5h4g Posted October 21, 2013 Share Posted October 21, 2013 (edited) yup uninstalled twisted-web and reinstalled and sslstrip is back up and running!! I tried this and still no love. First I ran: root@Pineapple:/sd# opkg remove twisted-web --force-depends Removing package twisted-web from root... root@Pineapple:/sd# opkg update Downloading http://cloud.wifipineapple.com/mk5/packages/Packages.gz. Updated list of available packages in /var/opkg-lists/pineapple_packages. root@Pineapple:/sd# opkg install twisted-web Installing twisted-web (2.5.0-1) to root... Downloading http://cloud.wifipineapple.com/mk5/packages/twisted-web_2.5.0-1_ar71xx.ipk. Configuring twisted-web. root@Pineapple:/sd# Then I tried re-installing sslstrip as an Infusion, but was getting the same behavior (it says it's not installed still). I then un-installed sslstrip as an infusion, and instead tried installing it with opkg via CLI, but when I run it, now I get this error (which is different than the error I was getting prior to uninstalling and re-installing twisted-web): root@Pineapple:~# sslstrip Traceback (most recent call last): File "/sd/usr/bin/sslstrip", line 30, in <module> from sslstrip.StrippingProxy import StrippingProxy ImportError: No module named sslstrip.StrippingProxy Anyone have any ideas... like many a Pineapple user, I'm a linux newb...so forgive me if I'm missing something obvious. Have been working on getting sslstrip to work for 4 hours now. Tried turning off Karma (and persistance), rebooting. Tried removing and re-installeing twisted-web. And have been scouring the forums and intertubez... help! The demo I need to show my client is simple: Karma running to trick their iOS device into connecting to previously-known SSID. Then just sslstrip running against various iOS app interfaces to see which might be vulnerable to sslstrip attacks (including Safari browser sessions to Facebook, etc.) I'm running a MKV I just bought on-site at Toorcon yesterday.... Edited October 21, 2013 by 5h4g Quote Link to comment Share on other sites More sharing options...
leg3nd Posted October 21, 2013 Share Posted October 21, 2013 54hg - you're pretty close. You seem to have gotten twisted-web to be detected... now you just need to get the sslstrip modules in the right location. Run this, then try "sslstrip" again and post the output. ln -s /sd/usr/lib/python2.7/site-packages/sslstrip /usr/lib/python2.7/site-packages/ Quote Link to comment Share on other sites More sharing options...
5h4g Posted October 21, 2013 Share Posted October 21, 2013 (edited) here's the output after running that command: root@Pineapple:~# ln -s /sd/usr/lib/python2.7/site-packages/sslstrip /usr/lib/python2.7/site-packages/root@Pineapple:~# sslstripTraceback (most recent call last): File "/sd/usr/bin/sslstrip", line 30, in <module> from sslstrip.StrippingProxy import StrippingProxy File "/usr/lib/python2.7/site-packages/sslstrip/StrippingProxy.py", line 20, in <module> from ClientRequest import ClientRequest File "/usr/lib/python2.7/site-packages/sslstrip/ClientRequest.py", line 25, in <module> from twisted.internet import ssl File "/usr/lib/python2.7/site-packages/twisted/internet/ssl.py", line 47, in <module> from OpenSSL import SSLImportError: No module named OpenSSLroot@Pineapple:~# btw, I'm going to be afk busy tonight..but will check back in the am first thing. ty so much for the help so far! Edited October 21, 2013 by 5h4g Quote Link to comment Share on other sites More sharing options...
leg3nd Posted October 21, 2013 Share Posted October 21, 2013 You got it man. One more command and you're done. ln -s /sd/usr/lib/python2.7/site-packages/OpenSSL/ /usr/lib/python2.7/site-packages/ Should work after that. Quote Link to comment Share on other sites More sharing options...
Jmanuel Posted October 23, 2013 Share Posted October 23, 2013 Thanks leg3nd and digitalia, re-installing twisted-web and creating the symlinks fixed sslstrip. I'm able to run sslstrip from ssh, but on the UI sslstrip says not installed. Quote Link to comment Share on other sites More sharing options...
