comatose603 Posted February 9, 2013 Share Posted February 9, 2013 (edited) I have an iPhone connected to the Pineapple (2.7.5). And, while http traffic works just fine in Safari, the Facebook iPhone app cannot update. Any ideas as to what is going on? Edited February 9, 2013 by comatose603 Quote Link to comment Share on other sites More sharing options...
comatose603 Posted February 9, 2013 Author Share Posted February 9, 2013 (edited) Seems to be related to SSLstrip. If I turn it off the Facebook iPhone app all of a sudden starts working again; but SSLstrip isnt capturing any https traffic at that point. Edited February 9, 2013 by comatose603 Quote Link to comment Share on other sites More sharing options...
comatose603 Posted February 9, 2013 Author Share Posted February 9, 2013 (edited) Dunno if this matters, but I have an autostart.sh for sslsort in /usb/infusions/ (what rc.local links too) that has port 80 and 443, and one in /usb/modules that just has an iptables command for just port 80 Edited February 9, 2013 by comatose603 Quote Link to comment Share on other sites More sharing options...
comatose603 Posted February 9, 2013 Author Share Posted February 9, 2013 Also, I see that iptables has port 80 and 443 setup. Yet ../bin/sslsort isnt being run with the -a command. Is this right? If I manually start it with -a https traffic starts to work again. Quote Link to comment Share on other sites More sharing options...
telot Posted February 9, 2013 Share Posted February 9, 2013 Sslstrip messes with apps. I posted about this a few weeks ago, and sadly got no replies (very disappointing Jasegar Community!!). You can find my observations here: http://forums.hak5.org/index.php?/topic/28385-apps-and-the-pineapplekarma/?hl=%2Bsslstrip+%2Bapp I read up about it a little bit since then, mostly on Moxie's website. It turns out that apps allow developers to tweak how ssl works within their app - their not constrained by a browsers implementation of ssl, and the requisite standards that forces them to work with. Moxies sslstrip program addresses vulnerabilities in the standard implementation of ssl found in http(s). This is of course hugely disappointing, as more and more people use phones/tablets as their primary computing devices while mobile - which is when their most likely to become pineapple victims. If anyone has any additional knowledge on apps and ssl, I'd love to hear it, as my understanding is just a scratch of the surface I'm sure. Thanks telot Quote Link to comment Share on other sites More sharing options...
comatose603 Posted February 9, 2013 Author Share Posted February 9, 2013 Sslstrip messes with apps. I posted about this a few weeks ago, and sadly got no replies (very disappointing Jasegar Community!!). You can find my observations here: http://forums.hak5.org/index.php?/topic/28385-apps-and-the-pineapplekarma/?hl=%2Bsslstrip+%2Bapp I read up about it a little bit since then, mostly on Moxie's website. It turns out that apps allow developers to tweak how ssl works within their app - their not constrained by a browsers implementation of ssl, and the requisite standards that forces them to work with. Moxies sslstrip program addresses vulnerabilities in the standard implementation of ssl found in http(s). This is of course hugely disappointing, as more and more people use phones/tablets as their primary computing devices while mobile - which is when their most likely to become pineapple victims. If anyone has any additional knowledge on apps and ssl, I'd love to hear it, as my understanding is just a scratch of the surface I'm sure. Thanks telot Well, I got it working. Just comment out the stuff for port 443 in autostart.sh and sslstrip_actions.php Now there's the issue of it playing nice with URLsnort. And is there an exploit for HSTS? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.