Jump to content

Sslstrip Slow


Neworld

Recommended Posts

SSLSTRIP has been preforming quite slow when using my google toolbar.... It just keeps loading and loading.

(google toolbar)

post-40252-0-76501300-1346473523_thumb.j

Also I would like to point out when your typing an address in, and it has a "/" at the end of it, it preforms slow as well.

"www.google.com" works great, but "www.google.com/" does not.

SSLSTRIP runs beautifully otherwise though.

Any thoughts on why this may be happening? Any fixes?

Link to comment
Share on other sites

sslstrip also slowing everything down

facebook.com or google.com wont even load up

other sites are loading, but very very slow

when sslstrip is turned off, everything is a fast

sslstrip installed over webui onto usb stick with swap of 2 gigs

I would also like to add that "google.com" works fine for me, it's just "google.com/" doesn't.

Same with facebook.

The "/" at the end has been giving me some trouble.

Link to comment
Share on other sites

i tried on two different computers, with few vms in them

all browsers (firefox, chrome, safari)

will not open email from google when sslstrip is running at all

Hmmm.... I noticed this too. I could login to yahoo but once I was logged in, I couldn't go to view my mail.

I'm starting to question whether it's an sslstrip problem and not a pineapple problem.... Can anyone confirm different results with sslstrip using backtrack sslstrip?

Link to comment
Share on other sites

my pineapple uses dnsspoof to direct all traffic to my BT5r3 VM. running sslstrip on backtrack, and getting issues loading facebook, gmail etc. after authentication.

capturing the pwd no problem, but the client gets no/limited content. seems to be sslstrip and not pineapple..? EDIT: or just a bunch of similar but different problems...

Edited by l0rdr4t
Link to comment
Share on other sites

I beleve the current version of sslstrip for open-wrt is 0.7 maybe there are fixes for these issues in later versions?


Changes in 0.9 (05/15/11)
Bug fixes introduced in 0.8 that were preventing GMail and other logins.
Speed enhancements.
Support for stripping compressed content-encodings if they slip past us.

Changes in 0.8 (04/24/11)
Major speed enhancements.
Compatibility changes for recent versions of twisted.
Support for stripping URLs with explicit port specifications (ie: foo.com:443)
A number of small bug fixes.
[/CODE]

also there was an older topic on these forums on how to update to version 0.9 but I also remember you had to make one or two edits to get it to work

Edited by petertfm
Link to comment
Share on other sites

Having the same problem as everyone else. Anyway to update sslstrip to a newer version than is provided in the module?

someone on the forum a while back posted instructions on how to do that, if I remember there is an issue with .09 and a file needed to be modified, I never tried it

Link to comment
Share on other sites

I don't think it is a problem with sslstrip, although updating to version 8 helps

The main problem is that bridging is not turned on. To turn it on:

vi /etc/sysctl.conf

Change to:

# disable bridge firewalling by default

net.bridge.bridge-nf-call-arptables=1

net.bridge.bridge-nf-call-ip6tables=1

net.bridge.bridge-nf-call-iptables=1

Should only be one IP redirect:

iptables --table nat --append PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000

ssltrip is a proxy which means that you ca do all kinds of things with it besides getting passwrds.!!!

Link to comment
Share on other sites

Could the difficulties with the google bar be related to the Safe Browsing API from google?

Actually I was testing sslstrip against the google bar, and this is what the log says.


2012-09-14 12:37:37,385 POST Data (safebrowsing.clients.google.com):
goog-malware-shavar;mac
goog-phish-shavar;mac
[/CODE]

Did they save my mac or what?? :blink:

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...