Jump to content
Hak5 Forums

Archived

This topic is now archived and is closed to further replies.

ExigentCircumstance

[Support] SSLstrip

Recommended Posts

I'm on version 1.0.5. As soon as I start the sslstrip if I try to surf the web, gives "Network Error", weird. Pineapple little slow, but after as couple seconds, it works well.

Great Infusion :)

He meant the firmware version, lol you got me to check for it.

Share this post


Link to post
Share on other sites

It seems like no one else is having this problem.

Sslstrip is not redicting to the site after credentails are entered, it simply reloads the login page. Is there a dependancy infusion that's needed?

Share this post


Link to post
Share on other sites

I have a problem with ssl strip, it seems it is only outputting http traffic and no https

anyone know how to fix this?

Share this post


Link to post
Share on other sites

I have a problem with ssl strip, it seems it is only outputting http traffic and no https

anyone know how to fix this?

It might help if you provide more details. Firmware version? What steps have you taken already? What errors are you seeing at the command line? etc.

Share this post


Link to post
Share on other sites

Hi guys, i just did a flash to the newest version CLIceratops.
Started Karma, SSLStrip and i have something that i don't understand.

Hope you can help me.

MIME-Version: 1.0
Content-Disposition: attachment; filename="smime.p7m"
Content-Type: application/x-pkcs7-mime; smime-type=enveloped-data; name="smime.p7m"
Content-Transfer-Encoding: base64
MIIPXgYJKoZIhvcNAQcDoIIPTzCCD0sCAQAxggGNMIIBiQIBADBxMGwxCzAJBgNV
BAYTAlVTMQswCQYDVQQIDAJUWDEPMA0GA1UEBwwGQXVzdGluMRMwEQYDVQQKDApS
YXBpZDcgTExDMSowKAYDVQQDDCFlMDlhNjY0YS5saWNlbnNpbmcubWV0YXNwbG9p
dC5jb20CAQAwDQYJKoZIhvcNAQEBBQAEggEAJcOploeJNYPL6yVToFQZt9jMihHU
Am6KtJn8FY4aYMJiPVMjipeZZm8h/oiVrUpu0ugTzX7atLwBKAVKH3kZjyJQG+Se
xNBp4ZtRjF5OQFl7uCRllS8Dx7HR3DCXqXtUw/Jxsk8U2bM2SD70YfsJJBXLz2wa
PBybV0PMQQCN1qZgPCADBeWHe6ggvPgdOTw6c37+4Nf0ZviZJHIVNbvLwSwLpKv6
eE5On6Wpy3LL3BY4v4YKLkOd5esGKfKNoEqsVdvm0RQ95fjgKd9DCAX6O4M4b2EO
DLhwOU4No+bS+qWk9+rM6bDhRNOoutfU7WcJdZP9oZyMWJNjrw2HPx+xCTCCDbMG
CSqGSIb3DQEHATAaBggqhkiG9w0DAjAOAgIAoAQIdqagw7BNL9uAgg2I4ZgQxRgG
QdLSTjsS5Pab/hOoYCwiJYP3exELE0nKaR+iB+c21d7rf+BpqNbiSZrJTtDBKGcw
4PfvWVL5x1z/yo9dtgaqA2JHeKOwTNpMF3wGym1VaqP1LE6QgT2ZXAmk7qvJoUf7
