echemmon Posted October 8, 2014 Share Posted October 8, 2014 Hi I was always able to do a mitm attack targetting a specific IP and using sslstrip, ettercap, arpspoof, ... But today I tried (for the first time) to do the whole network at once and it was like sslstrip wasn't doing anything. No errors whatsoever and yet all I could see was the usual "sslstrip 0.9 by Moxie Marlinspike" and then nothing. When I target one computer I usually do something like: echo 1 > /proc/sys/net/ipv4/ip_forward iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-ports 10000sslstrip -a -k -farpspoof -i wlan0 -t <targetIP> -r <gatewayIP>ettercap -Tq -L etterlogs -i wlan0urlsnarf -v -i wlan0 and it works. To do the whole network I tried the same only replacing the <targetIP> by the Bcast (ie 192.168.1.255). I think one time it said "couldn't arp for ..." So then I tried method 2: echo 1 > /proc/sys/net/ipv4/ip_forwardiptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 10000ettercap -T -q -i wlan0 -M ARP:REMOTE // //sslstrip -a -l 10000urlsnarf -i wlan0 It ran I think but nothing happened and I couldn't see the traffic. What am I doing wrong? I'm not very experienced at this and if anyone knows a better way to do an sslstrip on the whole network I'd be grateful. I have the latest version of Kali btw. Cheers Quote Link to comment Share on other sites More sharing options...
Computer_Security Posted October 27, 2014 Share Posted October 27, 2014 IF you are looking into doing a MITM attack on the whole network then why don't you just open up wireshark and do it that way? Quote Link to comment Share on other sites More sharing options...
cooper Posted October 27, 2014 Share Posted October 27, 2014 The advice to look at wireshark seconded. One thing that might be the problem here is that you've accidentally targeted your own machine in the arp-spoofing part of your attack. So when you want to send on traffic to the gateway machine, your machine will send it back to itself, thinking it's transmitting the packet to the gateway. Result is an endless loop rather than a flow of data that ssl-strip can work with. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.