Jump to content

How to generate a valid cert for Sslsplit and...

daniboy92

By daniboy92
in WiFi Pineapple Mark V

 Share

Recommended Posts

daniboy92 Newbie

daniboy92

Posted
Posted (edited)

Hello everyone,

I was playing with sslsplit, trying to get some passwords with my phone as a victim. I have two little problems...

1) How to generate a valid ssl cert to avoid Browser's warning...

2) How can i sniff my whatsapp? I've read that sslsplit can do something with Whatsapp, but i was trying and nothing happends.

Sorry if i am doing stupids questions.

Thanks for advance.

One more thing...

3) Webs doesn't show properly, it only shows words, but not images,

Edited by daniboy92
Link to comment
Share on other sites
Whistle Master Newbie

Whistle Master

Posted
Posted (edited)

Are you talking about the infusion ?

If you are talking about the sslsplit infusion, yes, the infusion will generate a self-signed certificate at the installation of the infusion. And in the configuration, I put a rule to redirect WhatsApp traffic to sslsplit :smile:

Now that's said, if you want to avoid the browser warning due to the self-signed certificate, you will have to buy a real ssl certificate and put it in the infusion's folder where are stored the certificate.

Edited by Whistle Master
Link to comment
Share on other sites
pats Newbie

pats

Posted
Posted

Are you talking about the infusion ?

If you are talking about the sslsplit infusion, yes, the infusion will generate a self-signed certificate at the installation of the infusion. And in the configuration, I put a rule to redirect WhatsApp traffic to sslsplit :smile:

Now that's said, if you want to avoid the browser warning due to the self-signed certificate, you will have to buy a real ssl certificate and put it in the infusion's folder where are stored the certificate.

Offtopic, but the whatsapp data is stored in a log file, but it is still jibberish.

Link to comment
Share on other sites
commdogg Newbie

commdogg

Posted
Posted

I've been trying to find a way to get a "rouge CA" cert to install on a "victim" trust center.

However, it looks like unless you are on a domain and you have admin access to the DC to push a cert via GPO, clever trickery with social engineering is the best I can come up with.

I've been researching (when I have time) if there any cool client side attack payloads I can use to do that. But so far, Nada.

You can't falsify a valid cert, but certain proxies will do an SSL MITM and re sign their own cert to make it appear to the client browser it came from the site and not the proxy. However, the CA for the proxy needs to be trusted by the client, hence my problem above. The Squid3-dev package does this pretty smoothly. I just don't have several thousand dollars and a good reason to give verisign as to why I need an intermediate CA certificate from them. Its pretty pointless from the academic standpoint anyway. It would only be useful if I was actually going to use it, which I won't because jail sucks.

Me thinks this infusion will be ultra cool for phone apps. I'll betcha many of them don't actually check the SSL cert presented to it.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...