Jump to content

Sslstrip & Pineapple


Recommended Posts

Hello all. I've had my pineapple working for a little while now with ICS and SSL Strip, but I have noticed that most browsers now easily detect SSL Strip attacks. The command I am using to run SSL Strip is "./sslstrip.py -l 64123 -f" (I have everything forwarded to port 64123. However after testing, to get around this all the client needs to do is type "https://www.whatever.com" and they will get a SSL session.

I don't know much about iptables, but I'd like to forward all the SSL traffic to another port so that having a SSL session is not an option and when the client connects and try to use SSL the browser will just say "something isn't right, SSL isn't available... are you SURE you want to continue" and then it will automatically forward it and they'll get a regular http session. I hope that made sense. I believe this is done by using sslstrip to forward everything from port 10000 to a different port?

Any help would be appreciated. Thanks.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...