Jump to content

sslstrip and windows


PlasticNinja

Recommended Posts

I'm trying to run sslstrip under windows. I'm assuming this should work being that it is just python and I have that installed, but when I try and run sslstrip.py -f lock.ico or "whatever syntax i've tried all of them that are in the script" I get

File "d:\sslstrip.py", line 39

print "\nsslstrip " + gVersion + " by Moxie Marlinspike"

SyntaxError: invalid syntax

I can't seem to find any info on why I'm getting this. Line 39 in the sslstrip.py is print "\nsslstrip " + gVersion + " by Moxie Marlinspike"

This is version 0.7 I just downloaded it today from his site. I even get this message if I do -h which should be for the help menu. so I have something wrong with my python install? Thanks

Link to comment
Share on other sites

Be a man and install Linux.

I don't think ssl strip will work on windows because it relies on iptables to forward traffic around.

Follow these instructions to run ssl strip;

* Flip your machine into forwarding mode. (echo "1" > /proc/sys/net/ipv4/ip_forward)

* Setup iptables to redirect HTTP traffic to sslstrip. (iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port <listenPort>)

* Run sslstrip. (sslstrip.py -l <listenPort>)

* Run arpspoof to convince a network they should send their traffic to you. (arpspoof -i <interface> -t <targetIP> <gatewayIP>)

Link to comment
Share on other sites

Thanks but you can get it to work in windows you can do IPtables with java there is a whitesheet out there on doing it on windows but he just says to use python and well I can't seem to get that to work. I do have it running on linux and that works find so thanks for the advice of being a man but been there done that and I got the T-shirt. I'm looking for advice on how to do this in windows. There are a ton of stuff for doing in in linux including the readme that comes with sslstrip when you download it. Thanks though

Link to comment
Share on other sites

  • 2 weeks later...

Thanks. again though looking for a way to get it to run in windows. Please don't reply unless you plan to be helpful. I CAN do it in linux and it works great BUT I want to try and do it in windows not because I need to but because it is annoying me that I can't get it to run in windows it is python and I have python working. Oh I did figure out the issue here was with twisted not being installed correctly. though now it is saying the error importing open ssh module. Anyone know where I can get that? thanks.

Link to comment
Share on other sites

  • 2 weeks later...
* Run arpspoof to convince a network they should send their traffic to you. (arpspoof -i <interface> -t <targetIP> <gatewayIP>)

I hate to hijack the OP's thread but I have a question of my own in regards to SSL strip on linux. I am yet to download backtrack 4 and was planning on having a fiddle with this as soon as the download is completed.

Anyways with the above quoted cli you specify the target ip and the gateway. I was wondering what the command line would be to ARP Spoof all clients on the network instead of a single target address. All so if you do this does this also ARP poison the clients that have joined the network and have just been issued an IP address via DHCP?

Link to comment
Share on other sites

ah cool I thought I was gonna have to use something like -i A for all or some sort of wild card like access control lists on cisco gear. Leaving it blank is so much more convenient for a lazy person.. Thanks for the info Psychosis that makes it the second time you have helped me out.,IOU x2 Alcoholic beverages. =D

From a system/network admin prospective, how would one detect/mitigate (mitigate without VPNing your ass) ARP poisoning attacks? I know that from command prompt you can arp -a which will display the ARP table and the only notable discrepancy is the MAC address for the gateway. Is this sort of thing detectable on Microsoft ISA, your standard client software firewalls or anything?

I also noticed that a few sites use like a mix mode of HTTP and HTTPS. For example Facefart's main page is in HTTP and only kicks on over to HTTPS once a user clicks the sign in button. From the average end user prospect nothing has really changed and even if an educated user noticed that the HTTPS was not shown once signed in to the their online account its a little to late.

Link to comment
Share on other sites

I also followed that tut from whitepage with a few hours trial and error. I was able to redirect my IP using java and make sslstrip read and connect with openssl no errors. Infact everything seemed to be running just like it does on linux no errors what so ever in the end. And sslstrip created the log file and said it was running and my IP tables were being redirected and of course I was arpspoofing. But 1 huge flaw after getting it all to link togeather and receiving no errors. Even tho sslstrip was running and it created the log file, no data was being recorded into it. no matter what https site I went to it would not log the data into the log file. But if any of you would like to message me on how I got it all up and running no errors feel free. Altho I dont see why the sslstrip created the log file but does not send data to it. I believe it has somthing to do with how the sslstrip program is linked to openssl. Altho going threw the python scripts nothing hit my eye.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...