Jump to content
Hak5 Forums

Archived

This topic is now archived and is closed to further replies.

ExigentCircumstance

[Support] SSLstrip

Recommended Posts

I've done some searching, but most everything that comes up is for the Mark IV and installing sslstrip.

I haven't seen a post that specifically covers "sslstrip is not running ..."

I've enabled sslstrip and once I click refresh (due to it not working) it states "sslstrip is not running..." but shows that it's still enabled. If you X out of the window and go to the home screen, it shows it's still enabled, but if you go back into sslstrip its disabled.

I tried resetting to the defaults using the dip switches, reinstalled sslstrip and it seems like it works if I don't enable Karma first, but once I enabled Karma it was all over.

Is this a known issue that my search fu didn't find, or am I doing something wrong?

post-12955-0-68282100-1382156035_thumb.p

Share this post


Link to post
Share on other sites

Another issue .... connecting to clients. Both adapters are enabled, but when I connect to my home AP it says its connecting and will refresh in 10secs. Never refreshes, but if I go to the Networks tab and look at wlan0 it's getting an IP from my network. If I go back to the clients tab it states that it's not connected. How does it get an IP if it's not connected? Is it truly connected or does it just think it's connected? Autossh doesn't work, so I assume it just thinks it's connected.

Just to make sure it isn't me, I reset the defaults, reset my password, enabled Karma, enabled the second adapter, went into network and connected to my client. Same thing.

Baffled at how anyone has gotten this to work. Do I have a lemon and not a pineapple?

Share this post


Link to post
Share on other sites

Regarding your SSLstrip problem... I experienced the same issue. I personally was installing the the SD card - if you were also installing to SD card then we likely had the same problem and my workaround should fix it.

The Problem:

SSLStrip is not able to load twisted.web, sslstrip modules, or openSSL modules.

This is (probably) a result of the package not creating the correct symlinks to allow for it to be installed to SD card. I've noticed many modules are still expecting /usb rather than /sd - so I assume the packages may have similar issues.

To test this yourself, SSH into your pineapple and just run "sslstrip". It will probably produce this import error:

Traceback (most recent call last):
  File "/sd/usr/bin/sslstrip", line 27, in <module>
    from twisted.web import http
ImportError: No module named web

The Workaround:

After a bit of playing with it, I was able to resolve the issue with the following commands:

Note: This is a workaround and may need to changed when they update the infusion/packages.

ln -s /sd/usr/lib/python2.7/site-packages/twisted/web/ /usr/lib/python2.7/site-packages/twisted/
ln -s /sd/usr/lib/python2.7/site-packages/sslstrip /usr/lib/python2.7/site-packages/
ln -s /sd/usr/lib/python2.7/site-packages/OpenSSL/ /usr/lib/python2.7/site-packages/

Hopefully this helps you and anyone else with this bug.

Share this post


Link to post
Share on other sites

My ssl strip wont install and I have tried to redownload i shows up with 0kb and no gui. I was able to get it to download to the internal memory but when i try to install it to usb or internal it just says loading then stops and nothing even after a refresh.

Share this post


Link to post
Share on other sites

ExigentCircumstance, I'm not sure if you know how forums work, but you totally posted in the wrong section. Please review all the threads to post in the correct spot.

I think what leg3nd said may be true with module developers using /usb instead of /sd. A quick test would be plug in a properly formatted USB flash drive and try installing to that.

Share this post


Link to post
Share on other sites

Looks like installing the wifi-manager fixed my issue with the client network ... thank you.

sslstrip on the other-hand, it's installed on the internal storage. I figured if it's an infusion, that's where it should be.

Share this post


Link to post
Share on other sites

I installed sslstrip to the internal card and had it working great last night, or this morning about 1am, but today after screwing with all kinds of crap i am getting the same deal. starts then stops. so it does work on the internal card, but i can't figure out what i screwed yet, another thing i noticed is that after i try to run sslstrip then connect to the access point with a seperate machine that machine can only connect to https sites, no http sites.

Share this post


Link to post
Share on other sites

ExigentCircumstance, I'm not sure if you know how forums work, but you totally posted in the wrong section. Please review all the threads to post in the correct spot.

