BlackZero Posted February 10, 2013 Author Share Posted February 10, 2013 I think that Moxie's sslstrip doesn't require 443 redirection in order to get the script works. Am I wrong? I didn't test the latest sslstrip module in my pineapple, but it worked like a charm. But not in all websites. I think that is because of some browser protections or https force from some sites. Am I correct? :) Quote Link to comment Share on other sites More sharing options...
comatose603 Posted February 10, 2013 Share Posted February 10, 2013 But not in all websites. I think that is because of some browser protections or https force from some sites. Am I correct? Some sites now use something called HSTS so that SSLstrip cannot monitor that traffic. Quote Link to comment Share on other sites More sharing options...
comatose603 Posted February 11, 2013 Share Posted February 11, 2013 0.9 runs on the pineapple actually :) May be a good idea to include it in the next version of sslstrip module :P In the meatime, you can download v0.9 here and copy it on your pineapple, then: tar zxvf sslstrip-0.9.tar.gz cd sslstrip-0.9 python ./setup.py install Version 0.9 is giving me issue. If I dont run the typical port 80 POSTROUTING iptables command I dont snag any SSL traffic. And if I DO then I get: sslstrip 0.9 by Moxie Marlinspike running... Traceback (most recent call last): File "/usb/usr/lib/python2.7/site-packages/twisted/python/log.py", line 48, in callWithLogger return callWithContext({"system": lp}, func, *args, **kw) File "/usb/usr/lib/python2.7/site-packages/twisted/python/log.py", line 33, in callWithContext return context.call({ILogContext: newCtx}, func, *args, **kw) File "/usb/usr/lib/python2.7/site-packages/twisted/python/context.py", line 59, in callWithContext return self.currentContext().callWithContext(ctx, func, *args, **kw) File "/usb/usr/lib/python2.7/site-packages/twisted/python/context.py", line 37, in callWithContext return func(*args,**kw) --- <exception caught here> --- File "/usb/usr/lib/python2.7/site-packages/twisted/internet/selectreactor.py", line 139, in _doReadOrWrite why = getattr(selectable, method)() File "/usb/usr/lib/python2.7/site-packages/twisted/internet/tcp.py", line 362, in doRead return self.protocol.dataReceived(data) File "/usb/usr/lib/python2.7/site-packages/twisted/protocols/basic.py", line 232, in dataReceived why = self.lineReceived(line) File "/usb/usr/lib/python2.7/site-packages/twisted/web/http.py", line 388, in lineReceived self.handleHeader(key, val) File "/usb/usr/lib/python2.7/site-packages/sslstrip/ServerConnection.py", line 98, in handleHeader self.client.responseHeaders.addRawHeader(key, value) exceptions.AttributeError: ClientRequest instance has no attribute 'responseHeaders' Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.