i8igmac Posted April 5, 2014 Share Posted April 5, 2014 I have been ssearching online for 'ddwrt iptables proxy' I have found some nice example scripts... I'm looking for help with iptables... maybe there is a skilled iptables guru that is actave here... I figured I will use burpsuit for a quick proxy Proxy ip 192.168.69.103:666 ddwrt ip 192.168.69.1/255.255.255.0 Quote Link to comment Share on other sites More sharing options...
cooper Posted April 5, 2014 Share Posted April 5, 2014 I played _some_ with that. Guru... not really (really not). But fire away. Worst that can happen is people will say "buggered if I know". Quote Link to comment Share on other sites More sharing options...
i8igmac Posted April 6, 2014 Author Share Posted April 6, 2014 nc 192.168.69.1 23 logged into root on ddwrt and iptables is acceptable command here is a basic example PROXY_IP=192.168.69.103 PROXY_PORT=666 LAN_IP=`nvram get lan_ipaddr` LAN_NET=$LAN_IP/`nvram get lan_netmask` iptables -t nat -A PREROUTING -i br0 -s $LAN_NET -d $LAN_NET -p tcp --dport 80 -j ACCEPT iptables -t nat -A PREROUTING -i br0 -s ! $PROXY_IP -p tcp --dport 80 -j DNAT --to $PROXY_IP:$PROXY_PORT iptables -t nat -I POSTROUTING -o br0 -s $LAN_NET -d $PROXY_IP -p tcp -j SNAT --to $LAN_IP iptables -I FORWARD -i br0 -o br0 -s $LAN_NET -d $PROXY_IP -p tcp --dport $PROXY_PORT -j ACCEPT Quote Link to comment Share on other sites More sharing options...
i8igmac Posted April 6, 2014 Author Share Posted April 6, 2014 So above script will forward http traffic to kali running burpsuit on port 666... Seems to work just fine... I would like to put sslstrip in front of the proxy... Any ideas for how kali could configure iptables o place sslstrip in the mix Quote Link to comment Share on other sites More sharing options...
i8igmac Posted April 7, 2014 Author Share Posted April 7, 2014 so I have been running test all day... your wifi router running ddwrt and iptables script above you can easly send traffic to kali... sslstrip is only effective when a client request htttp://face-book If the client request htttps://face-book then ssltrip will miss this request if you try sslstrip on android applications like facebook gmail yahoo twitter. you will notice some red flags with the certificates... fb was blood red! So... I found sslsniff and sslsplit... these tools seem to be the key to success... But I get segment faults when I test these tools... Quote Link to comment Share on other sites More sharing options...
cooper Posted April 7, 2014 Share Posted April 7, 2014 Think you can acquire a core dump for them? If so it's decidedly easier to see what the tool is borking on. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.