loozr Posted September 23, 2012 Share Posted September 23, 2012 Ok, for some time I have been wondering if it would be possible to clean up the sslstrip logfile a bit to make it easier to read. I first tried some simple grep commands to just get the lines I wanted, and it made it easier to read the logs. However I was not satisfied and searched the net for better solutions. I found a project called logex. This is a python script made by.. I'm not sure who he is, but at least I have linked to his project page :) This script is actually quite great, it strips only what I'm interested in and creates a html page to view the interesting parts.(although I would like it to print the md5 from sites using that for login) With that log parser script working I was on my road to hapiness, but thought that it could still be a bit easier, and started to look into the php, and javascript of the sslstrip module. I'm not fully satisfied with my solution, but it's ok for now. Thought I might share if anyone else is interested. And remember, none of what I'm presenting here is mine, I simply put together bits and pieces from things already made by others. Credits goes to the writer of logex, and Whistlemaster for sslstrip module. Another thing to mention is that I have no clue what I'm doing, I just made it work, so this might not work in your setup. YMMV B) That said, it would be great if you could share what solutions you are using, or if you have any input regarding the logfiles. How a logfile usually looks like Edited History page Cleaned logfile To do this yourself. sslstrip installed on usb. edited log_ex.py in pastebin edited sslstrip.js in pastebin edited sslstrip_actions.php in pastebin edited sslstrip_data.php in pastebin Copy/create/edit "log_ex.py" , "sslstrip_actions.php" and "sslstrip_data.php" to "/usb/modules/sslstrip/". The "sslstrip.js" should be created/copied/edited to "/usb/modules/sslstrip/js/". Finally you create a folder named html, i.e. "/usb/modules/sslstrip/html/" When you are done you will have to have a logfile you would like to clean(doh), then press Clean, and afterwards View. The .html files is placed inside the html folder(kinda obvious;) Quote Link to comment Share on other sites More sharing options...
Neworld Posted September 23, 2012 Share Posted September 23, 2012 I would love for this to be integrated into the current sslstrip.... Also, I'm still waiting to see if anyone has fixed the problem with using a search toolbar like google and any website that you put a "/" at the end. See my previous post: Quote Link to comment Share on other sites More sharing options...
loozr Posted September 23, 2012 Author Share Posted September 23, 2012 Although I have not spoken with Whistlemaster about it, I'm afraid this solution won't be part of his module, simply because I'm not sure the writer of logex would agree to this. That said I would be glad if Whistlemaster would integrate something similar into his module! :) Maybe something that's not as hacky ;) Regarding your problems with sslstrip I can't seem to replicate your difficulties with "/" at the end of URL's... Someone else would have too look at the google toolbar though, since I'm not sure whats going on there.. Quote Link to comment Share on other sites More sharing options...
Whistle Master Posted September 26, 2012 Share Posted September 26, 2012 Great ;) I will have a look to add a filtering tab to the existing module. Stay tune ! Quote Link to comment Share on other sites More sharing options...
loozr Posted September 26, 2012 Author Share Posted September 26, 2012 Marvelous! :) Looking forward to it! :) Quote Link to comment Share on other sites More sharing options...
Whistle Master Posted September 26, 2012 Share Posted September 26, 2012 Ok, I added the following features: - Ability to pipe commands to filter current output - Ability to execute custom script on each capture log and keep resulting history I guess this will add more flexibility ^_^ Quote Link to comment Share on other sites More sharing options...
loozr Posted September 26, 2012 Author Share Posted September 26, 2012 That sound great! :) Appreciate your work very much! :) Quote Link to comment Share on other sites More sharing options...
DyFukA Posted October 25, 2012 Share Posted October 25, 2012 This was working for me in the past but not anymore. Running sslstrip 2.5 Quote Link to comment Share on other sites More sharing options...
loozr Posted October 27, 2012 Author Share Posted October 27, 2012 I'm sorry that you have problems, but since Whistle Master added some more features in his module, why not give that a go? Or maybe you are only using ssh? Unfortunately I'm unable to look into this myself right now, but I'll give it a go sometime next week. Do you get some kind of error, or whats the problem? Quote Link to comment Share on other sites More sharing options...
underscore Posted April 13, 2013 Share Posted April 13, 2013 Hi, Has anyone been able to modify this script/install to work with v2.8 firmware. I have played with the directories (since it installs it into "usbinfusions" from the pineapple bar) but still nothing... I do not get a html file produced and the following error: <br /> <b>Warning</b>: filemtime() [<a href='function.filemtime'>function.filemtime</a>]: Stat failed for /usb/infusions/sslstrip/log/undefined (errno=2 - No such file or directory) in <b>/usb/infusions/sslstrip/sslstrip_actions.php</b> on line <b>47</b><br /> sslstrip undefined [January 01 1970 00:00:00] <br /> <b>Warning</b>: file_get_contents(/usb/infusions/sslstrip/log/undefined) [<a href='function.file-get-contents'>function.file-get-contents</a>]: failed to open stream: No such file or directory in <b>/usb/infusions/sslstrip/sslstrip_actions.php</b> on line <b>49</b><br /> It would be great if we had a current log parser that outputted cleanly.... unless there already is one that I haven't found yet...? Thanks Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.