I think what leg3nd said may be true with module developers using /usb instead of /sd. A quick test would be plug in a properly formatted USB flash drive and try installing to that.

Hmm ... I think I posted this to the Mark V portion, cause I was having problems with a Mark V. Wrong section can be left to interpretation, but I'll try posting to another section next time to see if I guessed right.

Share this post


Link to post
Share on other sites

So I've tried getting SSL strip to work by mounting a flash drive and installing, but still no luck.

The options to install aren't the same across the board. Say you go into the Pineapple bar, select Install; you have the option to install to internal or sd. To finalize the installation you click the infusion on the home screen and your options are internal or USB. If you install it using the opkg manager, you don't get anything on the home screen, but it still doesn't work.

I am however getting the same type of errors as leg3nd when I run it form cli:

Regarding your SSLstrip problem... I experienced the same issue. I personally was installing the the SD card - if you were also installing to SD card then we likely had the same problem and my workaround should fix it.

The Problem:

SSLStrip is not able to load twisted.web, sslstrip modules, or openSSL modules.

This is (probably) a result of the package not creating the correct symlinks to allow for it to be installed to SD card. I've noticed many modules are still expecting /usb rather than /sd - so I assume the packages may have similar issues.

To test this yourself, SSH into your pineapple and just run "sslstrip". It will probably produce this import error:

Traceback (most recent call last):
  File "/sd/usr/bin/sslstrip", line 27, in <module>
    from twisted.web import http
ImportError: No module named web

The Workaround:

After a bit of playing with it, I was able to resolve the issue with the following commands:

Note: This is a workaround and may need to changed when they update the infusion/packages.

ln -s /sd/usr/lib/python2.7/site-packages/twisted/web/ /usr/lib/python2.7/site-packages/twisted/
ln -s /sd/usr/lib/python2.7/site-packages/sslstrip /usr/lib/python2.7/site-packages/
ln -s /sd/usr/lib/python2.7/site-packages/OpenSSL/ /usr/lib/python2.7/site-packages/

Hopefully this helps you and anyone else with this bug.

I've attempted to correct the symlinks, but haven't gotten into that real far, since the installation of the infusion seems to be screwy.

I did notice that if you type python from the cli and get the interactive python session; that if you type import twisted.web, it doesn't even have that module installed. That would make sense of the error, but it could be cause it's not installing correctly in the first place.

I will post more once I figure something out that works. It may take me some time though, since it's pretty frustrating at this point. I keep holding out cause I view this as an "early adopter" issue, even though this thing has technically been out for some time (different revisions).

Share this post


Link to post
Share on other sites

I installed sslstrip to the internal card and had it working great last night, or this morning about 1am, but today after screwing with all kinds of crap i am getting the same deal. starts then stops. so it does work on the internal card, but i can't figure out what i screwed yet, another thing i noticed is that after i try to run sslstrip then connect to the access point with a seperate machine that machine can only connect to https sites, no http sites.

jyoung383,

Same problem here. SSLStrip only allows my Mark V clients to make HTTPS connections; all HTTP connections are refused. SSLStrip seems to have evolved into it's own preventative.

SSLStrip on my Mark IV works perfectly.

Share this post


Link to post
Share on other sites

It is probably installed... its just not detecting it because it's not in the python library directory.

These symlinks will add it to the correct directory and allow the import to work successfully.

Use the following command to check you have this issue:

root@Pineapple:~# ls /usr/lib/python2.7/site-packages/ | egrep -i '(OpenSSL|sslstrip)'
OpenSSL
sslstrip
root@Pineapple:~# ls /usr/lib/python2.7/site-packages/twisted/ | grep web
web

If you get no output; then Python cannot detect the modules because they're not in the excepted location.

You should be able to create the symlinks I posted earlier, and then run "sslstrip" from the pineapple CLI - it should start successfully.

