nolashadow Posted July 4, 2014 Share Posted July 4, 2014 a little issue here. when i click on logs and try to view the logs and start scrolling the page jumps back to the bottem. it will not let me see the log. Also when i click download to download the log a blank page comes up and thats it any ideas? Quote Link to comment Share on other sites More sharing options...
IcarusM Posted July 23, 2014 Share Posted July 23, 2014 Hi guys, I'm having problems with this: Pineapple 1.4.1 sslstrip v1.6 I've flashed back to factory a couple of times to try to get this working but I usually only get this: sslstrip output_1388534526.log [January 01 2014 00:03:42] 2014-01-01 00:03:42,775 POST Data (clients1.google.com): 0I0G0E0C0A0 +jpI#z(~dJhvbZ/c T I've tried multiple ways to install it and the above output is all that I've gotten... Everything else is working, and my client is able to connect to the internet (sometimes not able to load the page, but rarely). Rarely I do get the same kinda output that t31mo posted. Please help! Quote Link to comment Share on other sites More sharing options...
IcarusM Posted July 23, 2014 Share Posted July 23, 2014 The sslstrip version installed is "sslstrip 0.9 by Moxie Marlinspike" Quote Link to comment Share on other sites More sharing options...
IcarusM Posted July 24, 2014 Share Posted July 24, 2014 Please let me know how you fixed this! Quote Link to comment Share on other sites More sharing options...
Whistle Master Posted July 26, 2014 Share Posted July 26, 2014 Please post in the infusion thread dedicated to sslstrip infusion next time, you will get more help. MOD: Moved. Quote Link to comment Share on other sites More sharing options...
mreidiv Posted July 27, 2014 Share Posted July 27, 2014 Its now working for me at all i get this output from the command line File "/usr/bin/sslstrip", line 108, in <module> main(sys.argv[1:]) File "/usr/bin/sslstrip", line 101, in main reactor.listenTCP(int(listenPort), strippingFactory)ValueError: invalid literal for int() with base 10: 'l' Quote Link to comment Share on other sites More sharing options...
Bl4ckc00k1e Posted August 10, 2014 Share Posted August 10, 2014 Hi i see bad this infusion on firmware 2.0.0 and high: http://www.subirimagenes.com/imagedata.php?url=http://s2.subirimagenes.com/imagen/9027894pineapesslstrip.png Quote Link to comment Share on other sites More sharing options...
Whistle Master Posted August 10, 2014 Share Posted August 10, 2014 I know. All infusions with tabs have the same issues. Fixes are on their way. Quote Link to comment Share on other sites More sharing options...
bytedeez Posted August 21, 2014 Share Posted August 21, 2014 Not sure if you can do anything with it or not but sensepost recently came out with a sslstrip script that has been modified to deal and overcome hstshttps://github.com/sensepost/mana/tree/master/sslstrip-hsts Quote Link to comment Share on other sites More sharing options...
manlyhak Posted August 27, 2014 Share Posted August 27, 2014 Hey guys! just started up using my mark V, gosh i love this thing!!! anyways doing the sslstrip was just a click away, but i noticed that Facebook and Gmail wont show up in logs, but when i go to aol.com wth my device thats connected to the pineapple and type in mango for username and mango for password and hit enter, it records it...then i stop go to history and view the latest log, when i Ctrl+F and type loginid= i see it! mango mango....so my question is whats up with facebook and gmail? is it that they are too secure? Quote Link to comment Share on other sites More sharing options...
dustbyter Posted August 27, 2014 Share Posted August 27, 2014 manlyhak, I haven't checked facebook and others, but my guess is that they are now using HSTS to set the HTTP Strict Transport Security, this tells the browser to ensure that all the links to it are over HTTPS. I think SSL-SPLIT was created to alleviate some of this, but it would have a warning popup on the browser because of the invalid certificate, regarding SSLSTRIP, I think at Defcon sensepost modified it to work with hsts. We will have to see what those changes are and when they will be available on the pineapple's version of sslstrip. Quote Link to comment Share on other sites More sharing options...
chriswhat Posted August 27, 2014 Share Posted August 27, 2014 My advice is to stop placing so much emphasis on Facebook. Many people use the same creds for most, if not all, of their accounts (i.e. social media, financial, email, etc.). Compromise one of them, and you can often compromise the rest of them. LinkedIn Wordpress Instagram Vimeo Microsoft Live PayPal Wells Fargo Chase Bank of America Fidelity Capital One IRS.gov Amazon Target Vudu RedBox HakShop DigitalOcean Quote Link to comment Share on other sites More sharing options...
manlyhak Posted August 27, 2014 Share Posted August 27, 2014 Awesome thanks for the tips guys! are their any other similar wifi monitoring infusions in the pineapple bar? Quote Link to comment Share on other sites More sharing options...