bi34aoMCjGh9dskFqEBBlcMhRWvxt0VBDebwztQtWxuNrkHUaNoHu7IDAZaCuk2N
L8TOahbplZ1h8XTJ3PixiTSilYCfJ1T/3Ij0JpNXDjrRo8mXlp7QhEdS90J3G0vI
52Om9MIIiumHxB3HgEmUtUbch0mzpp8X3p0sJAJneguwpZQnhW1FRGo0lC+GyUrU
sOx+HEa6QV/qBrK805BKHqz/77qiBFGFVsUpcpz/m9QjtCG27ljN14CJ6Ldg7rtN
gg6Txc+thQSgJRTo6CdIwic3VJjEGmOUv8D8F1FH2uH2oz2cM+9eex9ZjNmujzck
/qI1En0/AMHlXK7yiU5g/qmKrMO5FtN4Fzh3gEyJctc0qu+ujuW1vm+fbTtgsSXG
EbgfsQDTPaCQV/MyJL+Tm4Iqv2bXCB94DQJi4JimjlaWEuUFgzx4aQaKD0Bq9hsD
Kc5JuV2QMAZrq75YDcpQY0MgYLvDEuRT9NYPRw1aB33uW1/l/5j/LGqzZKnXQ5qO
ts97aCYnRXzJTMtUZ1s8OH6xgSeWIF1E8mYm8gINtZ/1PwO4hudUxsxFYuQ53d8j
0rRWS3gbsISDxi7902WBVwK79TpdUNCuSmXZzugSm64LOwtgOpRgz07yjdR2VV8A
svwFBziTqE1a8OVsKdg8N2FQ55IO13skeMOV207TkLTaVajF33CR8xsjFJoGZIE2
wJD9R9i5QCJ9whkjNy1ZF7fBUaFOpG9VmcJ6Bjr9I4YMfZ6krL4F5m4flMTriWcE
Y2EmoTws2dbkjBMRoYK+BfLRwGSoR6NjsbcoYisEtJcT/yUbCcDKrCz/4FYKPStw
4yLkavVQ17VOKsNqmHdcx72Yn+QuLVDF1UNKl1Y9+u1i7oXSI6pul4vEgQ74m7dW
aLii2xCxO8j1xxMvd113fl7OXMVrKSkeNmjc32eRxCXorhpIg40L/EJfm5xoPrVZ
qX5ZSKnsb8JwSjuKvqeazHVt1mYTO1h+TpTOjPW+teAWeg3yBgwCC4Cdk7v5W0Ib
oEFalxtHRnxVhBSgR0oRh5GvWVMjWKnYn/FMmsIwKWHZVzbweDGzvUaG2S7CIuHW
1jHzzelioH6euZzKr7aU+BwRzPCiKvby1ai/T785bwDdd2lu3A7RtgRWc1BffD6i
krlmxt4puZp6PQZ4ZQg2G+YNjNkWVbbpbcVSiMBVQPZC7LPDfoHrftLSwT3PSP+E
ILgyFjrL+doODfydPClkvgAU8YbPfD8ijd1Occz3l0v4ltxZuYRyS49feAraPNt7
3AV847rJZvyS+bfToPcl7dmJIqbPeAUx8Gq0xwCIJ4gJFqFFHA8z56raJOE60clO
Zb8XDoV0uZjsqZXJbjcnLlsgRWu0vCpxxpTvyfepKzxY/kvgMXYZAQTLDIy/06j3
nZQtQHQF4tcyyrnehF7kwNSHIcOAgkzwc4UZLd8pm+8J6T+lj6IZlJbZGrMJd+Dq
/RICsGPkKzjWudNIPTUpzNP5dRP1dFpNRpraMeqw+tIQUZUy0S9TUgZfzgP6ILa4
Dqhw0u7s4IO6443kjCj38u0pCB4SFES9NGnE21m1TL2STQ78EYte99JznwOTasep
f7l5/APYBcaogNXpyGAi4x7zLefkBXzQUzLjfzRc3KidrVtK69br6yhfpvg4mmIr
kqrMEWsuklvZZtnvHQo5BO2b6f0baZXnCdWD23TwCilUHcT27FXLB1JhZ4N0PTVF
Mzmw1A+MQJNxcEu+/i4aJJT8SkKU8XhxVzpexINJ4nu/eChkJAO6oXqGC2oSEiCk
yxJPg5XHWVBGBOpMw0NyIVmKJ27lG24DvHYxQwH3Cgadg0qedo/bLd2eid07T8IZ
/BhrpaVIIA0DE/EU4M/vy0UatqA4rjXnSookw+B7+/VGPM2IX78JPpE/hbdxQIhL
CmmTPsRYEcbZK7w9g7SNYM1y7C9Sv1NKUxJGE7M5vro2E7o8eMZfPVzfcciBuMjj
764X09+rBXoI5M09aNl9g0iir1XFXpHtOeXV4M+La6Zmwscu5tY0BH8T4yq3JB+j
0MZhti+283JnXUaeeNNIyYD97jISxqg8GSYYvg+ENyQG1JS3vaoi1fPNx5P8oFe8
ASzor3qefyLTZmerPOJBpNmxeD1zGQOeUVCFNA532oJl8NG/JFszrw9UBqtCpczc
YYj+4SQRDnkiFx4FarwXE+l9jF0DTpfLZFtwnOYqheDSYQeY+ZJdfjH23xN+HWU2
3r37tktj52/ViMsfwSpinyMIRemCS6XIlDQFpCBf5SQdsGSEWSkZ+OP+abeTLQKx
UPQJgV8zjLZKZ+Yv1fw7FtU2/ciPLfBet7eO3hQ//ZkBaoXYbim6IsT8gva/tyP+
