Jump to content
Hak5 Forums

Archived

This topic is now archived and is closed to further replies.

ExigentCircumstance

[Support] SSLstrip

Recommended Posts

yup uninstalled twisted-web and reinstalled and sslstrip is back up and running!!

I tried this and still no love. First I ran:

root@Pineapple:/sd# opkg remove twisted-web --force-depends

Removing package twisted-web from root...

root@Pineapple:/sd# opkg update

Downloading http://cloud.wifipineapple.com/mk5/packages/Packages.gz.

Updated list of available packages in /var/opkg-lists/pineapple_packages.

root@Pineapple:/sd# opkg install twisted-web

Installing twisted-web (2.5.0-1) to root...

Downloading http://cloud.wifipineapple.com/mk5/packages/twisted-web_2.5.0-1_ar71xx.ipk.

Configuring twisted-web.

root@Pineapple:/sd#

Then I tried re-installing sslstrip as an Infusion, but was getting the same behavior (it says it's not installed still).

I then un-installed sslstrip as an infusion, and instead tried installing it with opkg via CLI, but when I run it, now I get this error (which is different than the error I was getting prior to uninstalling and re-installing twisted-web):

root@Pineapple:~# sslstrip

Traceback (most recent call last):

File "/sd/usr/bin/sslstrip", line 30, in <module>

from sslstrip.StrippingProxy import StrippingProxy

ImportError: No module named sslstrip.StrippingProxy

Anyone have any ideas... like many a Pineapple user, I'm a linux newb...so forgive me if I'm missing something obvious. Have been working on getting sslstrip to work for 4 hours now. Tried turning off Karma (and persistance), rebooting. Tried removing and re-installeing twisted-web. And have been scouring the forums and intertubez... help! The demo I need to show my client is simple: Karma running to trick their iOS device into connecting to previously-known SSID. Then just sslstrip running against various iOS app interfaces to see which might be vulnerable to sslstrip attacks (including Safari browser sessions to Facebook, etc.)

I'm running a MKV I just bought on-site at Toorcon yesterday....

Share this post


Link to post
Share on other sites

54hg - you're pretty close.

You seem to have gotten twisted-web to be detected... now you just need to get the sslstrip modules in the right location.

Run this, then try "sslstrip" again and post the output.

ln -s /sd/usr/lib/python2.7/site-packages/sslstrip /usr/lib/python2.7/site-packages/

Share this post


Link to post
Share on other sites

here's the output after running that command:

root@Pineapple:~# ln -s /sd/usr/lib/python2.7/site-packages/sslstrip /usr/lib/py
thon2.7/site-packages/
root@Pineapple:~# sslstrip
Traceback (most recent call last):
File "/sd/usr/bin/sslstrip", line 30, in <module>
from sslstrip.StrippingProxy import StrippingProxy
File "/usr/lib/python2.7/site-packages/sslstrip/StrippingProxy.py", line 20, in <module>
from ClientRequest import ClientRequest
File "/usr/lib/python2.7/site-packages/sslstrip/ClientRequest.py", line 25, in <module>
from twisted.internet import ssl
File "/usr/lib/python2.7/site-packages/twisted/internet/ssl.py", line 47, in <module>
from OpenSSL import SSL
ImportError: No module named OpenSSL
root@Pineapple:~#

btw, I'm going to be afk busy tonight..but will check back in the am first thing. ty so much for the help so far!

Share this post


Link to post
Share on other sites

You got it man. One more command and you're done.

ln -s /sd/usr/lib/python2.7/site-packages/OpenSSL/ /usr/lib/python2.7/site-packages/

Should work after that.

Share this post


Link to post
Share on other sites

Thanks leg3nd and digitalia, re-installing twisted-web and creating the symlinks fixed sslstrip.

I'm able to run sslstrip from ssh, but on the UI sslstrip says not installed.

Share this post


Link to post
Share on other sites

I SSH into the pineapple and ran the following. This will definitely fix the sslstrip, I tested it after doing a factory reset and it worked

opkg remove twisted-web --force-depends
opkg update
opkg install twisted-web
ln -s /sd/usr/lib/python2.7/site-packages/sslstrip /usr/lib/python2.7/site-packages/
ln -s /sd/usr/lib/python2.7/site-packages/OpenSSL/ /usr/lib/python2.7/site-packages/
sslstrip

Share this post


Link to post
Share on other sites

I have it installed and can start manually (form web-interface.)

But the auto-start doesn't work. This normal? for now?

Share this post


Link to post
Share on other sites

I SSH into the pineapple and ran the following. This will definitely fix the sslstrip, I tested it after doing a factory reset and it worked

opkg remove twisted-web --force-depends
opkg update
opkg install twisted-web
ln -s /sd/usr/lib/python2.7/site-packages/sslstrip /usr/lib/python2.7/site-packages/
ln -s /sd/usr/lib/python2.7/site-packages/OpenSSL/ /usr/lib/python2.7/site-packages/
sslstrip

This worked for me. I can now start sslstrip from console :) , but it still says not installed in web interface...

Share this post


Link to post
Share on other sites

Glad my symbolic links could provide some level of assistance here.

