Jump to content


Active Members
  • Content Count

  • Joined

  • Last visited

  • Days Won


About thaihenry

  • Rank
    Hak5 Fan

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. For anyone interested, I got sslstrip .9 working by remarking the following lines so that the deprecate module is not requried: nano /opt/usr/lib/python2.7/site-packages/twisted/web/__init__.py # -*- test-case-name: twisted.web.test -*- # Copyright © Twisted Matrix Laboratories. # See LICENSE for details. """ Twisted Web: a L{web server} (including an L{HTTP implementation} and a L{resource model}) and a L{web client}. """ from twisted.web._version import version from twisted.python.versions import Version #from twisted.python.deprecate import deprecatedModuleAttribute __version_
  2. I don't think it is a problem with sslstrip, although updating to version 8 helps The main problem is that bridging is not turned on. To turn it on: vi /etc/sysctl.conf Change to: # disable bridge firewalling by default net.bridge.bridge-nf-call-arptables=1 net.bridge.bridge-nf-call-ip6tables=1 net.bridge.bridge-nf-call-iptables=1 Should only be one IP redirect: iptables --table nat --append PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000 ssltrip is a proxy which means that you ca do all kinds of things with it besides getting passwrds.!!!
  3. Interesting, I definitely have it working on my wr703n with the latest version of openwrt (development). I am pretty sure I had it working on the Mark4 also. Did you reboot? I wonder if there are different versions of the firmware? Is your linux version 3.3?
  4. Yes that is correct, I have not done much testing on it otherwise. You just need to manually install the prerequisites as having SET install them for you will not work. Also have quite a few other python tools working great like mitmproxy
  5. See my earlier post on this. By default iptables does not work on a bridge interface for openwrt. see my earlier post on sslstrip on how to fix that. Frankly I don't see how anyone can get sslstrip working on the Jasager without this fix.
  6. urlsnarf listens only on port 80 and 8080. Once you start sslstrip, traffic is redirected to port 10000 by default, so urlsnarf does not see any traffic. I have not tried it, but get sslstrip to run on port 8080, urlsnarf may then pick up the traffic.
  7. In case you cannot exchange them, keep in mind that as long as you are running openwrt, there is still a lot that you can do with the boards. Most of the utilities will run fine from the command line, however you will not get the pineapple firmware (interface) on it. I would be interested to know if 16 Megs memory is enough to run SSLstrip properly though.
  8. Instead of using ettercap, (the filters don't work properly) use sslstrip to write an iframe in the response body. If you provide me with your java script code, I can modify sslstrip for you to do that, so that your sslstrip module will also do key logging! This can also be taken further to do all kinds of things like for example sending users to a computer running metasploit, set etc. while you are at it might as well do a SET module since I have SET working on my router.
  9. For existing users of the Pineapple that want to get sslstrip working properly: 1. edit /etc/sysctl.conf (otherwise port redirect to port 10000 will not work!) change the 0 to 1 in the following section: vi /etc/sysctl.conf # disable bridge firewalling by default net.bridge.bridge-nf-call-arptables=1 net.bridge.bridge-nf-call-ip6tables=1 net.bridge.bridge-nf-call-iptables=1 2. Depending on what version you have make sure that the firewall is disabled. 3. Install the following packages in case they were never installed: opkg -dest usb install python opkg -dest usb install zope-interf
  10. To answer my own post and get the latest version of sslstrip (v.9) working: Comment out lines 97 and line 98 of ServerConnection.py in the sslstrip sub-folder. # elif (key.lower() == 'set-cookie'): # self.client.responseHeaders.addRawHeader(key, value) However I have tested vesions 6-9 of sslstrip, while version 8 and 9 work, there is a problem (only on openwrt) that prevents the web page being loaded after passwords have been captured. most likely because "Compatibility changes for recent versions of twisted" Which means that twisted is not the latest version on openwrt
  11. This is a guide on how to get sslstrip working on openwrt. This should work on ANY router that supports openwrt with USB ports and 32 MB of memory or more. A fast CPU would help, however sslstrip runs fine on 400 mgz CPU. I have tested this on the pineapple mark 4 and on the tplink WR703N 1. Make sure you install a firmware with a version 3.0 or greater kernel. At this time only the development snapshots (firmware) of openwrt have linux 3.3 iptables may not be properly supported on earlier versions. 2. Install USB support, this is very well documented elsewhere on this site 3. edit /e
  12. Just in case someone can take this further, this is the error message when running version 9 after a few seconds: sslstrip 0.9 by Moxie Marlinspike running... Traceback (most recent call last): File "/opt/usr/lib/python2.7/site-packages/twisted/python/log.py", line 48, in callWithLogger return callWithContext({"system": lp}, func, *args, **kw) File "/opt/usr/lib/python2.7/site-packages/twisted/python/log.py", line 33, in callWithContext return context.call({ILogContext: newCtx}, func, *args, **kw) File "/opt/usr/lib/python2.7/site-packages/twisted/python/context.py", line
  13. According to moxie, these are the changes that he made: Changes in 0.8 (04/24/11) Major speed enhancements. Compatibility changes for recent versions of twisted. Support for stripping URLs with explicit port specifications (ie: foo.com:443) A number of small bug fixes. Changes in 0.7 (12/18/09) Fixed a minor bug that could prevent favicon spoofing from working correctly (thanks Simon Nicolussi). Changes in 0.6 (9/22/09) Fixed a silly bug in specifing the listen port with -l Here is how to get is working: cd /usb wget http://www.thoughtcrime.org/software/s
  14. sslstrip version 8 is running perfect on openwrt there is a problem with the latest version 9 off sslstrip: root@OpenWrt:/usb/sslstrip-0.9# python sslstrip.py Traceback (most recent call last): File "sslstrip.py", line 27, in <module> from twisted.web import http File "/opt/usr/lib/python2.7/site-packages/twisted/web/__init__.py", line 14, in <module> from twisted.python.deprecate import deprecatedModuleAttribute ImportError: No module named deprecate I tried installing the zope.deprecate module with no luck.
  15. I think I found a solution but I need others to also test this. By default iptables does not work on the bridge interface br-lan. it is turned off and any redirect command will have no effect. https://forum.openwrt.org/viewtopic.php?pid=143700#p143700 I have edited /etc/sysctl.conf: # disable bridge firewalling by default net.bridge.bridge-nf-call-arptables=1 net.bridge.bridge-nf-call-ip6tables=1 net.bridge.bridge-nf-call-iptables=1 and redirect to port 10000 now works properly iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 10000 on the pineapple I believe the
  • Create New...