Bell+sU6DeYuyLvKueX+PlrTl9s3gHu+Jp21ucS+9eSwvmEbwEy79RYcEPTivYd3
Y2WZskwN3NO7khCkfNBk18fveI7uc0mdkVIPZKfx7QoZdYF/Po5LzHHNFm+BT6lr
GuubjADC3nkRFrUQH0ksNE57p3jS8nnWitstgbnjogSGM6uiylWud7RPlPMUyryu
HuXuy2npCzii8E5BGp59/YRqOy4jbcx4+jBOl9qmTIyPP1qZZ+x13cNWydV4pIHk
EJvmaIYcVqnKG0fJnS+6mg4waAueRz25QLppT0sRGV+MBPgUz495fp0roeQ9fy1s
tlDol7eCvBgy/6PD3vq2TtRJVQdjSGz/GoNlF19gL3OraWjV1IAkPBehxLNx9yXa
Aw0SrpZx09ynWjvGKVMMUKjBygjxXLu0VsE+WqsPOvdJmOvyLNICXt/RBRml6s9/
u3TFmo6k+dxlcJ7boWy2FDkOXv9VeXYWe6krKtjY1lpez3Eao90WPiyu0YSQcuUP
3habYVdLagrCehJzBrn3kp/Kf2MMqyUu3t64hxMCHYdorjabyUfI020nzMBdZseG
iGY26i21gep5AnxxM/Jbv63fkwUBPOocClqhkJogBLPveshOe0n+SSmvzCC7Q2+w
xMYqZTEwH5RyB0okzSEsxmUAGI+ObyRy0r3iEoKs01Cvb7r6dsrLfOHLBgQwEpkY
rXyak8o97yfTiOu+NlwShYn2FPZCH0AM5W1Ukw43+0amPojq+1K74ip/nUa+xVUp
07egD16yU0713pnfH+4lgcOIuCNoIqUa5SSqzJsQzzGJ9GxZEn+rpNhxN12rW+iU
SSLBr+c0FHAliF5NGMhyutGyPMvZQsvicd82gKUwf7KcjB+KXpMNdiDsM5i82l6r
63ifJ5lWIrV/s4ywFt+FiPgb0jqzA2HrZmvd+eSWAmQlFYME+Ft8O5EMRLOhOAuL
tRQvl2WMQt9u0sg2s5Kj+GlCgIAnoz/+9iGu+8E8w9YLJC6xAN7XESeP2x4aCHAn
O68kIQPufwC9F9S9yv1yyfWtp8h7U97Wxqv3PN2w+alW+/Q+lunxvwsPrSxzZICu
d3jSoO1KBdcehvUE9oRqKgdSZ70BOc69kMq4dR27b0dSuaSxI7gsmHz//DhR/oEy
S4ex49A62FzjCsVR7O1QeRuJB6ubhxyUygDDUd1Kd1ZrfIyTjflDG4tJtPvWTl2f
2ppZT++7qqPComC7NNKOnuD3nWKDFKYctlra8wTXjBiLagGGGJ0/PorNLsM69fC1
d8MiWqEkHRoAZegZlt1t76mkJISZuT0R1hmmISO2cb6XMyrDsFXFc+4HFjWuS/+F
jPl2/mv6pR2NBhiPrYkv2lPh2Yzg29wNF2yQV4xDFOANPodqoayZrz1G+F3sfofr
htefvUu7x+NSHuUK6WU62HfpdNz3NdPDV+fYkupkfTjSgYFqC/2q+fpGodEFLQrX
baFLxaujoXR7iGQGBLSHagGEIKnEk4ZyAqTFO+XMIgNk4uQFyYeoKE4yfwD9u443
3lflpJc9ExdSLW+Wi1tuzHCcf4Vj1GEXFzMVljPXdArLl/qijSDuVK7p4MbP8/as
gInjmU3Pm1+X/ZNpyswWb3L4pwyv5i2TW6HVit6rg5VOcNxVWKAcUgxlooZMzYAK
T3vuz1arqC2XxU3/bTs8F9oOQLOxpYTau+HFvF7PD3dc43eDuWqmakm3dEBhOCss
5xABuz2JVoM+S07OMbqh40dVqkVRz+TtjuGBkcUmABwx6N8uqwYBxINA/dEOc3VD
E1bHaQAC4ap4x8fG4Excm5rCehsii5ufUJ0+0ZZtZcte19u3SvuZt0MU7cMcHOjO
jZ0qzAGWycpFDSGkIL4Zy1miUWJ7KtXIdxjh3q+FxG9JVIQFNblXvoibPEGxN8fD
lVRM+3zJJCyOizZExqqb8zphbohAVD9KV/kuwv4brwXcE490odeNfhIBHc1zaMds
c3FYBfwDCXVgdZJbellHVSOizxbfaRrMupdZ33L5MWOd5u5Mv0HVpRmWEuD0P7sd
1yvRZVU68cY4jPYqX0SplTVpwrRM4IVWYd1cnG28mZ9onE03g63qTcNO8pG+qoDn
RUE=
I did some reseach, and found p7mViewer but it say something about certificates
And SSLStrip is giving me ¿errors?
File images attached
post-46796-0-38271100-1394074921_thumb.p
post-46796-0-38565600-1394074918_thumb.p