Share this post


Link to post
Share on other sites

Thank you leg3nd.

here's my output:

root@Pineapple:~# ls /usr/lib/python2.7/site-packages/ | egrep -i '(OpenSSL|sslstrip)'
OpenSSL
pyOpenSSL-0.10-py2.7.egg-info
sslstrip
sslstrip-0.6-py2.7.egg-info
root@Pineapple:~# ls /usr/lib/python2.7/site-packages/twisted/ | grep web
web
root@Pineapple:~# sslstrip
Traceback (most recent call last):
  File "/usr/bin/sslstrip", line 27, in <module>
    from twisted.web import http
ImportError: No module named web

I also snagged the output from Python to illustrate what I was talking about before... just for the hay:

root@Pineapple:~# python
Python 2.7.3 (default, Sep 18 2013, 12:56:18)
[GCC 4.6.3 20120201 (prerelease)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import twisted
>>> dir(twisted)
['__builtins__', '__doc__', '__file__', '__name__', '__package__', '__path__', '__version__', '_version', 'python', 'version']
>>> import twisted.web
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
ImportError: No module named web
>>> from twisted.web import http
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
ImportError: No module named web

Share this post


Link to post
Share on other sites

Removed

Share this post


Link to post
Share on other sites

Yeah, since the options to install are all fubar, I installed internal since those were the only corresponding options.

root@Pineapple:~# ls -la /usr/lib/python2.7/site-packages/
drwxr-xr-x    1 root     root             0 Oct 20 17:51 .
drwxr-xr-x    1 root     root             0 Oct 20 17:57 ..
drwxr-xr-x    3 root     root             0 Oct 20 17:51 OpenSSL
-rw-r--r--    1 root     root           119 Sep 18 10:57 README
-rw-r--r--    1 root     root           580 Mar 14  2013 pyOpenSSL-0.10-py2.7.egg-info
drwxr-xr-x    2 root     root             0 Oct 20 17:51 sslstrip
-rw-r--r--    1 root     root           305 Mar 14  2013 sslstrip-0.6-py2.7.egg-info
drwxr-xr-x    1 root     root             0 Oct 20 17:57 twisted
drwxr-xr-x    1 root     root             0 Oct 20 17:57 zope
root@Pineapple:~# ls -la /sd/usr/lib/python2.7/site-packages/
ls: /sd/usr/lib/python2.7/site-packages/: No such file or directory
root@Pineapple:~# opkg list-installed | egrep '(sslstrip|twisted)'
sslstrip - 0.7-1
twisted - 2.5.0-1
twisted-web - 2.5.0-1
root@Pineapple:~#

Share this post


Link to post
Share on other sites

So... you have these directories:

/usr/lib/python2.7/site-packages/sslstrip

/usr/lib/python2.7/site-packages/twisted

However - they are size "0" and are not symlinked to anything. So they're just blank. No idea how that would have happened.

I can tell you how I set mine up but this isn't the "standard" way of doing things... You may need to factory reset if they come out with a real fix for the infusion.

1. Remove the SSLStrip infusion from pineapple bar

2. SSH into the pineapple and run: opkg remove sslstrip

3. Install SSLStrip from the pineapple bar (to local storage)

4. SSH into the pineapple and run: opkg update && opkg install sslstrip --dest usb

5. Create symlinks on pineapple:

ln -s /sd/usr/lib/python2.7/site-packages/twisted/web/ /usr/lib/python2.7/site-packages/twisted/
ln -s /sd/usr/lib/python2.7/site-packages/sslstrip /usr/lib/python2.7/site-packages/
ln -s /sd/usr/lib/python2.7/site-packages/OpenSSL/ /usr/lib/python2.7/site-packages/

6 .Test sslstrip by running: sslstrip

If this doesnt work, you can either factory reset or ust repeat steps 1 and 2 and then run this:

rm /usr/lib/python2.7/site-packages/twisted/web

rm usr/lib/python2.7/site-packages/sslstrip
rm /usr/lib/python2.7/site-packages/OpenSSL

Share this post


Link to post
Share on other sites

Haha I just noticed my USB flash drive is mounting to /sd when it's connected cause its /dev/sda1.

Didn't think this would happen since this topic has Darren stating that sd mounts to /sd and usb mounts to /usb

https://forums.hak5.org/index.php?/topic/30575-replacing-usb-with-sd/

Without usb connected sd gets pushed to something else and the flash drive uses /dev/sda1.

Anyhow, I removed the USB flash drive and followed your directions, but didn't work.

