Jump to content

[Support] sslsplit

buckboy223

By buckboy223
in Mark V Infusions

 Share

Recommended Posts

xrad Newbie

xrad

Posted
Posted (edited)

I guess you could ssh into the mark v and see if it will install and work.

I did see yours or someone's post on it.

I did a quick search, xiaopan may have said it was openwrt compatible, not positive though.

I wonder if this might be part of the coming mark v reboot in August.

Probably it will be kind of hush hush, wink and nod until then, if it is.

Who knows?

Edited by xrad
Link to comment
Share on other sites
  • 1 month later...
Whistle Master Newbie

Whistle Master

Posted
Posted

the suspence for the new fw is killing me

This is not related to the new firmware. This is an new infusion for sslsplit.

sslsplit is a transparent SSL/TLS proxy whereas ssltrip transparently converts a secure https connection into a plain HTTP connection, this is why web sites are now using hsts.

sslsplit is really helpful during mobile application pentesting. Then, for sslsplit to work correctly and avoid warning on user-side, you need to install the certificate generated.

Link to comment
Share on other sites
cheeto Newbie

cheeto

Posted
Posted

Hats off to you Whistle Master on not just for giving us sslsplit but also for updating the other infusions making them compatible with the current firmware.

Regarding SSLsplit,

Are there any instructions for this. Seems to be strait forward, but when I press the start button and go to gmail, hotmail, etc.. I get this message:

sslsplit.jpg

Is there a workaround to this?

As always, MANY MANY thanks!

Link to comment
Share on other sites
ARDETROYA Newbie

ARDETROYA

Posted
Posted

The log does split in undred of them.

January 01 2014 06:04:10 [view | download | delete]
January 01 2014 06:03:58 [view | download | delete]
January 01 2014 06:03:07 [view | download | delete]
January 01 2014 06:03:04 [view | download | delete]
January 01 2014 06:02:59 [view | download | delete]
January 01 2014 06:02:48 [view | download | delete]
January 01 2014 06:02:31 [view | download | delete]
January 01 2014 06:02:27 [view | download | delete]
January 01 2014 06:02:23 [view | download | delete]
January 01 2014 06:02:22 [view | download | delete]

It would be cool to get all of them in just one.

Link to comment
Share on other sites
King_Hrothgar Newbie

King_Hrothgar

Posted
Posted (edited)

Many thanks Whistle Master. Will grab it a little later tonight.

Cheeto, that's how it works. It isn't like SSLstrip where it tries to simply remove SSL. Instead it has the attacker pretend to be the end user to the actual website and then applies its own encryption before passing on the data to the victim machine. This new encryption has a different set of keys and a different certificate. Unless you work for a real certificate authority (CA), you can't create automatically trusted certificates. As such, you have to make your own CA that obviously, no one even knows exists by default. To avoid messages like the one you got, you must add your new CA to the list of trusted CA's in your browser. It's fairly simple to do. Here's a link on how to do it (as well as use SSLsplit in general): http://blog.philippheckel.com/2013/08/04/use-sslsplit-to-transparently-sniff-tls-ssl-connections/#Create-and-install-root-CA-certificate

Edited for typo's

Edited by King_Hrothgar
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...