Share this post


Link to post
Share on other sites

It's base64 encoded. You can manually decode it from the command line. You will need the base64 core utilities installed. Ran into a similar thing with SMSer infusion and Sprint as the carrier.

Decoded

0^ *H

O0K100q0l10 UUS10 UTX10

UAustin10U

Rapid7 LLC1*0(U!e09a664a.licensing.metasploit.com0

*H

%é5%ST̊n`b=S#fo!Jn~ڴ(Jy"PiQ^N@Y{$e/DZ0{TqOٳ6H>a $l<WCA֦`< { 9<:s~f$r5,xNNr8

.C)JU=)C;8oap9N

DӨg uXc

? 0

*H

0*H

0vðM/ۀ

AN;`,"%{Ii6iIN(g0YR\ʏ]bGxLL|mUj,N=\ ɡGn-jh}v@A!EkEA

-[AhM/j镝at4'T܈&W:ѣɗЄGRBwKcǀIF܇Iޝ,$gz'mEDj4/J԰~FA_ӐJQV)r#!X׀`Mϭ%'H'7TcQG=3^{Yٮ7$5}?\N`ùx8wLr4嵾om;`%=W2$*fx

bV<xi@j)I]0kX

PcC `SG

Z}[_,jdC{h&'E|LTg[<8~' ]Df&

?TEb9#ҴVKx.eW:]PЮJe;`:`NvU_8MZl)<7aP{$xÕNӐUp#d6Gع@"}#7-YQNoUz:#}ngca&<,dGc(b+% ʬ,V

=+p"jP׵N*jw\ǽ.-PCJV=b#nāVh;/w]w~^\k))6hg%HB_h>Y~YHopJ;umf;X~NΌz

[bAZGF|UGJYS#X؟L0)aW6x1F."1b~ʯ*ըO9owinѶVsP_|>f)z=xe6

UmRU@B~~=H 2:

