pdb1977 Posted April 16, 2014 Posted April 16, 2014 (edited) Having an issue with sslstrip. When I was first using sslstrip everything seemed OK. Now slowly its just not working. I have a test setup at home, i have a zyxel router with just WiFi setup (no DSL) and I have 2 different laptops both running Windows 7 as my target machines. With sslstrip at first, the pages wouldn't be displayed. I was getting the page cannot be displayed error, but if I tap F5(refresh) the page would appear. Then after a while it would take 2/3 taps of F5 to get the page up and now it doesn't show at all - Just page cannot be displayed. Finally when I try to start sslstrip its says sslstrip is running then 1 second later it says sslstrip is not running although it says it is. I have re-flashed the MK5. Also Jammer doesn't work, I have mentioned this before but no one answered my help. Basically is just doesn't deauth anything, I have put the correct MAC into the correct Black/white lists. I have also tried SSH'ing into the Pineapple to run aireplay-ng manully but same results. I have had my MK5 for 4 months and as yet have not been able to do any sort of deployment because im unable to successfully get probably 2 of the main infusions working. Although that said urlsnarf works like a treat. Cheers Paul Edited April 16, 2014 by pabo2uk Quote
Aprex Posted April 16, 2014 Posted April 16, 2014 I know what you mean and it's very annoying indeed. I also have this problem. I'd love a fix or way around. Quote
fanbase Posted April 17, 2014 Posted April 17, 2014 (edited) I also have this problem. After running sslstrip for an hour or so, return and attempt to open or refresh the web to check its progress. It doesn't load. I can ssh into the pineapple, no problem. What really frustrates me, though, is that when I invariably have to unplug the pineapple (or ssh in and kill -9 the PID for sslstrip), I lose everything the log that had been building! Good stuff -- poof! gone, vanished. It's happened about 6-8 times today alone. And I knew I had some good stuff in those logs, too... The problem predates the latest release, but in my subjective experience, seems to have been exacerbated by it? Maybe just coincidence. I'm willing to work with anyone who wants to test/work this problem. Edited April 17, 2014 by fanbase Quote
thesugarat Posted April 17, 2014 Posted April 17, 2014 fanbase, Where is your log being created? Internal or SD card? If it's SD card what speed is the card? Quote
fanbase Posted April 17, 2014 Posted April 17, 2014 I'm logging to the SD card. It's a class 10. Quote
thesugarat Posted April 17, 2014 Posted April 17, 2014 Sounds good... I just don't understand why unplugging would cause you to loose the log file or it's content. Maybe try unplugging first before killing the pid and see what happens. Quote
jo.almeida Posted April 17, 2014 Posted April 17, 2014 I've also had this issue. SSL Strip 1.5 was working fine, since I upgraded to 1.6 it has that issue. Whenever I turn it on, it says sslstrip is running. However after I refresh it, it says not running again. Quote
fanbase Posted April 18, 2014 Posted April 18, 2014 (edited) I tested it again by pulling the plug. What was already in the log stayed saved in the log. A new log, titled "Log_70" -- because the pineapple believes it is January 1970 in the moments immediately after it powers up again (and after auto sslstrip has started) -- picks up where the previous log left off before the crash. So, yes, thesugarat, the error with the logs is partly mine own: Each time I backed up sslstrip logs via scp after repeated crashes/unresponsive webUI/plug-pulling cycles, I overwrote my previous log, which of course was also named "Log_70". The essential problem, however (at least for me and, as I understand it, the OP), is that the web interface periodically crashes -- by which I mean it refuses to load or respond -- even though the pineapple remains responsive through SSH. Some further googling turned up this suggestion: Look for these two proccesses: root@Pineapple:~# ps -ef | grep http 1749 root 1136 S /usr/sbin/uhttpd -f -h /www -r Pineapple -x /cgi-bin 1755 root 1160 S /usr/sbin/uhttpd -f -h /pineapple -r Pineapple -c /e If not, try to restart them. /etc/init.d/httpd script You can also use following command: # /etc/init.d/httpd restart # /etc/init.d/httpd start # /etc/init.d/httpd sto I have no idea if that works but it won't be long (at this rate) before I give a shot. Hope you folks try, as well and report back Edited April 18, 2014 by fanbase Quote
fanbase Posted April 18, 2014 Posted April 18, 2014 As it happens, I had a chance to try the work-around this morning -- and remotely from another city, at that! I SSH'ed into the Pineapple through my VPS, then issued the following command: /etc/init.d/uhttpd restart The web interface, which had previously been hung up and was not loading, popped up instantly when I hit refresh in the browser. Does this solve anyone else's problem? Quote
pats Posted April 23, 2014 Posted April 23, 2014 (edited) Error: No sockets bound, unable to continue I got that message when trying to restart the uhttpd. It goes even further. I can connect to the Pineapple AP. But i have no internet connection. Wlan1 has a internet connection using client mode (my own accespoint/router). For some reason it does not work. Reflashed the MK5. Reinstalled SSLstrip. Tried some stuff with wifimanager. All bad luck. Edited April 23, 2014 by pats Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.