Jmanuel Posted October 23, 2013 Share Posted October 23, 2013 (edited) I SSH into the pineapple and ran the following. This will definitely fix the sslstrip, I tested it after doing a factory reset and it worked opkg remove twisted-web --force-depends opkg update opkg install twisted-web ln -s /sd/usr/lib/python2.7/site-packages/sslstrip /usr/lib/python2.7/site-packages/ ln -s /sd/usr/lib/python2.7/site-packages/OpenSSL/ /usr/lib/python2.7/site-packages/ sslstrip Edited October 23, 2013 by Jmanuel Quote Link to comment Share on other sites More sharing options...
anode Posted October 23, 2013 Share Posted October 23, 2013 I have it installed and can start manually (form web-interface.) But the auto-start doesn't work. This normal? for now? Quote Link to comment Share on other sites More sharing options...
Hackman1970 Posted October 23, 2013 Share Posted October 23, 2013 I SSH into the pineapple and ran the following. This will definitely fix the sslstrip, I tested it after doing a factory reset and it worked opkg remove twisted-web --force-depends opkg update opkg install twisted-web ln -s /sd/usr/lib/python2.7/site-packages/sslstrip /usr/lib/python2.7/site-packages/ ln -s /sd/usr/lib/python2.7/site-packages/OpenSSL/ /usr/lib/python2.7/site-packages/ sslstrip This worked for me. I can now start sslstrip from console :) , but it still says not installed in web interface... Quote Link to comment Share on other sites More sharing options...
leg3nd Posted October 24, 2013 Share Posted October 24, 2013 (edited) Glad my symbolic links could provide some level of assistance here. That's odd that it would say "not installed" on the web interface... if you run "which sslstrip" on the pineapple - does it return any data? This is basically how the infusion is determining the installation state of sslstrip. Edited October 24, 2013 by leg3nd Quote Link to comment Share on other sites More sharing options...
bobbytables Posted October 24, 2013 Share Posted October 24, 2013 Had the same issue. Thanks to leg3nd, sslstrip now starts up, but doesn't actually work. It's installed to internal mem. I've changed the default network and IP address of the pineapple to 192.168.2.1. Everything works fine on this address, can access internet, can run karma and clients connected through karma can access internet. So networking works. Installed firefox 16 on victim computer, which doesn't support HSTS just to be safe. Then browsed to www.yahoo.com (so searches are in clear text). Then searched for a site that I know offers SSL. Click on link, link takes me to the SSL version of the site. Then stopped sslstrip from the gui and ran it from the command line as follows: iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 9999 sslstrip -s -l 9999 Same behaviour. Any ideas? Quote Link to comment Share on other sites More sharing options...
Hackman1970 Posted October 25, 2013 Share Posted October 25, 2013 Executing 'which sslstrip': /usr/bin/sslstrip Got it working now, had to factory reset, then install SSLStrip from large tile and then I repeated steps for twisted web :-) Quote Link to comment Share on other sites More sharing options...
Whistle Master Posted October 27, 2013 Share Posted October 27, 2013 I'm going to include the fixes in the next version of the infusion. Quote Link to comment Share on other sites More sharing options...
Whistle Master Posted October 27, 2013 Share Posted October 27, 2013 (edited) thesugarat, the infusion is being updated to work on the MK5 properly, stay tuned ! Edited October 27, 2013 by Whistle Master Quote Link to comment Share on other sites More sharing options...
thesugarat Posted October 27, 2013 Share Posted October 27, 2013 (edited) I'm not trying to rush you Whistle Master. This was my attempt to teach myself about php and see if I could make it work. I just thought I'd pass on several hours of work to anyone who felt like using it. My only experience with php or any kind of coding is due to the pineapple. Edit: Deleted original post to avoid confusion per your request… It was still a learning experience for me. I didn't know you were going to drop all of those updates last night right after my post. Edited October 27, 2013 by thesugarat Quote Link to comment Share on other sites More sharing options...
Whistle Master Posted October 27, 2013 Share Posted October 27, 2013 A new version 1.3 is out, correcting installation and detection issue of sslstrip. Quote Link to comment Share on other sites More sharing options...
leg3nd Posted October 27, 2013 Share Posted October 27, 2013 Awesome, thanks Whistle Master! Quote Link to comment Share on other sites More sharing options...
anode Posted October 30, 2013 Share Posted October 30, 2013 After a factory resett for some strange reason and installing 1.3, sslstrip starts (still only manually) and then stops but still says 'enabled'. A refresh says its not running. Quote Link to comment Share on other sites More sharing options...