<)d|?"NqKYrK_x

<{|fӠ%ى"x1j' E3$:Net쩕n7'.[ Ek*qƔ+<XK1vӨ-@t2ʹބ^ԇ!ÀLs-) ? wc+8ֹH=5)utZMF1Q2/SR_ p()D4iYLM^sjǩyƨ`"-|S24\ܨ[J(_8b+k.[f

9i Ճt

)TURagt=5E39@qpK.$JBxqW:^ăI{x(d$zj OYPFLCr!Y'nnv1C

Jv-ݞ;OkH

E85J${F<͈_ >?q@K

i>X+=`r/RSJSF96<x_=\qȁ߫z=h}HU^9ϋkf.4*$a/rg]FxHɀ2ƨ<&7$Ԕ"ǓW,z"fg<Aٱx=sQP4wڂeѿ$[3TBa$y"j}]Nd[p*a]~1~e6޽KcoՈ*b#EKȔ4 _$dY)i-P _3Jg/;6ȏ-^?jn)"#e:

.Ȼʹ>Zӗ7{&ľ䰾aL⽇wceL

ӻ|dxsIRd

u>KqoOk뛌yI,4N{xy֊-3UwOʼi8NA}j;.#mx0NڦL?ZguVxhVGɝ/0hG=@iOK_Ϗy~+=-lP藷2NIUcHle_`/sihԀ$<ijq%

qܧZ;)SP\V>Z:I,^tŚepۡl9^Uyv{+*Z^q>,фraWKj

zsc%.޸h6Gm']fdžf6-y|q3[ߓ<

Z zN{II) Co*e10rJ$!,eo$rҽPov|0|='ӈ6\B@mT7F>R*FU)ӷ^SNޙ%È#h"$̛1lYq7][i"4p%^MrѲ<Bq60^

v 3^x'V"߅:afkd%[|;D8/eBn6iB'?!<$.'p';$!Խr{Sƫ<ݰV>,sdwxҠJj*Rg9νʸuoGR#,|8Q2K:\

QPyQJwVk|CIN]ښYO¢`4ҎbZ׌j?>.:w"Z$em$=!#q3*ðUs5Kvk/Sٌ

lWC

>j=F]~ןKR

e:wt5Wؒd}8ҁjF-

mKūt{dj ēr;"dɇ(N27W夗=R-o[npca33t

˗ TMϛ_ior-[ՊޫNpUXReL̀

O{V-Mm;<@ڻż^w\wjjIt@a8+,=V>KN1GUEQၑ&1.ă@suCVixL\z"P>іme^۷JC΍*E

! YQb{*wޯoIT5W<A7ÕTL|$,6Dƪ:an@T?JW.t׍~shlsqX u`u[zYGU#i̺Yr1cLAե?+eU:8*_D5i´LVa\mhM7MN?EA

Share this post


Link to post
Share on other sites

I did the same but online

www.base64decode.org/

I think someone is trying to metasploit the Pineapple network LOL

Anyway, i have runing the pineapple 8 hours ago and this message is been appearing all day:

2014-03-06 03:57:29,417 POST Data (safebrowsing.clients.google.com):

goog-malware-shavar;a:134145-137466:s:126962-132436:mac
googpub-phish-shavar;a:269163-275852:s:15254-16016:mac
How can i block the access to safebrowsing.clients.google.com that redirects to https://encrypted.google.com/

Share this post


Link to post
Share on other sites

Why don't you first try determine the client(s) connecting that could be doing this. Then maybe scan those client(s) and see what's going on. Are they connecting from the same MAC every time? Things like that. Do recon.

Share this post


Link to post
Share on other sites

What does it mean when I see this in the sslstrip log?:

2014-04-06 22:31:15,250 POST Data (safebrowsing.clients.google.com):
goog-malware-shavar;a:135304-139807:s:128606-134455:mac
googpub-phish-shavar;a:272589-280609:s:15639-16562:mac

Share this post


Link to post
Share on other sites

Hi

Im trying to download ssh strips logs via ssh.

I cant find them no where i dont know maybe Im doing something wrong <_< could someone please help me or send me to right direction

Share this post


Link to post
Share on other sites

I noticed when you have the following running your pineapple get very slow:
Karma
TCPDUMP br-lan

SSLstrip

Client via Eth0 connected and let your firefox download his update.

