warmotion Posted July 30, 2014 Share Posted July 30, 2014 Hello, I just received my wifi pineapple mark v, I put sslstrip running, but I only worked on hotmail.com, if I try to go to facebook or youtube the security HTTPS still on, can someone help me on this?. thank you Quote Link to comment Share on other sites More sharing options...
i8igmac Posted July 30, 2014 Share Posted July 30, 2014 Try m.facebook,com from multiple browsers on ur phone... kinda works for me lol I think they are cracking down on these kind of exploits... what browser works with sslstrip? did u try ie? Quote Link to comment Share on other sites More sharing options...
warmotion Posted July 30, 2014 Author Share Posted July 30, 2014 google chrome and firefox Quote Link to comment Share on other sites More sharing options...
i8igmac Posted July 30, 2014 Share Posted July 30, 2014 Run some test on browsers. List working and none working... could be use full list... Quote Link to comment Share on other sites More sharing options...
Darren Kitchen Posted July 31, 2014 Share Posted July 31, 2014 It depends on the browser and the way the site has implemented the security. I recommend reading up on HSTS and TLS Attacks http://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security http://en.wikipedia.org/wiki/BEAST_(computer_security)#Attacks_against_TLS.2FSSL For those who like pretty graphs there's https://www.trustworthyinternet.org/ssl-pulse/ Quote Link to comment Share on other sites More sharing options...
i8igmac Posted July 31, 2014 Share Posted July 31, 2014 Just a idea. Ill test when I have time... hsts from a quick glance is determined by the user agent I'll try and swap the user agent. I'm sure some browsers will not like this, could be worth a try. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.