satai Posted March 9, 2012 Share Posted March 9, 2012 Hey, Has anyone had any luck with sslstrip running on the actual mk4 device, i installed it(to usb) and after a few tweaks got it to run, the problem is it doesn't look like IPTABLES on the device allows for port redirection so i am not able to redirect from 80 to the port SSLStrip is running on, if anyone knows of another way to do port redirection that would be really helpful Quote Link to comment Share on other sites More sharing options...
satai Posted March 9, 2012 Author Share Posted March 9, 2012 Hey, Has anyone had any luck with sslstrip running on the actual mk4 device, i installed it(to usb) and after a few tweaks got it to run, the problem is it doesn't look like IPTABLES on the device allows for port redirection so i am not able to redirect from 80 to the port SSLStrip is running on, if anyone knows of another way to do port redirection that would be really helpful Little more info on this i wanted to use iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000 and run sslstrip on that port however if you try using this method you get an error :unknow option to port" digging into this package iptables-mod-nat-extra will resolve this problem and is a listed package however if you try installing that package it complains about a kernel dependancy. Quote Link to comment Share on other sites More sharing options...
satai Posted March 10, 2012 Author Share Posted March 10, 2012 Little more info on this i wanted to use iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000 and run sslstrip on that port however if you try using this method you get an error :unknow option to port" digging into this package iptables-mod-nat-extra will resolve this problem and is a listed package however if you try installing that package it complains about a kernel dependancy. Ok ironed all the other issues out and now left with one that i can't seem to figure out and any help would be appreciated using this Nat RULE iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000 I get the error iptables: No chain/target/match by that name. Anyone seen this before or can give me a pointer. Thanks Quote Link to comment Share on other sites More sharing options...
Valsacar Posted March 11, 2012 Share Posted March 11, 2012 I didn't even get that far... just throws an error for me. Quote Link to comment Share on other sites More sharing options...
satai Posted March 11, 2012 Author Share Posted March 11, 2012 I didn't even get that far... just throws an error for me. What Error are you getting? Quote Link to comment Share on other sites More sharing options...
Darren Shady Posted March 11, 2012 Share Posted March 11, 2012 I didn't even get that far... just throws an error for me. You at least get the option, you need to update and install the package; I'm getting the same "No chain/target/match by that name" error. To add the extra nat options; opkg update opkg install iptables-mod-nat-extra Quote Link to comment Share on other sites More sharing options...
satai Posted March 13, 2012 Author Share Posted March 13, 2012 Ok so by using the new beta firmware iptables works, i can install SSLstrip and i can do the NAT forward, unfortunately a few seconds after SSL strip runs the pineapple reboots. The updated Kernel in the beta version definitely helped the iptables issues Quote Link to comment Share on other sites More sharing options...
telot Posted March 13, 2012 Share Posted March 13, 2012 Ok so by using the new beta firmware iptables works, i can install SSLstrip and i can do the NAT forward, unfortunately a few seconds after SSL strip runs the pineapple reboots. The updated Kernel in the beta version definitely helped the iptables issues Thats great to hear you're making progress! I'm hugely interested in getting this working as well, unfortunately I haven't been able to spend much time on it in the last week. Bummer that it keeps rebooting though - perhaps Seb can shine some light? telot Quote Link to comment Share on other sites More sharing options...
bobtheman Posted March 14, 2012 Share Posted March 14, 2012 I would love a how to guide on this. Quote Link to comment Share on other sites More sharing options...
satai Posted March 14, 2012 Author Share Posted March 14, 2012 I would love a how to guide on this. Will Definitely post something once its working Quote Link to comment Share on other sites More sharing options...
telot Posted March 30, 2012 Share Posted March 30, 2012 Well its been a couple weeks...anyone had any luck on the sslstrip front? If not, I'll play with it tomorrow morning when I got some pineapple time :) telot Quote Link to comment Share on other sites More sharing options...
legion Posted April 1, 2012 Share Posted April 1, 2012 Well its been a couple weeks...anyone had any luck on the sslstrip front? If not, I'll play with it tomorrow morning when I got some pineapple time :) telot Any luck? Quote Link to comment Share on other sites More sharing options...
Deezer Posted April 2, 2012 Share Posted April 2, 2012 Any luck? Same here. im curious. I have installed all depencies, sslstrip is starting on commmand line, but not really sure how to route traffic for it to generate stripped traffic to a eth0 port or do some phising. Quote Link to comment Share on other sites More sharing options...
legion Posted April 3, 2012 Share Posted April 3, 2012 I've installed sslstrip, but when I run it, I'm getting the following error: Traceback (most recent call last): File "/usb/usr/bin/sslstrip", line 27, in <module> from twisted.web import http File "/usb/usr/lib/python2.6/site-packages/twisted/__init__.py", line 22, in <module> raise ImportError("you need zope.interface installed " ImportError: you need zope.interface installed (http://zope.org/Products/ZopeInterface/) I checked and it is installed: root@Pineapple:~# opkg install zope-interface -d usb Package zope-interface (2.5.0-1) installed in usb is up to date. Any ideas? Quote Link to comment Share on other sites More sharing options...