SSLstrip eats your mem and your pineapple get almost unreachable.

Anyone having the same problem?

All non system infusions are installed on SD

Share this post


Link to post
Share on other sites

Maybe a silly question, but why is the sslstrip version on the infusion/WP5 version .6 while version 0.9 is available?

Can i update?

Share this post


Link to post
Share on other sites

when i make my AP at home using the Pineapple i then run karma and then SSLStrip in the output box in SSLstrip it says "filer Undefined" and everything in the output box starts flashing..... has anyone run into this problem before? is there a fix?

thanks for everyones time

Share this post


Link to post
Share on other sites

Having issues with sslstrip....

I've been trying for 2 weeks to get this working, but just being ignorant!

As soon as I start sslstrip, the webpages don't show on first attempt - I have to refresh the page for the page to show... Even this doesn't always work!. sslstrip also sometimes crashes (see capture) I get a line of:

0Q0O0M0K0I0 +

I'm then forced to reboot the pineapple. I find this always happens on twitter.com, and randomly when it feels like it. I also find that when I reinstall the sslstrip infusion, it KIND OF works to begin with, as I have had it work on a couple of ssl sites but then goes all crappy after 5-10 minutes of usage.

Hmmmmm......

Same as mine. but doesnt have the error code im getting.

just the sslstrip output_xxxxx and nothing follows.

Share this post


Link to post
Share on other sites
Hi ....

I have problems with version 1.6 but version 1.5 run perfectly ....

version 1.5 always worked perfectly but since I installed the 1.6 dont working ...

two things happen

stores nothing in the log
and when you save ... it's unreadable
NOTE: it is much faster to load ngix browser ... good work :smile:

Share this post


Link to post
Share on other sites

Did you try to reinstall the infusion? Could fix the problem.

Share this post


Link to post
Share on other sites

Did you try to reinstall the infusion? Could fix the problem.

Yes ... several times ...

works well to you? (1.6)
NOTE: installed on sd ....installed on internal memory ... and nothing works ....

Share this post


Link to post
Share on other sites

Works fine on my device.

Do you have the current Firmware installed?

Share this post


Link to post
Share on other sites

Then try to re-flash v1.4 and reinstall the infusion afterwards. Could be the fastest option.

Share this post


Link to post
Share on other sites

Then try to re-flash v1.4 and reinstall the infusion afterwards. Could be the fastest option.

thanks that I've done ... but also smoothly do it again....

see what happens ....

