Jump to content

ddwrt ->kali ->proxy-> iptables help...


Recommended Posts

Posted

I have been ssearching online for 'ddwrt iptables proxy'

I have found some nice example scripts...

I'm looking for help with iptables... maybe there is a skilled iptables guru that is actave here...

I figured I will use burpsuit for a quick proxy

Proxy ip 192.168.69.103:666

ddwrt ip 192.168.69.1/255.255.255.0

Posted

I played _some_ with that. Guru... not really (really not).

But fire away. Worst that can happen is people will say "buggered if I know".

Posted

nc 192.168.69.1 23

logged into root on ddwrt and iptables is acceptable command

here is a basic example

PROXY_IP=192.168.69.103
PROXY_PORT=666
LAN_IP=`nvram get lan_ipaddr`
LAN_NET=$LAN_IP/`nvram get lan_netmask`

iptables -t nat -A PREROUTING -i br0 -s $LAN_NET -d $LAN_NET -p tcp --dport 80 -j ACCEPT
iptables -t nat -A PREROUTING -i br0 -s ! $PROXY_IP -p tcp --dport 80 -j DNAT --to $PROXY_IP:$PROXY_PORT
iptables -t nat -I POSTROUTING -o br0 -s $LAN_NET -d $PROXY_IP -p tcp -j SNAT --to $LAN_IP
iptables -I FORWARD -i br0 -o br0 -s $LAN_NET -d $PROXY_IP -p tcp --dport $PROXY_PORT -j ACCEPT
Posted

So above script will forward http traffic to kali running burpsuit on port 666...

Seems to work just fine... I would like to put sslstrip in front of the proxy...

Any ideas for how kali could configure iptables o place sslstrip in the mix

Posted

so I have been running test all day... your wifi router running ddwrt and iptables script above you can easly send traffic to kali...

sslstrip is only effective when a client request htttp://face-book

If the client request htttps://face-book then ssltrip will miss this request

if you try sslstrip on android applications like facebook gmail yahoo twitter. you will notice some red flags with the certificates... fb was blood red!

So... I found sslsniff and sslsplit... these tools seem to be the key to success...

But I get segment faults when I test these tools...

Posted

Think you can acquire a core dump for them? If so it's decidedly easier to see what the tool is borking on.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...