Lucard Posted November 20, 2013 Posted November 20, 2013 I have teh MK5 and just started to use it I did all the updates. No errors I then installed the sslstip to the local device and it works I get all the https traffic in the log window but when I try like www.google.com on the pc that is logged into the wifi of the mk5 it will time out but if I change the address to https://www.google.com it works the page will load and the MK5 will log the traffic. Quote
Mr-Protocol Posted November 21, 2013 Posted November 21, 2013 It's because google has transitioned to always use HTTPS. So there is probably a redirect bug with sslstrip or something. Quote
Lucard Posted November 21, 2013 Author Posted November 21, 2013 But i get this on any address I type in www.cnn.com yahoo.com news.com the only ones that will load are the ones i put the https in the address Quote
Mr-Protocol Posted November 21, 2013 Posted November 21, 2013 Maybe it has something to do with your iptables routing? I haven't played with sslstrip in a long time on a backtrack laptop. Quote
henry Posted November 21, 2013 Posted November 21, 2013 Lucard, I was having the exact same problem. However, when I started urlsnarf, the port 80 forwarding seemed to snap back into place. Anybody have any ideas on why this is? Quote
FreeFallin Posted November 22, 2013 Posted November 22, 2013 Please try the following and report back: Comment out lines 97 and line 98 of /usr/lib/python2.7/site-packages/sslstrip/ServerConnection.py file by adding a "#" to the beginning of each line: # elif (key.lower() == 'set-cookie'): # self.client.responseHeaders.addRawHeader(key, value) Do you still get the error after that? I had the same problem with non https traffic. If you login via ssh, run sslstrip via command line and then attempt to surf, and you see errors - try the above solution posted by Garland in the 1.03 Firmware thread. Probably, try it regardless. it solved my problem. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.