Share this post


Link to post
Share on other sites

Nop ... dot work correctly

2014-05-23 23:01:57,532 POST Data (ocsp.startssl.com): 0d0b0@0>0<0 +¹²Õm°!³nBö'$XÄ©¦—šëÛ#EýTÌjqo„Š×¾÷/&†q¢00 +0 0 +0 2014-05-23 23:01:59,157 POST Data (ocsp.startssl.com): 0b0`0>0<0:0 +As¦ÓØßj͉kçåb90pi5Nï¤@[¥i‡0Ê4hCÐA®ò¢00 +0 0 +0 2014-05-23 23:02:04,123 POST Data (clients1.google.com): 0i0g0E0C0A0 +òàjù…Šp›I#z©µ(~dJݼöhµvõ¶»bºZ/$ØU4ŠA¦¢00 +0 0 +0 2014-05-23 23:02:04,699 POST Data (gtglobal-ocsp.geotrust.com): 0d0b0@0>0<0 +±´9·—yPñ`¹Ô¢<Ûíîù*ÃA‘¶É¸>UòÀ— :i¢00 +0 0 +0 2014-05-23 23:02:05,063 POST Data (clients1.google.com): 0i0g0E0C0A0 +òàjù…Šp›I#z©µ(~dJݼöhµvõ¶»bºZ/€ômÔߪ¢00 +0 0 +0 2014-05-23 23:02:11,834 POST Data (clients1.google.com): 0i0g0E0C0A0 +òàjù…Šp›I#z©µ(~dJݼöhµvõ¶»bºZ/Tõu¿=ç^¢00 +0 0 +0 2014-05-23 23:02:12,419 POST Data (clients1.google.com): 0i0g0E0C0A0 +òàjù…Šp›I#z©µ(~dJݼöhµvõ¶»bºZ/nìv€Êy¢00 +0 0 +0 2014-05-23 23:02:13,302 POST Data (clients1.google.com): 0i0g0E0C0A0 +òàjù…Šp›I#z©µ(~dJݼöhµvõ¶»bºZ/Î×w~Øâ00 +0 0 +0 2014-05-23 23:02:48,593 POST Data (evsecure-ocsp.verisign.com): 0q0o0M0K0I0 +¹é²‡…øì¥ûBá>IÇ$&âÓe§ÂÝì»ð0 óC9ú¯313*m7åoÖÊ|ÃïºÌ¢00 +0 0 +0 2014-05-23 23:02:49,954 POST Data (sb.symcd.com): 0q0o0M0K0I0 +9¯´9–VýÆÓXït…‹™NCÈvï7SzOòXo”ó8âÕ½ßpJé˜0ùF¢˜[Áüƒ »¢00 +0 0 +0 2014-05-23 23:02:50,098 POST Data (evsecure-ocsp.verisign.com): 0q0o0M0K0I0 +¹é²‡…øì¥ûBá>IÇ$&âÓe§ÂÝì»ð0 óC9ú¯313,HÝ“ õYŽù<™Tz`íC¢00 +0 0 +0 2014-05-23 23:02:50,232 POST Data (sb.symcd.com): 0q0o0M0K0I0 +9¯´9–VýÆÓXït…‹™NCÈvï7SzOòXo”ó8âÕ½ßpJé˜0ùF¢˜[Áüƒ »¢00 +0 0 +0 2014-05-23 23:02:51,732 POST Data (ocsp.digicert.com): 0q0o0M0K0I0 +íH­ÝË{â„*©´ ñ¬04Ï–Pês‰Û)ûžå ÔÞy™Hƒ÷ÁžøK—0géÉ!°¢00 +0 0 +0 2014-05-23 23:02:51,970 POST Data (ocsp.digicert.com): 0q0o0M0K0I0 +ߪã(± A“âŸB‚ÎG@B•X£±>Ãiø¿GÔ˜&ïcd+à _M[‘ÒïÔŒ?;¢00 +0 0 +0 2014-05-23 23:02:52,756 POST Data (ocsp.digicert.com): 0q0o0M0K0I0 +íH­ÝË{â„*©´ ñ¬04Ï–Pês‰Û)ûžå ÔÞy™Hƒ÷Ÿ^1µŒ&æ<î^ØVá¢00 +0 0 +0 2014-05-23 23:02:52,899 POST Data (ocsp.digicert.com): 0q0o0M0K0I0 +€Q2­šÂ}Q‡ è‡ûbUîÞP5VÑL»fð£âײ=ÑUý£ënÊuȈC‹rKϼ‘¢00 +0 0 +0 2014-05-23 23:02:53,475 POST Data (ocsp.digicert.com): 0q0o0M0K0I0 + ¦”‹¾è%¤:EUvfUÁ’3qÛ7ësÈïÜÕ¶4º+Z ¦’65z–­x`Û•á‡m¢00 +0 0 +0 2014-05-23 23:02:53,782 POST Data (ocsp.digicert.com): 0q0o0M0K0I0 +€Q2­šÂ}Q‡ è‡ûbUîÞP5VÑL»fð£âײ=ÑUž·Ïû©zõåÉ¢@7¢00 +0 0 +0 2014-05-23 23:03:09,166 POST Data (sb.symcd.com): 0q0o0M0K0I0 +9¯´9–VýÆÓXït…‹™NCÈvï7SzOòXo”ó8âÕ½ßSümðÂ(9Íð­¶Cñ0/¢00 +0 0 +0 2014-05-23 23:03:09,306 POST Data (sb.symcd.com): 0q0o0M0K0I0 +9¯´9–VýÆÓXït…‹™NCÈvï7SzOòXo”ó8âÕ½ßSümðÂ(9Íð­¶Cñ0/¢00 +0 0 +0 2014-05-23 23:03:14,444 POST Data (ocsp.verisign.com): 0q0o0M0K0I0 +)8t²–)~Ø5bRdS àƒ D\SDÁ‚~ «%ôcؾy¥UROÊ#ÜZN݇_“¯¢00 +0 0 +0 2014-05-23 23:03:39,696 POST Data (clients1.google.com): 0i0g0E0C0A0 +òàjù…Šp›I#z©µ(~dJݼöhµvõ¶»bºZ/++Í!x½ÒÛ¢00 +0 0 +0 2014-05-23 23:04:14,748 POST Data (ocsp.startssl.com): 0d0b0@0>0<0 +¹²Õm°!³nBö'$XÄ©¦—šëÛ#EýTÌjqo„Š×¾÷/&†'¢00 +0 0 +0 2014-05-23 23:05:16,480 POST Data (ocsp.comodoca.com): 0q0o0M0K0I0 +ýçJ„¢ÌmÖÄt;û¿Š¾J8¤X?ÕµÐÖDyPJ£›ŒJܸ°"dkwge•û3fä7$x¢00 +0 0 +0 2014-05-23 23:05:17,572 POST Data (ocsp.usertrust.com): 0q0o0M0K0I0 +|±fTœ«ÛDîb&­ôe{÷zÕ”­½˜z4´&÷úÄ&Tï½à$ËTÃ)¶xQ°4HFË¢00 +0 0 +0

