Jump to content

Recommended Posts

few tips since i had to reset my pineapple 5~ times before getting ssl strip to run reliably

1: do not auto refresh your logs, this is the most important i would say, if you have too much to load/any traffic currently on your pineapple, you do not load the logs fast enough causing your pineapple to lock up entirely, the only way to stop the issue for me was to remove the usb, and unplug, replug then re usb, a few times i also had to use the reset button at bottom of device.

2: verbose logs are a no no, if for whatever reason you do want to log more information about traffic run url snarf side by side, or yet again you run the risk of freezing when loading logs

3: in firefox, the browser i was testing with, you wont be able to pull user:pass from gmail, possibly because i had enabled always use ssl possibly due to hsts, but i WAS able to pull logs from twitter, another site supposedly protected via hsts on firefox

4:starting karma seems to disable ssl strip more often then not, so remember to restart ssl strip after starting karma, or at least to check it

5: a bit more obvious, but while searching for issues i had i saw this as an issue for others, you dont have to mitm your own pineapple to run ssl strip like you would on a different network, instead of pretending to be the router, your running it FROM the router.

while searching for the issues i was having i found 4-5 posts on the forums, i wanted to let people know how i got things to work, and figured this was an easier/less cluttered/necro way of responding.

Link to post
Share on other sites

good idea, i see there is no basic starting ssl strip guide, i will write up a step by step i suppose

edit: i dont seem to have appropriate permissions, using same name and email as forums.

Edited by sober
Link to post
Share on other sites

Heres a guide I did on using sslstrip - if you have any changes or additions, please feel free to copy it and add in your findings. Thanks!

telot

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...