Paladin Posted November 12, 2008 Share Posted November 12, 2008 I have played around with arp poison attacks and dns redirection and stuff and am curious if there is something out there that will allow someone to use that type of attack or jasager type attack to feed unsecure sites to people requesting said site in secure fashion. Sorry couldn't think of a nice one line way of saying it so let me try with example. Victim: types into browser http://www.gmail.com Attacker: goes to http://gmail.com gets all items Attacker: rebuilds page and serves it up to allow password to send in clear text Victim: sees same page as if you went to gmail but without the security. I know I can do this manually by saving the page and serving it up by redirecting them to my faked page but I was curious if there was an automatic jasager style way to accomplish this. This way I do not have to know what site they are going ahead of time and there is no warning of security certificates not matching there is just no security period. Any info on this would be much appreciated. Quote Link to comment Share on other sites More sharing options...
will-wtf Posted November 12, 2008 Share Posted November 12, 2008 Cain has a feature that does the pw stealing bit, but you would be suprised what people would do with two txt boxes on a page, and a padlock image top right! The myspace proxy scam comes to mind... Quote Link to comment Share on other sites More sharing options...
Paladin Posted November 18, 2008 Author Share Posted November 18, 2008 Cain has a feature that does the pw stealing bit, but you would be suprised what people would do with two txt boxes on a page, and a padlock image top right! The myspace proxy scam comes to mind... My focus is not in stealing the password that is in plain text ala cain. My focus is in automatically recreating the website in an unsecure fashion. I know how to do it manually no prob what I am looking for is an automated fake site generator. Quote Link to comment Share on other sites More sharing options...
Sparda Posted November 18, 2008 Share Posted November 18, 2008 the trouble with cloning a web site that uses SSL to not use SSL is that it would be very difficult to spot all references that link or point to the server using SSL in an automated way. The only real way to do this is make a copy of the site, manually replace all the links and test that it works, then perform a DNS redirect or poisoning attack to send then to your server instead. Alternatively do a SSL interception attack. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.