RebelCork Posted April 3, 2012 Share Posted April 3, 2012 I've installed sslstrip, but when I run it, I'm getting the following error: Traceback (most recent call last): File "/usb/usr/bin/sslstrip", line 27, in <module> from twisted.web import http File "/usb/usr/lib/python2.6/site-packages/twisted/__init__.py", line 22, in <module> raise ImportError("you need zope.interface installed " ImportError: you need zope.interface installed (http://zope.org/Products/ZopeInterface/) I checked and it is installed: root@Pineapple:~# opkg install zope-interface -d usb Package zope-interface (2.5.0-1) installed in usb is up to date. Any ideas? Just wondering, have you installed it to a usb drive and have you sym linked the program? Quote Link to comment Share on other sites More sharing options...
legion Posted April 3, 2012 Share Posted April 3, 2012 Just wondering, have you installed it to a usb drive and have you sym linked the program? No, but I found the solution on another site. I just had to create the missing file. Here's the command: touch /usb/usr/lib/python2.6/site-packages/twisted/__init__.py Quote Link to comment Share on other sites More sharing options...
elmocrispers Posted April 5, 2012 Share Posted April 5, 2012 Anyone else have issues with this? is there a how to on this out there somewhere? thanks, Elmocrispers Quote Link to comment Share on other sites More sharing options...
telot Posted April 5, 2012 Share Posted April 5, 2012 Anyone else have issues with this? is there a how to on this out there somewhere? thanks, Elmocrispers Nope - we still have to develop it as a community. If you'd like to give it a shot and share your results here in this thread, that'd be great! I haven't had much luck finding time to devote to it unfortunately :S Once I do I will surely post what I find. In the meantime however, please have a go at it! telot Quote Link to comment Share on other sites More sharing options...
elmocrispers Posted April 5, 2012 Share Posted April 5, 2012 Nope - we still have to develop it as a community. If you'd like to give it a shot and share your results here in this thread, that'd be great! I haven't had much luck finding time to devote to it unfortunately :S Once I do I will surely post what I find. In the meantime however, please have a go at it! telot Challenge accepted :) elmocrispers Quote Link to comment Share on other sites More sharing options...
legion Posted April 7, 2012 Share Posted April 7, 2012 Am I correct in thinking that the issue is with the bridged interface and iptables? Apparently this guy got it working on a vanilla openwrt box: http://www.rodneybeede.com/sslstrip_on_OpenWRT__Linux__wireless_router.html Quote Link to comment Share on other sites More sharing options...
Sebkinne Posted April 7, 2012 Share Posted April 7, 2012 I have SSLStrip working on a beta I am testing right now. Once internal testing is complete I will post it as a beta. If that is successful then the beta will be rolled into a release. This does take some time as there is a lot to test. So no ETA ;) Best, Sebkinne Quote Link to comment Share on other sites More sharing options...
Whistle Master Posted April 7, 2012 Share Posted April 7, 2012 Excellent news ! Can't wait to get the beta ! Quote Link to comment Share on other sites More sharing options...
legion Posted April 7, 2012 Share Posted April 7, 2012 Is it feasible to run ettercap in conjunction with sslstrip to easily snatch passwords? I've ran them together many times on a linux box without any issues. I'm just not sure how well it will work on the bridged interface. Quote Link to comment Share on other sites More sharing options...
telot Posted April 7, 2012 Share Posted April 7, 2012 I have SSLStrip working on a beta I am testing right now. Once internal testing is complete I will post it as a beta. If that is successful then the beta will be rolled into a release. This does take some time as there is a lot to test. So no ETA ;) Best, Sebkinne Best news I've heard all day! Thanks Seb! telot Quote Link to comment Share on other sites More sharing options...
g4hsean Posted April 30, 2012 Share Posted April 30, 2012 Sebkinne, I was wondering how you got it running on the beta version that you have now? Up until now I have got almost everything working except for iptables complaining "iptables: No chain/target/match by that name." because of the --to-port(s) option. How did you bypass that issue, would you be able to share some of this info so like that we can try it out or is it something that is too risky? I also heard that the only way to get sslstrip working is with a beta kernel that you guys are working with. When will this kernel be available to test on for us beta testers? Thanks Sean Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.