Jump to content

Sslstrip Dsniff Using Mk3 (v1.9) On Bt5r1


Recommended Posts

G'day Gents (& Gals?),

Now that most of us have figured out how to flash and setup our MK3's, I'd like to start a discussion thread about what can be achieved next.

Can one of the experts here provide some insight for how to route tools like SSLSTRIP + DSNIFF on the host OS (ex. BT5R1); a few have pointed out that there are storage limitations for logging data with tools that are built into the MK3 interface, such as, ngrep.

Also, because we are already the MITM with the MK3 do we need to change iptables & use arpspoof? I don't want to bork the ./wp3.sh config for the MK3 by messing with routing, etc, when trying to configure SSLTRIP.

This tool is awesome guys, really fun stuff... Thanks :)

Diggs

Link to comment
Share on other sites

Have you looked at the wp3 script?

It will take you through all the steps needed to get get internet sharing and routing setup in backtrack.

From that point SSL strip is setup just like has been described many times and since it will be running on your laptop you wont have the space limitations of the pineapple.

If your interested I can post up the script I use with my pineapples, its a little more work to get working but it has tcpdump to log all packets for offline mining , SSL strip, and also takes care of the ip forwarding and internet sharing in BT5 R1.

Link to comment
Share on other sites

Definitely would be interesting to see the script you use.

wp3.sh seems to create the necessary allow IP forward rule (from 0 to 1). I found I was able to get ssl strip to work (which I'm completely knew to) by doing the following:

- enable wifi pineapple (flashed to v1.9) & activate karma- enable iptables (iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 8080)- enable arpspoof (arpspoof -i eth1 172.16.42.178 172.16.42.1)- enable sslstrip (chmod +x sslstrip.py --> ./sslstrip.py -l 8080)

Have you looked at the wp3 script?

It will take you through all the steps needed to get get internet sharing and routing setup in backtrack.

From that point SSL strip is setup just like has been described many times and since it will be running on your laptop you wont have the space limitations of the pineapple.

If your interested I can post up the script I use with my pineapples, its a little more work to get working but it has tcpdump to log all packets for offline mining , SSL strip, and also takes care of the ip forwarding and internet sharing in BT5 R1.

Link to comment
Share on other sites

haha! freakin' awesome -- you guys rock!

Mr-Protocol: how would that be possible? Can you explain the logic at all? What doesn't make sense to me is that I was trying to get ettercap to work earlier for the same reason. I wanted to automate and make the setup easier but ultimately I couldn't automate SSLSTRIP as much as I wanted because you have to select a client and host IP for ARPSPOOF.

The "BIG" technical question in my head is can SSLSTRIP be ran against the AP and all traffic instead of individual clients? So it will literally create a net and capture all U/P for clients that connect to MK3.

Thoughts?

I was debating editing the wp3.sh to ask if you want to start SSL Strip and throw exception if it isn't installed and working. But soon it may be implemented into the pineapple by forms of magic... MAYBE

Edited by diggler
Link to comment
Share on other sites

haha! freakin' awesome -- you guys rock!

Mr-Protocol: how would that be possible? Can you explain the logic at all? What doesn't make sense to me is that I was trying to get ettercap to work earlier for the same reason. I wanted to automate and make the setup easier but ultimately I couldn't automate SSLSTRIP as much as I wanted because you have to select a client and host IP for ARPSPOOF.

The "BIG" technical question in my head is can SSLSTRIP be ran against the AP and all traffic instead of individual clients? So it will literally create a net and capture all U/P for clients that connect to MK3.

Thoughts?

SSL strip will run against ALL clients since you will be running it on the laptop against the Ethernet interface connected to your pineapple. And like we said no arpspoof required =)

Link to comment
Share on other sites

A lil tipsy right now, but basically what happens is an iptables entry is made to forward all SSL traffic (port) to the SSLStrip listener which SSLStrip forwards it on and does it's magic. So it would work on all clients not on an individual basis. It's basically just a simplified proxy in the middle of the connection, almost like privoxy.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...