Jump to content

Ssl Decrypting Proxy For Pineapple


Karit
 Share

Recommended Posts

Hi,

Are there any SSL decrypting Man in the Middle proxies fro the Pineapple? I am looking for something like The Burp Proxy. There is sslstrip but doesn't work for things that won't follow redirects and only do things over SSL like some Android Apps. Just the decrypting aspect would be a great start even if there wasn't the MitM tampering.

Thanks

Link to comment
Share on other sites

You could take a look at sslsniff, which seems to do exactly what you want. Might need some configuring to get it working on the Pineapple though.

# opkg instsall sslsniff

Failing that does anyone know with ICS how to force all traffic through a proxy that will do SSL decryption and Man in the Middle? I normally use Backtrack as ICS OS.

Thanks

IP tables will do the trick for you.

Link to comment
Share on other sites

You could take a look at sslsniff, which seems to do exactly what you want. Might need some configuring to get it working on the Pineapple though.

I have had a look at sslsniff and it appears to just redirect requests to an http version and requires the user to be on http first as just changes links and redirects to be http rather than https. What I am trying to test are Andriod apps that are https only and don't respect the Andriod proxy settings, so just trying to get a shim inbetween and the internet. Yes the app's handling of bogus SSL certs is one of the things I am investigating here along with the server side of the application as well.

Link to comment
Share on other sites

IP tables will do the trick for you.

Thanks cool, it will be my next weekend task then was hoping there was something a little simplier :( (though need to have some challenges right?) Though if I get it working I will post the info here.

Link to comment
Share on other sites

Thanks cool, it will be my next weekend task then was hoping there was something a little simplier :( (though need to have some challenges right?) Though if I get it working I will post the info here.

IPtables isn't that bad. If I wasn't on my phone right now I would point you in the right direction. Will update later.

Link to comment
Share on other sites

Hi Sebkinne you are right iptables aren't too bad. This post told me what I needed to do http://serverfault.com/questions/211536/iptables-port-redirect-not-working-for-localhost

On to the helping future people.

I am needing to test an app on an Android phone and want to direct it through the Burp Proxy. It is HTTPS only with no HTTP start or HTTP fallback so SSL Strip wouldn't help in this situation. It also doesn't follow Andriod's "global" proxy.

  1. On Backtrack download Burp from http://www.portswigger.net/burp/download.html
  2. Unzip and run it with java -jar burpsuite,jar
  3. Set up burp to listen on 8080 and listening on all interfaces
  4. Plug in the cables and pineapple and internet
  5. Run wp4.sh http://wifipineapple.com/wp4.sh
  6. the interface linked with the pineapple is eth1 and I always need to ifconfig eth1 172.16.42.42 up
  7. Connect my phone to the pineapple
  8. Ensure that the app is working as expected
  9. iptables -t nat -I PREROUTING -p tcp --dport 443 -j REDIRECT --to-ports 8080
  10. iptables -t nat -I OUTPUT -p tcp -d 127.0.0.1 --dport 443 -j REDIRECT --to-ports 8080
  11. Run your app and you will see it going through burp. You will see a cert error because it is using Burp's cert rather than the real cert

Thanks for the iptables pointer, hopefully this is helpful feel free to ask a questions if want to know more or if I have missed something.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...