red_snow62_10
-
Posts
7 -
Joined
-
Last visited
Posts posted by red_snow62_10
-
-
I believe in ettercap, there are plenty if tutorials out there for this attack, I'm sure your missing a few little settings.
on backtrack. A fewcommands
Locate etter.conf
You have to edit 3 lines, first set guid => 0
And scrole down you will find 2 lines of iptables, remove the # on both iptable lines to enable
Then you have to locate IP_forwarding and edit it to show 1
Ettercap -T -q -M ARP // //
I do agree with whar wassaid above, I would start out with a distro like Linux mint or something...
on your test machine try surfing multiple websites like yahoo.com msn.com etc...
Thanks,
I editted the etter.conf file but i couldn't locate the IP_forwarding file?
where is it located?
-
I'm trying to do some sniffing on my local network using Kali but I'm not being too successful. I'm mainly using ettercap.
Can someone please help me with the steps and explain them in detail so that it's easy to understand?
-
It seems you don't have a clear understanding of what sslstrip does.
Read this thread on this very forum for some additional insight.
TL;DR: Once it's https it stays https. All SSLStrip does is prevent the remote site from upgrading the existing http connection to https and having it appear to the target as if the site is secure when in fact it isn't.
The way to clear an htst entry from the target machine is to have the remote site specify a duration of 1 for its hsts header. The value is the amount of seconds after the moment the browser sees this header field that any subsequent connection attempt by the browser must be made using https, so use that, wait a second, then access via http and it will do just that.
Ok...that breakdown you did on that post was really helpful.. Thanks.
So if what I understood is right..what if the victim clears all the cookies and history everything and then goes to any https website while the attacker has already started sslstrip..then he should get a http site, right?
-
Most websites these days like social media sites force https by default not an expert at https but i will just say that sslstrip is pretty much out dated when it comes to trying to target websites that have https even if you were able to generate a "legit" SSL Cert i wouldn't know how to tell you how you go about decrypting the SSL traffic not like i've seen any public tools out for that.
Also thanks to HTTP Strict Transport Security (HSTS) built into all the web browsers expect IE the HTTPS is nicely cached in the browser so unles you can clear the target machines browser cache as soon as they go to a website like facebook the it's gonna load https.
okay...so how would you clear the target machine's browser cache? doing this seems a bit tough...
-
What website are you trying to intercept? Are you sure your target is accessing it via HTTP (as opposed to HTTPS)?
Well, my main objective is to sniff passwords over the local network...so HTTPS transfers encrypted data which even if I sniff, it wont be readable...so thats why I want it to turn into HTTP so that things can get easier.
-
Hello,
I am new to this hacking stuff. I'm curious so I'm trying out new things.
One thing I came across is SSLstrip...I read about it and its use so I wanted to try it on a system.
But after doing the steps as given in the video How To: Use SSLstrip On Kali Linux by Chris Haralson on YouTube, the victim system is still opening HTTPS.I tried using SSLstrip from BackTrack 5 r3 also...but I wasn't successful.
I know I'm missing something..Please help me.
Sniffing on the local network
in Questions
Posted
your site is really nice..great job with the videos..