Jump to content

Recommended Posts

Posted (edited)

I guess you could ssh into the mark v and see if it will install and work.

I did see yours or someone's post on it.

I did a quick search, xiaopan may have said it was openwrt compatible, not positive though.

I wonder if this might be part of the coming mark v reboot in August.

Probably it will be kind of hush hush, wink and nod until then, if it is.

Who knows?

Edited by xrad
  • 1 month later...
Guest spazi
Posted

Hehe Whistlemaster, I knew it was only a matter of time before you were going to make an infusion.
Awesome stuff mate!

Posted

the suspence for the new fw is killing me

This is not related to the new firmware. This is an new infusion for sslsplit.

sslsplit is a transparent SSL/TLS proxy whereas ssltrip transparently converts a secure https connection into a plain HTTP connection, this is why web sites are now using hsts.

sslsplit is really helpful during mobile application pentesting. Then, for sslsplit to work correctly and avoid warning on user-side, you need to install the certificate generated.

Posted

I don't suppose u have a date for the module release? Looking forward to it. Havent quite found the time to try it manually yet. Good job again with all the modules Whistlemaster

Posted

Hats off to you Whistle Master on not just for giving us sslsplit but also for updating the other infusions making them compatible with the current firmware.

Regarding SSLsplit,

Are there any instructions for this. Seems to be strait forward, but when I press the start button and go to gmail, hotmail, etc.. I get this message:

sslsplit.jpg

Is there a workaround to this?

As always, MANY MANY thanks!

Posted

The log does split in undred of them.

January 01 2014 06:04:10 [view | download | delete]
January 01 2014 06:03:58 [view | download | delete]
January 01 2014 06:03:07 [view | download | delete]
January 01 2014 06:03:04 [view | download | delete]
January 01 2014 06:02:59 [view | download | delete]
January 01 2014 06:02:48 [view | download | delete]
January 01 2014 06:02:31 [view | download | delete]
January 01 2014 06:02:27 [view | download | delete]
January 01 2014 06:02:23 [view | download | delete]
January 01 2014 06:02:22 [view | download | delete]

It would be cool to get all of them in just one.

Posted (edited)

Many thanks Whistle Master. Will grab it a little later tonight.

Cheeto, that's how it works. It isn't like SSLstrip where it tries to simply remove SSL. Instead it has the attacker pretend to be the end user to the actual website and then applies its own encryption before passing on the data to the victim machine. This new encryption has a different set of keys and a different certificate. Unless you work for a real certificate authority (CA), you can't create automatically trusted certificates. As such, you have to make your own CA that obviously, no one even knows exists by default. To avoid messages like the one you got, you must add your new CA to the list of trusted CA's in your browser. It's fairly simple to do. Here's a link on how to do it (as well as use SSLsplit in general): http://blog.philippheckel.com/2013/08/04/use-sslsplit-to-transparently-sniff-tls-ssl-connections/#Create-and-install-root-CA-certificate

Edited for typo's

Edited by King_Hrothgar

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...