PineDominator Posted August 19, 2012 Share Posted August 19, 2012 (edited) Ok so I had this idea a few months ago but don't know how hard it might be to actually do. maybe someone that knows could point me in the right direction. what I want to do is make a MITM module or program for the pineapple that inserts the HSTS header into all http requests, http://en.wikipedia....y#Applicability once I have figured out how to slip in HSTS into headers I want to make one page that populates/connects to 10s or 100s of popular websites that don't use ssl, basically the victim can no longer browse to those pages because there browser believes it should be encrypted. what do you think would this work and what tools could I use to insert the hsts header? ettercap? Edited August 19, 2012 by petertfm Quote Link to comment Share on other sites More sharing options...
Jaruba Posted August 20, 2012 Share Posted August 20, 2012 (edited) What would be the point of doing this? Wouldn't it be easier to clone the unsecured website page and do a DNSSpoof to all domains without even serving the pineapple internet? Or even do selective DNSSpoof on those 10s or 100s of websites with the cloned page while serving internet.. Isn't the result the same? :P Edited August 20, 2012 by Jaruba Quote Link to comment Share on other sites More sharing options...
PineDominator Posted August 20, 2012 Author Share Posted August 20, 2012 Would you please share what you wish to accomplish with inserting HSTS into headers? What would be the result of this action? Isn't HSTS a security measure for websites? sorry, I was hopping it would leave the victim and the pages this hack served up usless on there web browser. Quote Link to comment Share on other sites More sharing options...
Jaruba Posted August 20, 2012 Share Posted August 20, 2012 (edited) Sorry, I didn't see you replied and edited the question after rereading your first post. :) The thing is that I did work on that transparent proxy at one point, and it could be used for what you need, as long as it's used on websites without ssl, it could probably work as intended, but the result would ultimately be the same, you'll still need to write all domains in the dnsspoof list, and it would visually be the same thing as cloning the unsecured website warning. Only that with my pages it will work significantly slower and probably bugs will arise here and there. So I just don't see why someone would do it. :P Edited August 20, 2012 by Jaruba Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.