Jump to content

Defeating HSTS


Recommended Posts

Hi everyone,

As I just recieved my pineapple mark IV, some questions come to me...

With the implementation of hsts, sslstrip became a little bit inefficient... (even if I can harvest some of my credentials).

I'd like to know a few things :

Does someone already test dns2proxy with sslstrip2 from Leonardo Nve ? https://github.com/LeonardoNve

How does it works? Cause i'm quite new to this, and i wasn't able to make them work together on my computer.
It's ok for the dns which redirect sites to a fake adress when i do a nslookup (like facebook pointing to but sslstrip didn't return me anything.

And, it is possible to make an infusion of those to script for a pineapple? (mark IV if possible).

And there is the last one, the one i'm ashamed of... how to change my dhcp conf?

Sorry if my english seems wierd, i'm french.

And thanks :)

Link to comment
Share on other sites

Hey FircusCreak

I'm not sure but it's maybe the same path (common Debian system)

You can use your favorite editor (like Nano or Vi)

I'm going to work on the HSTS problem in 2 weeks. If I find something I'll be back here.
Leonardo method are probably the good way.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...