Jump to content

SSLSTRIP almost there!


Recommended Posts

As far as I know hotmail.com and www.hotmail.com don't even exist, it should redirect to login.live.com for both, and I think Microsoft uses HSTS or some other implementation there of, which will redirect all http traffic, back over to https/ssl/tls. The only way it should work is if someone uses IE7 or older I think, since the browsers also help to enforce HSTS I think, but don't quote me on that.

Link to comment
Share on other sites

weird because it works with google chrome, also with firefox (unless he types then autocomplete)

when the target google for "facebook" then click on the link, it won't work too because it brings us https://pt-br.facebook.com/ .

when the target google for "hotmail", "gmail", "ymail", etc then click on the link.. its working because they bring us mail.live.com/, mail.google.com/ and mail.yahoo.com/

without https before.

I was wondering if I can redirect them to www.facebook.com.. sure it'd work but i didnt get how to do this yet.. As I said, tried with dnsspoof but unsuccessful. Dont know if it would be urlspoof, still trying

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...