traffic seems to be rerouted to sslstrip (except the traffic from the web interface) I should add that my pineapple's address is 192.168.0.xx with the gateway on the same LAN and internet access works fine. I would think that the main purpose of having sslstrip on a router is to not have to use a computer for internet connection and either connect directly to a LAN through ethernet, using 3G or as a repeater using wifi. Also is there any reason why version 6 of sslstrip is being used? I can run the latest version with no problem, but again the traffic is not being routed to port 10000 with the above ip rule. Thanks in advance 1) Regarding your first point (running sslstrip before IPtabel): don't want to see my own password in the log file No, serious: didn't try that but makes sense. You probably do not even have to start the script first BUT you have to start it and it should not crash, otherwise you have to use ssh or the powercycle method to access the webinterface ... 2) Don't want to correct you :) . You are correct of course. I’m connecting from a different IP as you noted but not from 172.16.42.0/24 subnet. 3) Don't know if I got your idea but then it should be iptables -t nat -A PREROUTING -s ! 172.16.42.42 -p tcp --dport 80 -j ACCEPT Not testet, but as far as I remember the "!" add an exception So it would NAT everything but the management station. Maybe there is a way to get the IP of the management host (connection log: Pineapple authpriv.notice dropbear[10456]: Password auth succeeded for 'root' from x.x.x.x) an add an auto exception for this IP just in case the management connects not from 172.16.42.42. Was also only a little brainstorming. Maybe it's getting a little too complicated now and you better add only the standard iptable rules as planed and everyone needs to change it, can change the config file where the iptable commands are defined Edited June 16, 2012 by thaihenry Quote Link to comment Share on other sites More sharing options...
Whistle Master Posted June 16, 2012 Author Share Posted June 16, 2012 The module configures everything you need in term of sslstrip program and iptables rules. Quote Link to comment Share on other sites More sharing options...
thaihenry Posted June 17, 2012 Share Posted June 17, 2012 Thank you for your reply and your work on this module, however unfortunately it does not work for me. It did work when the network settings were set default and I was using ICS. But I need to use it standalone on a lan without going through a computer. I looked through the bash script and the PHP code and only found the one standard iptable redirect rule. Did the installation of the module also add some code or config changes somewhere else outside the module? Would appreciate if you can help me get this working standalone, on a lan without a computer runing ICS. When I run sslstrip manually, and use iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-ports 10000 for some reason the traffic does not get directed to port 10000. It flows right through. The module configures everything you need in term of sslstrip program and iptables rules. Quote Link to comment Share on other sites More sharing options...
thaihenry Posted June 19, 2012 Share Posted June 19, 2012 I think I found a solution but I need others to also test this. By default iptables does not work on the bridge interface br-lan. it is turned off and any redirect command will have no effect. https://forum.openwrt.org/viewtopic.php?pid=143700#p143700 I have edited /etc/sysctl.conf: # disable bridge firewalling by default net.bridge.bridge-nf-call-arptables=1 net.bridge.bridge-nf-call-ip6tables=1 net.bridge.bridge-nf-call-iptables=1 and redirect to port 10000 now works properly iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 10000 on the pineapple I believe the firewall is turned off, if you are using other versions of openwrt you will need to turn off the firewall (or modify the rules) so that traffic gets properly routed to the internet. Quote Link to comment Share on other sites More sharing options...
thaihenry Posted June 19, 2012 Share Posted June 19, 2012 sslstrip version 8 is running perfect on openwrt there is a problem with the latest version 9 off sslstrip: root@OpenWrt:/usb/sslstrip-0.9# python sslstrip.py Traceback (most recent call last): File "sslstrip.py", line 27, in <module> from twisted.web import http File "/opt/usr/lib/python2.7/site-packages/twisted/web/__init__.py", line 14, in <module> from twisted.python.deprecate import deprecatedModuleAttribute ImportError: No module named deprecate I tried installing the zope.deprecate module with no luck. Quote Link to comment Share on other sites More sharing options...
PineDominator Posted June 19, 2012 Share Posted June 19, 2012 sslstrip version 8 is running perfect on openwrt there is a problem with the latest version 9 off sslstrip: root@OpenWrt:/usb/sslstrip-0.9# python sslstrip.py Traceback (most recent call last): File "sslstrip.py", line 27, in <module> from twisted.web import http File "/opt/usr/lib/python2.7/site-packages/twisted/web/__init__.py", line 14, in <module> from twisted.python.deprecate import deprecatedModuleAttribute ImportError: No module named deprecate I tried installing the zope.deprecate module with no luck. hey what command are you using to install version 8? and do you think it is faster/better? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.