Jump to content

AlexSka

Recommended Posts

Is possible to run sslstrip on bridge interface or only over NAT ? like on pic.

I want to decode https data on the fly in network between WiFi Router & ISP without accessing in local network & changing ip addresses

post-41131-0-67734200-1352499710_thumb.p

post-41131-0-44584800-1352499711_thumb.p

Edited by AlexSka
Link to comment
Share on other sites

Also sslstrip will only strip HTTPS links and redirects out of HTTP it won't actually decode HTTPS traffic. SSLStrip requires the user to first navigate to an HTTP url for that site

you're a very smart man. I am wondering how to wrap traffic to sslstrip in created bridge .

Edited by AlexSka
Link to comment
Share on other sites

you're a very smart man. I am wondering how to wrap traffic to sslstrip in created bridge .

Well in your first picture you can just install sslstrip from the pineapple bar and use the WiFi on the pineapple as the AP and you are away laughing.

For your second would be something more like what I have written in my setup but just replace burp with sslstrip. The trick will be get the downstream to use you as the gateway which is DHCP setup and the Pineapple will just do that with the wp4.sh script.

Link to comment
Share on other sites

Well in your first picture you can just install sslstrip from the pineapple bar and use the WiFi on the pineapple as the AP and you are away laughing.

For your second would be something more like what I have written in my setup but just replace burp with sslstrip. The trick will be get the downstream to use you as the gateway which is DHCP setup and the Pineapple will just do that with the wp4.sh script.

Its must be transparent without using dhcp & routing. Because i cant route from 192.168.1.0 to 192.168.1.0

Link to comment
Share on other sites

Its must be transparent without using dhcp & routing. Because i cant route from 192.168.1.0 to 192.168.1.0

Well if that is the case you will need to do some type of arp poisoning to get the devices to send the traffic to you rather than the real gateway. Once you have it you can use iptables to grab the 80 traffic and pipe it through sslstrip. If you want to decrypt HTTPS 443 you will need a man in the middle proxy like Burp.

f you just want to capture the traffic there is also the throwing star LAN Tap

Link to comment
Share on other sites

Im interested in capturing traffic by this scheme without arp-spoofing attack :

Normal Internet sharing by ISP

1. Internet <-p.A-> Local ISP[172.16.22.1] <-p.B-> [wan: 172.16.22.2] WiFi Gateway [lan: 192.168.1.1]<-p.C-> Client [192.168.1.2]

Fake Internet sharing with Pineapple injecting into network

2. Internet <-p.A-> Local ISP[172.16.22.1] <-fake.p.B-> [wan: 172.16.22.2] WiFi Pineapple Mark IV [lan: 172.16.22.1] <-p.B-> [wan: 172.16.22.2] WiFi Gateway [lan: 192.168.1.1]<-p.C-> Client [192.168.1.2]

or

Internet <-p.A-> Local ISP[172.16.22.1] <-fake.p.B-> [br-lan:eth0] WiFi Pineapple Mark IV [br-lan:eth1] <-p.B-> [wan: 172.16.22.2] WiFi Gateway [lan: 192.168.1.1]<-p.C-> Client [192.168.1.2]

Im interested to inject Wifi Pineapple Mark IV between Local ISP & WiFi Gateway to forward all traffic

I know I can create bridge & capture all traffic by this scheme :

root@Pineapple:~# vi /etc/config/network


config 'interface' 'lan'
option 'ifname' 'eth0 eth1'
option 'type' 'bridge'
option 'proto' 'none'
option 'auto' '1'
[/CODE]

root@Pineapple:~# [b]/etc/init.d/network restart[/b]

root@Pineapple:~# [b]tcpdump -i br-lan -w /usb/capture.cap[/b]

But i want to transit this traffic over sslstrip transparently

Can anyone help to solve this ?

Link to comment
Share on other sites

  • 1 month later...

I'll resurect this thread and say that I'm currently trying to get this working for the keylogger project. The iptables rule that both sslstrip and I use to intercept the traffic assume that the traffic is being routed by the device but in bridge mode routing doesn't occur so those rules don't work.

In bridge mode I don't think that the traffic gets high enough up stack to be affected by iptables, what we need to be using is ebtables which allow you to intercept traffic heading over bridged networks. OpenWrt doesn't have packages for ebtables in its standard build so I'm going to get Seb to build me a package and have a play with it, see what I can do. I'll probably forget to update this thread when I get it working so keep an eye on the keylogger thread as I'll report there when it works.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...