thesugarat Posted August 27, 2014 Share Posted August 27, 2014 HakShop :) Quote Link to comment Share on other sites More sharing options...
eschafir Posted August 29, 2014 Share Posted August 29, 2014 Hi everyone, is the SSLStrip infusion on MArk V working well? Couse im trying to make it work and i can´t. I saw the tutorial of Darren but nothing... :( If you need more info please ask.. Thanks!! Esteban Quote Link to comment Share on other sites More sharing options...
i8igmac Posted August 29, 2014 Share Posted August 29, 2014 Try other browsers, try other sites... https hak5 works well... https facebook is a little tricky Quote Link to comment Share on other sites More sharing options...
Urieal Posted August 29, 2014 Share Posted August 29, 2014 My understanding is it is entirely dependent on the browser -- and -- if its apart of the HSTS site list... Thats why In another forum post I am inquiring to the infusion of SSLSTRIP2 and DNS2Proxy. SSLStrip as it stands has worked flawlessly against all our targets of interest when using Internet Explorer...Safari,Chrome,Firefox -- Thats a different story all together.. But remember - just because SSLStrip doesn't work -- you could always just ettercap or wireshark the data and hope they login to something with HTTP (Clear Text)You'd be surprised how many people use the same email and password for everything -- We're human.If you're not having much luck with SSLStrip and you're currently working for someone (client) perhaps try SEToolkit... clone the page and e-mail your clients..You'd be amazed at how many people believe they really did win a free Ipad -- or a cruise to the bahamas. Quote Link to comment Share on other sites More sharing options...
eschafir Posted August 29, 2014 Share Posted August 29, 2014 Thx guys! After opening this post i noticed about the HSTS sites... but with yours explanations its very clear for me now. Thank you!! Quote Link to comment Share on other sites More sharing options...
bytedeez Posted August 30, 2014 Share Posted August 30, 2014 Some guys at Sensepost made a new version of sslstrip called sslstrip-HSTS as part of the their new mitm toolset called MANA. it's not a cover all solution but is suspose to work depending on the site. More information and the code can be found here https://github.com/s...r/sslstrip-hsts Maybe one of the pros here can make an infusion. Quote Link to comment Share on other sites More sharing options...
Urieal Posted August 30, 2014 Share Posted August 30, 2014 Some guys at Sensepost made a new version of sslstrip called sslstrip-HSTS as part of the their new mitm toolset called MANA. it's not a cover all solution but is suspose to work depending on the site. More information and the code can be found here https://github.com/s...r/sslstrip-hsts Maybe one of the pros here can make an infusion. https://forums.hak5.org/index.php?/topic/33518-big-thanks-to-hak5-i-snuck-in-a-question-too/ I posted about this in my thread -- I hope some of the pros read through it. It involves DNS Proxy 2 and SSLSTRIP2. It has a pretty high success rate; but I'm having a hard time contacting the author.. Hopefully someone can expand on this... Quote Link to comment Share on other sites More sharing options...
bytedeez Posted August 30, 2014 Share Posted August 30, 2014 (edited) You might have better luck contacting research@sensepost.com also most of the time the creators of script an apps with sensepost will create a Google group to go along with it. I'll dig into it as well. It usually takes a few days for them guys to respond. Edited August 30, 2014 by damavox Quote Link to comment Share on other sites More sharing options...
singe Posted September 5, 2014 Share Posted September 5, 2014 Didn't see a mail to research@sensepost.com, the sslstrip-hsts tool was originally by LeonardoNVE, we just made some small changes to it. What can we help with? Quote Link to comment Share on other sites More sharing options...
korniza Posted September 11, 2014 Share Posted September 11, 2014 dear all, I m an enthusiastic new owner of pineapple....I updated firmware as is recommenced to 2.0.4 and after i installed the sslstrip *1.8* for pineapple bar. The issue is that I tried all the kind of setups (internal/sd) but I do not get any capture of ssl connections to MANY different sites (gmail/aol.com/facebook/twitter/cryptocoin sites/forums) and none returned any data to sslstrip to pineapple. I used laptop and android phone. Do I have to install another infusion or do some parameter adjustments? Quote Link to comment Share on other sites More sharing options...
korniza Posted September 12, 2014 Share Posted September 12, 2014 I re-intalled the firmware and now is working fine! Quote Link to comment Share on other sites More sharing options...
cheeto Posted September 13, 2014 Share Posted September 13, 2014 @Korniza, It's my understanding that you can't sslstrip too much anymore because of HSTS. Therefore, gmail, yahoo mail, hotmail etc.... are not possible. (as far as i know). Please correct me if im wrong. cheers, Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.