Jump to content

Search the Community

Showing results for tags 'sslsplit'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • Hak5 Gear
    • Hak5 Cloud C²
    • WiFi Pineapple Mark VII
    • USB Rubber Ducky
    • Bash Bunny
    • Key Croc
    • Packet Squirrel
    • Shark Jack
    • Signal Owl
    • LAN Turtle
    • Screen Crab
    • Plunder Bug
  • O.MG (Mischief Gadgets)
    • O.MG Cable
    • O.MG DemonSeed EDU
  • WiFi Pineapple (previous generations)
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapples Mark I, II, III
  • Hak5 Shows
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests


Enter a five letter word.

Found 9 results

  1. Hi, i recently bought wifi pineapple nano and the problem i am getting with module ssl split is that once it's installed and started, the clinet devices does not open any websites at all. No facebook no google or yahoo or anything else which is https. As soon as i turn off the ssl split, everything just works fine. Any help would be much appreciated.
  2. Hi, I bought recently an wifi pineaple nano and i started using dwall and tcpdump but i could get most of the encrypted stuff so i serched and discovered sslsplit but when i use it my browser says that i´m using a invalid/fake certificate and i dont know where i can get a valid certificate! Does this have to do with the config that comes with sslsplit? My config: ################################################################## # Certain packets are redirected to the local port 8080 and 8443 # ################################################################## ## Plain text HTTP traffic (80) is redirected to port 8080 iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-ports 8080 ## WhatsApp (5222) is redirected to port 8080 iptables -t nat -A PREROUTING -p tcp --dport 5222 -j REDIRECT --to-ports 8080 ## SSL-based HTTPS traffic (443) is redirected to port 8443 iptables -t nat -A PREROUTING -p tcp --dport 443 -j REDIRECT --to-ports 8443 ## IMAP over SSL (993), SMTP over SSL (465 and 587) is redirected to port 8443 iptables -t nat -A PREROUTING -p tcp --dport 587 -j REDIRECT --to-ports 8443 iptables -t nat -A PREROUTING -p tcp --dport 465 -j REDIRECT --to-ports 8443 iptables -t nat -A PREROUTING -p tcp --dport 993 -j REDIRECT --to-ports 8443
  3. Module: SSLsplit Version: 1.0 Features: Install dependencies Generate certificate Manage firewall rules Live output with filter options Run History Autostart on boot
  4. Hi, i've just upgraded firmware to 2.6.1 and have some problem with installing Dependencies of SSLSplit and Ettercap. Besides i could not start Dwall listening. Anyone could help plz!
  5. Hi there, as the subject states I am looking for a detailed Guide how to implement SSLSplit on a Raspberry Pi or the Pineapple on actual firmware. I know there is a module on the Pineapple for this, but currently It won't work (I think there are Problems with creating certificates). I alredy tried most of the guides I could find on google, however they ended up not allow any traffic to pass or refuse connections to the access point once SSLSplit is started. Since troubleshooting with this guides hadn't worked with around 20h of work, I would like to know if anybody here has an approcved guide which I may follow to get SSLSplit working. Thanks in advance, Noti
  6. When using SSLSplit, we know that the browsers give an unsecure connection error because the certificates are not valid, but I have read that if one were to buy a valid certifricate and use that, they can avoid the browser warning. If I were to buy a SSL certificate, how would I about doing this with the WiFi Pineapple SSLSplit module?
  7. Hey peeps, just wanted to let you know about a little writeup I did for getting SSLsplit up and runnning on the WiFi pineapple Mark V. I was using my pineapple on a pentest on a mobile app recently. I wanted to break open the SSL connection the App made to a specific host. Proxy redirection did not work as the app was using non HTTP traffic over the SSL tunnel. So Burp was unable to interpreter the traffic. Here I learned about SSLsplit: a great tool for full SSL traffic decoding regardless of what protocol is used over the SSL tunnel. I wanted to use it on my Pineapple, but was unable to find a how-to. So I made a writeup on how to get it working. Check it out at http://champagneandsecurity.wordpress.com/2014/07/26/sslsplit-on-wifi-pineapple/ Its a non GUI apporach, but it works like a charm and lead to some very interesting results with my app pentest :) I hope it helps others trying to achieve the same.
  8. I can't imagine this would be too difficult but it would be nice to have a SSL split infusion since ssltrip is fazing out ever since HSTs started becoming popular.
  9. I just flashed the new firmware and downloaded sslsplit on my pineapple. I started it and then went for a bus ride, and a walk around the city. When I got home I opened up the log file and I can see a lot of information like this- 2014-08-15 11:38:00 UTC ssl [172.16.42.228]:46824 [198.142.186.29]:443 sni:- crt:google.com/google.com/*.2mdn.net/*.android.com/*.appengine.google.com/*.au.doubleclick.net/*.cc-dt.com/*.cloud.google.com/*.de.doubleclick.net/*.doubleclick.com/*.doubleclick.net/*.fls.doubleclick.net/*.fr.doubleclick.net/*.google-analytics.com/*.google.ac/*.google.ad/*.google.ae/*.google.af/*.google.ag/*.google.al/*.google.am/*.google.as/*.google.at/*.google.az/*.google.ba/*.google.be/*.google.bf/*.google.bg/*.google.bi/*.google.bj/*.google.bs/*.google.bt/*.google.by/*.google.ca/*.google.cat/*.google.cc/*.google.cd/*.google.cf/*.google.cg/*.google.ch/*.google.ci/*.google.cl/*.google.cm/*.google.cn/*.google.co.ao/*.google.co.bw/*.google.co.ck/*.google.co.cr/*.google.co.hu/*.google.co.id/*.google.co.il/*.google.co.im/*.google.co.in/*.google.co.je/*.google.co.jp/*.google.co.ke/*.google.co.kr/*.google.co.ls/*.google.co.ma/*.google.co.mz/*.google.co.nz/*.google.co.th/*.google.co.tz/*.google.co.ug/*.google.co.uk/*.google.co.uz/*.google.co.ve/*.google.co.vi/*.google.co.za/*.google.co.zm/*.google.co.zw/*.google.com/*.google.com.af/*.google.com.ag/*.google.com.ai/*.google.com.ar/*.google.com.au Being new to the pineapple and sslsplit I'm not quite sure what I have done wrong. There is a lot of data, but I can't seem to find any user names or passwords. I ran sslsplit with PineAP and Karma but was I supposed to start something else at the same time? I read http://champagneandsecurity.wordpress.com/2014/07/26/sslsplit-on-wifi-pineapple/%C2'> but it looked to me like a guide for the command line sslsplit and not an infusion. Was I supposed to follow this to the tee because all I did was click start, Any help would be really appreciated.
×
×
  • Create New...