Jump to content

Recommended Posts

Posted (edited)

Apologies for the newbie question:

What's the solution for allowing the user to be directed to their desired site once sslstrip has captured credentails? Currently it's just reloading the log in screen rather than allowing login.

Edited by haknakpdywak
Posted (edited)

The question itself needed tweeking. What's needed is the dnsspoof infusion + a wide knowlege of scripting languages to create the forwarding page. Such as: PHP; HTML; Javascript; CSS; etc. Off to the codeacadamy!

Edited by haknakpdywak
Posted (edited)

A quick fix for the sslstrip is to turn on the 1 sec refresh and switch off the infusion as soon as anything comes in. Not a ideal solution at all compared to writing custom script for dnsspoof but it does allow user x through to the other side.

Edited by haknakpdywak
Posted

Honestly you've kind of lost me... You're talking about two different applications. By default sslstrip is supposed to collect the credential but allow the user into the site. If that is not working there is something wrong. So you're quick fix may work but it shoudln't be needed. And what do you mean "switch off the infusion" as soon as anything comes in? Hit the little x in the top left to close the sslstrip window? Or turn off sslstrip? (Fairly certain you mean the first one...) Either way I'm not tracking why you would need some sort of custom script with a completely different program to correct an sslstrip problem. Unless you are trying to use the redirect functions of dnsspoof to fix sslstrip.

Posted (edited)

Is it? Because it just reloads rather than allowing X through. By 'switching off' I meant turning off sslstip so that it would stop both the reload loop and capture. I was assuming that sslstrip was made to not redirect so the plan was to write a custom script in dnsspoof.

Edited by haknakpdywak
Posted

Is there a way to fix the refresh loop?

Some tweeks seem to be going on with the infusion now. For a few min. it was flashing "Filter: Undefined". That stopped but now the "Loading.." is flashing and it won't capture any info.

Posted

I don't know how to fix what you're seeing... There are several threads on sslstrip and some issues people have seen in the past. You might try installing the Strip and Inject infusion... Or removing and reinstalling or a factory reset or a firmware reflash. Just depends on what's broken and how badly you want it to work.

Posted (edited)

I gave the factory reset a go with no results. The Hak5 forums is the only site tried so far that allows access after entering the login credentails. I'll try strip-n-inject after brushing up on HTML coding.

Edited by haknakpdywak

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...