Romanvanloo Posted April 8, 2014 Share Posted April 8, 2014 Hey guys, Sorry if i put this in the wrong category. I'm trying to use ssl strip + arp spoofing. I do exact the same like on every tutorial. But once everything is done, my victim has no internet. He can't load the page! If i just arp spoof my target, use something like urlsnarf. Everything works fine... Can someone please help me, i'm searching a while for a solution. By the way, sorry for my bad english. :( Quote Link to comment Share on other sites More sharing options...
Solace Posted April 12, 2014 Share Posted April 12, 2014 I believe your problem is that you haven't properly updated your firewall restrictions. By default SSLStrip listens on port 10000, assuming you're on linux, try this command iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-ports 10000 if you're on BSD or OS X, try this sudo ipfw add fwd 127.0.0.1,12345 tcp from not me to any 443 in via en0 Quote Link to comment Share on other sites More sharing options...
Romanvanloo Posted April 13, 2014 Author Share Posted April 13, 2014 I use it on kali linux. And i always use that iptables command, excact the same as you quoted! Quote Link to comment Share on other sites More sharing options...
Solace Posted April 13, 2014 Share Posted April 13, 2014 Are you sure you're forwarding packets? Also are you using Ethernet or a WiFi card? Quote Link to comment Share on other sites More sharing options...
Romanvanloo Posted April 13, 2014 Author Share Posted April 13, 2014 Wifi, alfa awus036H Quote Link to comment Share on other sites More sharing options...
Solace Posted April 20, 2014 Share Posted April 20, 2014 Everything should work... try following this exactly... sudo echo 1 > /proc/sys/net/ipv4/ip_forward uncomment the two lines in your etter.conf file sudo iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-ports 10000 ifconfig to get your device name, let's pretend it's eth0 as well as the default gateway, we'll pretend it's 192.168.0.1 sudo arpspoof -i eth0 192.168.0.1 ettercap -T -q -i eth0 if you want SSL bypassing sslstrip -a -k -f Quote Link to comment Share on other sites More sharing options...
Solace Posted April 20, 2014 Share Posted April 20, 2014 Also if you're doing this on a VM, make sure you're on a bridged network under network settings Quote Link to comment Share on other sites More sharing options...
Romanvanloo Posted April 23, 2014 Author Share Posted April 23, 2014 Yeah finally it works, but actually it works the first 2 minutes, than it stopped stripping.... how's that possible? Quote Link to comment Share on other sites More sharing options...
Romanvanloo Posted April 23, 2014 Author Share Posted April 23, 2014 okay it got stuck again... Quote Link to comment Share on other sites More sharing options...
Romanvanloo Posted April 23, 2014 Author Share Posted April 23, 2014 But now i still have internet... Everything worked fine for like 2 minutes, i logged in at http google and i could see the pass... But now i'm not able to do it again Quote Link to comment Share on other sites More sharing options...
repzeroworld Posted May 19, 2014 Share Posted May 19, 2014 Hey guys, Sorry if i put this in the wrong category. I'm trying to use ssl strip + arp spoofing. I do exact the same like on every tutorial. But once everything is done, my victim has no internet. He can't load the page! If i just arp spoof my target, use something like urlsnarf. Everything works fine... Can someone please help me, i'm searching a while for a solution. By the way, sorry for my bad english. :( hello Romanvanloo, There are different forms of man in the middle attack...this form of man in the middle attack does not guarantee all tcp packets will be forwarded to your device, that is,using arpsoof will not guarantee that tcp all packets from all users will be forwarded to your device...what arpspoof does is send out ARP packets to tell others that you are the true gateway to the internet so that they can initiate a tcp connection which will redirected to your browser (port 1000 or 8080 by default depending on which version of sslstrip you are using)..also the Access Point that is the true gateway will also be sending out ARP packets stating that it is the true gateway...eventually the network will be unstable at times.... some tcp packets will be sent to your device while other packet will be sent to the true gateway.....sslstript must be used to issue a fake key and certificate but somehow it does not work well after you left it for a while to capture ( i don't know why) ..... however sslstrip and ettercap is a perfect combination..just leave it to capture for a while you will see you will have SOME sort of success!:) Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.