Share this post


Link to post
Share on other sites

after test and do the same on the mk4 ...

2014-05-23 22:23:37,113 SECURE POST Data (opsen.dolphin-browser.com):
%7B%22osvn%22%3A%222.3.4%22%2C%22os%22%3A%22Android%22%2C%22app%22%3A%5B%7B%22vn%22%3A195%2C%22pn%22%3A%22mobi.mgeek.TunnyBrowser%22%2C%22src%22%3A%22ofw%22%7D%5D%2C%22rom%22%3A%22samsung%5C%2FGT-I9100%5C%2FGT-I9100%3A2.3.4%5C%2FGINGERBREAD%5C%2FXXKH3%3Auser%5C%2Frelease-keys%22%2C%22md%22%3A%22GT-I9100%22%2C%22cpu%22%3A%22ARMv7+Processor+rev+1+%28v7l%29%22%2C%22did%22%3A%22eb84ef7682e119e704dc50fde974ac13%22%2C%22re%22%3A%22480*800%22%7D
2014-05-23 22:23:43,074 POST Data (es-odc.samsungapps.com):
<?xml version="1.0" encoding="UTF-8" standalone="yes" ?><SamsungProtocol networkType="0" version2="3" lang="EN" openApiVersion="10" deviceModel="GT-I9100" mcc="214" mnc="03" csc="KOR" odcVersion="14040104.21.007.0" version="4.0" filter="1"><request name="appInstallLog" id="2905" numParam="1" transactionId="0"><param name="appId">jackpal.androidterm</param></request></SamsungProtocol>
2014-05-23 22:24:18,143 SECURE POST Data (m.facebook.com):
lsd=AVpVQSbO&charset_test=%E2%82%AC%2C%C2%B4%2C%E2%82%AC%2C%C2%B4%2C%E6%B0%B4%2C%D0%94%2C%D0%84&version=1&ajax=0&width=0&pxr=0&gps=0&m_ts=1400883833&li=ecp_U92gkzxK9Hkks0ZQXlPN&email=qwerty%40123456.com&pass=qwerty&login=Entrar

to

much difference
doing the same ..... uuufffffff .....definitely not right this version of sslstrip
OK SOLVED WITH 1.4.1 FIRMWARE

Share this post


Link to post
Share on other sites

After enabling SSLStrip, the first time a user tries to access a site that enforces HTTPS, it says the page cannot be displayed. But if they try again or refresh, then it works.

Share this post


Link to post
Share on other sites

  • Recently Browsing   0 members

    No registered users viewing this page.

×