That's odd that it would say "not installed" on the web interface... if you run "which sslstrip" on the pineapple - does it return any data?

This is basically how the infusion is determining the installation state of sslstrip.

Share this post


Link to post
Share on other sites

Had the same issue. Thanks to leg3nd, sslstrip now starts up, but doesn't actually work. It's installed to internal mem. I've changed the default network and IP address of the pineapple to 192.168.2.1. Everything works fine on this address, can access internet, can run karma and clients connected through karma can access internet. So networking works.

Installed firefox 16 on victim computer, which doesn't support HSTS just to be safe. Then browsed to www.yahoo.com (so searches are in clear text). Then searched for a site that I know offers SSL. Click on link, link takes me to the SSL version of the site.

Then stopped sslstrip from the gui and ran it from the command line as follows:

iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 9999

sslstrip -s -l 9999

Same behaviour. Any ideas?

Share this post


Link to post
Share on other sites

Executing 'which sslstrip':

/usr/bin/sslstrip

Got it working now, had to factory reset, then install SSLStrip from large tile and then I repeated steps for twisted web :-)

Share this post


Link to post
Share on other sites

I'm not trying to rush you Whistle Master. This was my attempt to teach myself about php and see if I could make it work. I just thought I'd pass on several hours of work to anyone who felt like using it. My only experience with php or any kind of coding is due to the pineapple.

Edit: Deleted original post to avoid confusion per your request… It was still a learning experience for me. I didn't know you were going to drop all of those updates last night right after my post.

Share this post


Link to post
Share on other sites

Awesome, thanks Whistle Master!

Share this post


Link to post
Share on other sites

After a factory resett for some strange reason and installing 1.3, sslstrip starts (still only manually) and then stops but still says 'enabled'. A refresh says its not running.

Share this post


Link to post
Share on other sites

Could you login to the pineapple through ssh and try to issue sslstrip directly and copy-paste the output you receive ?

Does the infusion state that sslstrip is installed ?

Share this post


Link to post
Share on other sites

After a factory resett for some strange reason and installing 1.3, sslstrip starts (still only manually) and then stops but still says 'enabled'. A refresh says its not running.

same problem here

Share this post


Link to post
Share on other sites

Could you login to the pineapple through ssh and try to issue sslstrip directly and copy-paste the output you receive ?

Does the infusion state that sslstrip is installed ?

Is this what you mean?

root@Pineapple:~# sslstrip

Traceback (most recent call last):

File "/sd/usr/bin/sslstrip", line 30, in <module>

from sslstrip.StrippingProxy import StrippingProxy

ImportError: No module named sslstrip.StrippingProxy

Share this post


Link to post
Share on other sites

I got same result it seems:

root@Pineapple:~# sslstrip
Traceback (most recent call last):
File "/sd/usr/bin/sslstrip", line 30, in <module>
from sslstrip.StrippingProxy import StrippingProxy
ImportError: No module named sslstrip.StrippingProxy
root@Pineapple:~#

I appreciate the effort WM!

Share this post


Link to post
Share on other sites

Anode,

Strange question... What happens when you start it from the small tile then enter the big one? Ohh and if you're installing the latest version of sslstrip you shouldn't need to fix the symbolic links as in the previous posts in this thread but the error code sure looks identical.

Share this post


Link to post
Share on other sites

I got same result it seems:

root@Pineapple:~# sslstrip

Traceback (most recent call last):

File "/sd/usr/bin/sslstrip", line 30, in <module>

from sslstrip.StrippingProxy import StrippingProxy

ImportError: No module named sslstrip.StrippingProxy

root@Pineapple:~#

I appreciate the effort WM!

Same Problem here...

Is there yet a workaround known to fix this bug?

Share this post


Link to post
Share on other sites

Anode,

Strange question... What happens when you start it from the small tile then enter the big one? Ohh and if you're installing the latest version of sslstrip you shouldn't need to fix the symbolic links as in the previous posts in this thread but the error code sure looks identical.

I did do the symlynk. That cause the prob? (I'm still fuzzy on symlinks)

But here's my output: (I usually start it via the small title)

Not started at all:

root@Pineapple:~# sslstrip
Traceback (most recent call last):
  File "/sd/usr/bin/sslstrip", line 30, in <module>
    from sslstrip.StrippingProxy import StrippingProxy
ImportError: No module named sslstrip.StrippingProxy
root@Pineapple:~#

Started via small title:

root@Pineapple:~# sslstrip
Traceback (most recent call last):
  File "/sd/usr/bin/sslstrip", line 30, in <module>
    from sslstrip.StrippingProxy import StrippingProxy
ImportError: No module named sslstrip.StrippingProxy

Started via large title:

root@Pineapple:~# sslstrip
Traceback (most recent call last):
  File "/sd/usr/bin/sslstrip", line 30, in <module>
    from sslstrip.StrippingProxy import StrippingProxy
ImportError: No module named sslstrip.StrippingProxy
root@Pineapple:~#

I did not reboot the WP between tries.

Share this post


Link to post
Share on other sites

  • Recently Browsing   0 members

    No registered users viewing this page.

×