I added the flash drive and re-situated the fstab entries so it mounts both /sd and /usb and followed your directions, but same thing.

Very funky. Just to be sure it wasn't some underlying issue, I've reset factory defaults between each....

Share this post


Link to post
Share on other sites

If I were you, I would not use the USB drive at all and try with just the SD card inserted (from a clean state, everything to local storage).

I think that has the best chances.

If that doesn't work it may just be best to wait for Whistlemaster to update the infusion.

Share this post


Link to post
Share on other sites

I don't think that its anything your doing wrong, but rather what did I do that was right... I played with my installation until it worked and am probably just missing some piece of the puzzle that I changed. :(

At the end of the day, python just needs to be able to import the modules which should be located in /usr/lib/python2.7/site-packages/.

My current configuration that works is:

root@Pineapple:~# ls -la /sd/usr/lib/python2.7/site-packages/
drwxr-xr-x    5 root     root          4096 Oct 19 17:36 .
drwxr-xr-x    3 root     root          4096 Mar 23  2013 ..
drwxr-xr-x    3 root     root          4096 Oct 19 17:41 OpenSSL
-rw-r--r--    1 root     root           580 Mar 14  2013 pyOpenSSL-0.10-py2.7.egg-info
drwxr-xr-x    2 root     root          4096 Oct 19 17:41 sslstrip
-rw-r--r--    1 root     root           305 Mar 14  2013 sslstrip-0.6-py2.7.egg-info
drwxr-xr-x    4 root     root          4096 Oct 19 17:36 twisted
root@Pineapple:~# ls -la /usr/lib/python2.7/site-packages/
drwxr-xr-x    1 root     root             0 Oct 19 17:41 .
drwxr-xr-x    1 root     root             0 Oct 19 17:47 ..
lrwxrwxrwx    1 root     root            44 Oct 19 17:41 OpenSSL -> /sd/usr/lib/python2.7/site-packages/OpenSSL/
-rw-r--r--    1 root     root           119 Sep 18 10:57 README
lrwxrwxrwx    1 root     root            44 Oct 19 17:40 sslstrip -> /sd/usr/lib/python2.7/site-packages/sslstrip
drwxr-xr-x    1 root     root             0 Oct 19 17:39 twisted
drwxr-xr-x    1 root     root             0 Oct 18 03:28 zope
root@Pineapple:~# ls -la /usr/lib/python2.7/site-packages/twisted/
drwxr-xr-x    1 root     root             0 Oct 19 17:39 .
drwxr-xr-x    1 root     root             0 Oct 19 17:41 ..
-rw-r--r--    1 root     root           789 May 13  2006 __init__.py
-rw-r--r--    1 root     root           772 Oct 18 03:28 __init__.pyc
-rw-r--r--    1 root     root           175 Dec 30  2006 _version.py
-rw-r--r--    1 root     root           309 Oct 18 03:28 _version.pyc
drwxr-xr-x    2 root     root           123 Oct 12 04:42 application
--- SNIP ---
lrwxrwxrwx    1 root     root            48 Oct 19 17:39 web -> /sd/usr/lib/python2.7/site-packages/twisted/web/
root@Pineapple:~# which sslstrip
/sd/usr/bin/sslstrip

The steps I gave earlier should produce how this is setup on mine.. but apparently I'm missing something. Hopefully the above info and my steps I gave before can help you find the issue.

Share this post


Link to post
Share on other sites

All I did to get sslstrip working was remove and reinstall twisted-web using opkg in ssh.

Granted, I started from a fresh config, also seem to need karma to be off for some reason (or else it borks it). Don't know if one has anything to do with the other.

Share this post


Link to post
Share on other sites

I'm just curious to know if SSL Strip is even still worth using I mean as far as i've heard SSL Strip hasn't been updated in years and alot of websites are now using TLS like google facebook ect...

Unless im doing something wrong but pretty sure ssl strip is really outdated but maybe im wrong.

Share this post


Link to post
Share on other sites

I've used SSLstrip against facebook and am still able to pull credentials without an issue (at least using the mobile interface).

Share this post


Link to post
Share on other sites

  • Recently Browsing   0 members

    No registered users viewing this page.

×