warmotion Posted July 30, 2014 Posted July 30, 2014 Hello, I just received my wifi pineapple mark v, I put sslstrip running, but I only worked on hotmail.com, if I try to go to facebook or youtube the security HTTPS still on, can someone help me on this?. thank you Quote
i8igmac Posted July 30, 2014 Posted July 30, 2014 Try m.facebook,com from multiple browsers on ur phone... kinda works for me lol I think they are cracking down on these kind of exploits... what browser works with sslstrip? did u try ie? Quote
i8igmac Posted July 30, 2014 Posted July 30, 2014 Run some test on browsers. List working and none working... could be use full list... Quote
Darren Kitchen Posted July 31, 2014 Posted July 31, 2014 It depends on the browser and the way the site has implemented the security. I recommend reading up on HSTS and TLS Attacks http://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security http://en.wikipedia.org/wiki/BEAST_(computer_security)#Attacks_against_TLS.2FSSL For those who like pretty graphs there's https://www.trustworthyinternet.org/ssl-pulse/ Quote
i8igmac Posted July 31, 2014 Posted July 31, 2014 Just a idea. Ill test when I have time... hsts from a quick glance is determined by the user agent I'll try and swap the user agent. I'm sure some browsers will not like this, could be worth a try. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.