Search the Community
Showing results for tags 'hsts'.
Found 2 results
SSLstrip2 + dns2proxy Now WORKING on the Pineapple NANO + TETRA. Last update: 15.01.2017 Changelog: Uploaded everything to github. Install procedure: root@Pineapple:~# wget -qO- https://raw.githubusercontent.com/adde88/sslstrip-hsts-openwrt/master/INSTALL.sh | bash -s -- -v -v (This launches a install script that downloads a .ipk file containing the tools, and installs all the python-libaries correctly.) What now? sslstrip2 and dns2proxy gets installed to /usr/share/, or /sd/usr/share when using the Pineapple NANO. When using dns2proxy, please check that you traverse into its directory before launching it. (If not you might encounter errors about missing files: (nospoof.cfg) etc.) root@Pineapple:~# cd /sd/usr/share/sslstrip2/ root@Pineapple:~# python sslstrip.py --help root@Pineapple:~# cd /sd/usr/share/dns2proxy/ root@Pineapple:~# python dns2proxy.py --help Github repo. + source-files: https://github.com/adde88/sslstrip-hsts-openwrt OPKG Installation File: (For those who want to install it manually) https://github.com/adde88/sslstrip-hsts-openwrt/raw/master/sslstrip-hsts_0.9_ar71xx.ipk
Hi, I m new to pentesting. I have got my pineapple nano last month. i have been learning by watching tutorials available on internet since then. Most of the material available is related to the nano's predecessors. And i have found that some of them dont work anymore or i m not being guided appropriately. Modules like SSLsplit, DNSspoof, DNSMasq Spoof, Evil portal etc dont seem to work anymore. Like SSLsplit and DNSMasq dont seem to work in case of https sites. On browsers like chrome, firefox etc. the sites like facebook, gmail, etc. dont even open when i try to dnsspoof, and secondly the data is still encrypted after using sslsplit. Infact we just cant open the site without https. So i needed to know that after the implementation of HSTS, have these modules become completely useless??? or is there some way around using them? P.S. I m a newbie so please guide me thoroughly.. :)