Whistle Master Posted October 30, 2013 Share Posted October 30, 2013 (edited) Could you login to the pineapple through ssh and try to issue sslstrip directly and copy-paste the output you receive ? Does the infusion state that sslstrip is installed ? Edited October 30, 2013 by Whistle Master Quote Link to comment Share on other sites More sharing options...
levisiccard Posted October 30, 2013 Share Posted October 30, 2013 After a factory resett for some strange reason and installing 1.3, sslstrip starts (still only manually) and then stops but still says 'enabled'. A refresh says its not running. same problem here Quote Link to comment Share on other sites More sharing options...
levisiccard Posted October 30, 2013 Share Posted October 30, 2013 Could you login to the pineapple through ssh and try to issue sslstrip directly and copy-paste the output you receive ? Does the infusion state that sslstrip is installed ? Is this what you mean? root@Pineapple:~# sslstrip Traceback (most recent call last): File "/sd/usr/bin/sslstrip", line 30, in <module> from sslstrip.StrippingProxy import StrippingProxy ImportError: No module named sslstrip.StrippingProxy Quote Link to comment Share on other sites More sharing options...
anode Posted October 30, 2013 Share Posted October 30, 2013 I got same result it seems: root@Pineapple:~# sslstripTraceback (most recent call last): File "/sd/usr/bin/sslstrip", line 30, in <module> from sslstrip.StrippingProxy import StrippingProxyImportError: No module named sslstrip.StrippingProxyroot@Pineapple:~# I appreciate the effort WM! Quote Link to comment Share on other sites More sharing options...
thesugarat Posted October 31, 2013 Share Posted October 31, 2013 (edited) Anode, Strange question... What happens when you start it from the small tile then enter the big one? Ohh and if you're installing the latest version of sslstrip you shouldn't need to fix the symbolic links as in the previous posts in this thread but the error code sure looks identical. Edited October 31, 2013 by thesugarat Quote Link to comment Share on other sites More sharing options...
Tlows Posted October 31, 2013 Share Posted October 31, 2013 I got same result it seems: root@Pineapple:~# sslstrip Traceback (most recent call last): File "/sd/usr/bin/sslstrip", line 30, in <module> from sslstrip.StrippingProxy import StrippingProxy ImportError: No module named sslstrip.StrippingProxy root@Pineapple:~# I appreciate the effort WM! Same Problem here... Is there yet a workaround known to fix this bug? Quote Link to comment Share on other sites More sharing options...
anode Posted October 31, 2013 Share Posted October 31, 2013 Anode, Strange question... What happens when you start it from the small tile then enter the big one? Ohh and if you're installing the latest version of sslstrip you shouldn't need to fix the symbolic links as in the previous posts in this thread but the error code sure looks identical. I did do the symlynk. That cause the prob? (I'm still fuzzy on symlinks) But here's my output: (I usually start it via the small title) Not started at all: root@Pineapple:~# sslstrip Traceback (most recent call last): File "/sd/usr/bin/sslstrip", line 30, in <module> from sslstrip.StrippingProxy import StrippingProxy ImportError: No module named sslstrip.StrippingProxy root@Pineapple:~# Started via small title: root@Pineapple:~# sslstrip Traceback (most recent call last): File "/sd/usr/bin/sslstrip", line 30, in <module> from sslstrip.StrippingProxy import StrippingProxy ImportError: No module named sslstrip.StrippingProxy Started via large title: root@Pineapple:~# sslstrip Traceback (most recent call last): File "/sd/usr/bin/sslstrip", line 30, in <module> from sslstrip.StrippingProxy import StrippingProxy ImportError: No module named sslstrip.StrippingProxy root@Pineapple:~# I did not reboot the WP between tries. Quote Link to comment Share on other sites More sharing options...
Mit0s1s Posted November 2, 2013 Share Posted November 2, 2013 sslstrip update to 1.4 seems to have fixed all!!!! stripping and passing perfectly. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.