destroyer Posted January 18, 2014 Share Posted January 18, 2014 (edited) Sorry upfront, had to make this more clear! Is it possible to use the wifi pineapple to connect to my own home network and run sslstrip, sounds like a simple thing to do but i have not been able to do it. I connected the pineapple wirelessly to my network and ran sslstrip but nothing seems to happen, am i missing a step or is it just not possible to do? Edited January 18, 2014 by destroyer Quote Link to comment Share on other sites More sharing options...
no42 Posted January 18, 2014 Share Posted January 18, 2014 it is possible see http://penturalabs.wordpress.com/2013/11/06/wifi-pineapple-decrypting-ssl-traffic-on-mobile-applications/ as an example. Not sure what you have done wrong Quote Link to comment Share on other sites More sharing options...
zz2Fac3zz Posted January 18, 2014 Share Posted January 18, 2014 Well from what I've found (correct me if i'm wrong) its a little more difficult then it may seem at first, and i'll explain why. #For these examples I'm going to use wlan0 for people to connect to and wlan1 for your pineapple to connect to a wireless network. The way the sslstrip infusion works now is someone connects to the pineapple and the traffic goes from wlan0 -> wlan1 -> wirelessnetwork -> internet Because all the traffic is going through the pineapple its easy for the infusion to intercept the packets. Now what your trying to do is intercept traffic that isn't going though the pineapple but instead is already on a wireless network. In order to do that you need to redirect the traffic on the network to go thought the pineapple. You can redirect the traffic by SSHing into your pineapple and using ARPSpoof or Ettercap. But from what I've found is it becomes terrible slow and unstable. Quote Link to comment Share on other sites More sharing options...
destroyer Posted January 19, 2014 Author Share Posted January 19, 2014 Well from what I've found (correct me if i'm wrong) its a little more difficult then it may seem at first, and i'll explain why. #For these examples I'm going to use wlan0 for people to connect to and wlan1 for your pineapple to connect to a wireless network. The way the sslstrip infusion works now is someone connects to the pineapple and the traffic goes from wlan0 -> wlan1 -> wirelessnetwork -> internet Because all the traffic is going through the pineapple its easy for the infusion to intercept the packets. Now what your trying to do is intercept traffic that isn't going though the pineapple but instead is already on a wireless network. In order to do that you need to redirect the traffic on the network to go thought the pineapple. You can redirect the traffic by SSHing into your pineapple and using ARPSpoof or Ettercap. But from what I've found is it becomes terrible slow and unstable. "Now what your trying to do is intercept traffic that isn't going though the pineapple but instead is already on a wireless network. In order to do that you need to redirect the traffic on the network to go thought the pineapple. You can redirect the traffic by SSHing into your pineapple and using ARPSpoof or Ettercap" Yes this is exactly what I want to do, do you or anyone else have a tutorial on how to do this? Quote Link to comment Share on other sites More sharing options...
zz2Fac3zz Posted January 19, 2014 Share Posted January 19, 2014 You can run sslstrip manually by just SSHing into your pineapple. Flip your machine into forwarding mode. (should already be done by default) echo "1" > /proc/sys/net/ipv4/ip_forward Setup iptables to redirect HTTP traffic to sslstrip. (sslstrip default listenPort is 8080) iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port <listenPort> Run sslstrip. sslstrip -l <listenPort> Run arpspoof to convince a network they should send their traffic to you. arpspoof -i <interface> -t <targetIP> <gatewayIP> Quote Link to comment Share on other sites More sharing options...
destroyer Posted January 19, 2014 Author Share Posted January 19, 2014 (edited) OK, I may as well stick with booting into backtrack to use sslstrip. I think that there may be a market for a hardware box that is used exclusively for sslstrip like the pineapple or the Reaver box. This could be a good opportunity for Darrem Kitchen or someone else to develop and market to the pentesting community!!! Thanks and if anyone has any other suggestions i would appreciate it. Edited January 19, 2014 by destroyer Quote Link to comment Share on other sites More sharing options...
fugu Posted February 23, 2014 Share Posted February 23, 2014 <br /> You can redirect the traffic by SSHing into your pineapple and using ARPSpoof or Ettercap. But from what I've found is it becomes terrible slow and unstable. <br /> <br /> I'm not sure if this is true or not, but I think the problem comes down to python's twisted libraries. I've played around with twisted a while back and was not impressed with its functionality. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.