Jump to content

sslstrip digital signature --I Think?

ledaohio

By ledaohio
in Security

 Share

Recommended Posts

ledaohio Newbie

ledaohio

Posted
Posted

No clue what is wrong...

I have been at this half the day trying to figure it out and thought i'd poke around and watched a few of the Hak5 videos about sslstrip and nope notta...

Driftnet, urlsnarf, etc work fine but a "tail -f sslstrip" gives me gobble-dee-gook after all seems to be running okee doke-like..

See attached images and err.. Using my DNLA server as the victim, it looks like nazibook has a new digital gizmo in the way when I load it.

Can you tell me what is up?

Heeeelp me :/
...Leda

--commands used--

post-49078-0-74297300-1416885186_thumb.j

post-49078-0-54526200-1416885201_thumb.j

Link to comment
Share on other sites
ledaohio Newbie

ledaohio

Posted
  • Author
Posted (edited)

I can't help with the answer but have to say, it is nice to see someone asking a question well. Commands are provided, background and evidence that you've tried to find the answer.

Thanks! I've been super green before like.. When I was 12've hehe

I just read a post a second ago that gave me a chuckle about tard questions..

https://forums.hak5.org/index.php?/topic/34039-teach-me-how-to-install-alfa-awus036nhr-v2-driver-in-ubuntu-please/#entry253783

:wacko:

Edited by ledaohio
Link to comment
Share on other sites
cooper Newbie

cooper

Posted
Posted

I think they're doing a Facebook on you. Basically, something javacript-y is pre-encrypting the data prior to transmission.

Unless you can figure out the encryption and reverse it, this is as far as she'll go.

Link to comment
Share on other sites
ledaohio Newbie

ledaohio

Posted
  • Author
Posted

I think they're doing a Facebook on you. Basically, something javacript-y is pre-encrypting the data prior to transmission.

Unless you can figure out the encryption and reverse it, this is as far as she'll go.

I have a new screen capture of "tail -f sslstrip.log" for ya.. Notice the last and only legible lines..

It appears to be a bugger within my Python.. Whatcha think?

(see attached)

Save me some time digging..

What are the command lines to remove Python and re-get it? "apt-get remove python" maybe? Then apt-get install..

I don't wanna screw it up if that is not it.. What's the blow by blow to accomplish this mission..

:tongue:

CRAP: When attaching image I am getting "Error This file was too big to upload"

It is NOT.. I even shrunk it in photoshop to 89kb

Okay.. Hmm, here ya go then..

http://i1344.photobucket.com/albums/p647/Leda_May/FIX_Capture_zps0a9fc7b3.jpg

Link to comment
Share on other sites
cooper Newbie

cooper

Posted
Posted

$ man apt-get | grep reinsta -A2
--reinstall
Re-Install packages that are already installed and at the newest
version. Configuration Item: APT::Get::ReInstall.

Link to comment
Share on other sites
ledaohio Newbie

ledaohio

Posted
  • Author
Posted (edited)

$ man apt-get | grep reinsta -A2

--reinstall

Re-Install packages that are already installed and at the newest

version. Configuration Item: APT::Get::ReInstall.

BLAD NAST IT!

lol

Maybe it's the Flux Capacitor?

DANG IT!!! Says this file is too big as well.. What is up with that ..too ?

Here it is..

http://i1344.photobucket.com/albums/p647/Leda_May/ACK_Capture_zps7842add1.jpg

Edited by ledaohio
Link to comment
Share on other sites
ledaohio Newbie

ledaohio

Posted
  • Author
Posted

That dollar sign is the command prompt. It's what 'normal' users see.

You Kali users with your non-stop root access....

*tapping foot* :)

Okay.. This is getting frustrating now.. It did nothing other than echo exactly what you said to do.. ... Are you messing with the newbie.. What gives?

:angry:

http://i1344.photobucket.com/albums/p647/Leda_May/Capture_zpsafd9e617.jpg

Link to comment
Share on other sites
ledaohio Newbie

ledaohio

Posted
  • Author
Posted

I just ran the below and I still get the Gobble-Dee-Gook..

--paste--

wget http://python.org/ftp/python/3.3.2/Python-3.3.2.tgz && tar -xvf Python-3.3.2.tgz
cd Python-3.3.2
./configure
make
make altinstall
apt-get install idle3

--end--

Will you maybe gimme the syntax like above to remove and reinstall I can complete this mission?

NEW CAPTURE HERE DOING SAME THING:
http://i1344.photobucket.com/albums/p647/Leda_May/Capture_zpsc2d1b1e4.jpg

Link to comment
Share on other sites
cooper Newbie

cooper

Posted
Posted

Okay. Very, veeeeery slowly.

The 'man' command stands for "manual". So when something starts with "man apt-get" you're going to get the manual page to the apt-get command on the screen.

The '|' character takes the output of the bit that comes before it and uses it as input for the command that comes after it.

The 'grep' command looks for something on its input and if it finds it, it displays the line whereas all else is simply ignored. By including the "-A 2" you're telling grep that you want the 2 lines immediately After a match to be printed aswell.

So in that 1 line your computer looked at the manual for the apt-get command, searched it for anything resembling "reinsta" and print any matching lines, plus the 2 lines immediately following that match. Given the output, we can now deduce that the apt-get command has a "--reinstall" parameter that would appear to be capable of doing exactly what you want.

Link to comment
Share on other sites
ledaohio Newbie

ledaohio

Posted
  • Author
Posted

ArrrG! LMBO

but but but.. I wanted you to hold my hand and walk me thru it, not gimme more mumbo jumbo rigga ma roo.

SO.. Lemme see if I got this..
apt-get --reinstall python

Gonna try that sec.. wait here brb..

Bzzzt! Nope.. But I did run: apt-get --reinstall update (and) upgrade..
I do appreciate your explaining each line.. But, can you put the exact line syntax needed in your reply too.. Just like it needs entered?
Or, can I pester you Real-Time via twitter or IRC chat instead?

...and I want a pony! *batting lashes*


Link to comment
Share on other sites
ledaohio Newbie

ledaohio

Posted
  • Author
Posted

Try just running

man apt-get

and reading that. Come back here if you have more questions.

Good morning..

I see.. In other words.. "Read the manual more" and come back with more understanding of the command line. ACK.. But.. I understand :/

But, it appears it will be a week or so till I can work on this anymore because my 4TB Fantom 3.0 USB drive I have these O/S's installed on thru Vmware is giving me fits.

I just got the drive this past Aug. and it's already buggering on me.

Last night I got it working again on a USB 2.0 slot and copied just over 2TB stuff off it to other drives while I slept with no problems. Now I gotta wait for this RMA process crap..

It was odd.. After the AsRock mobo puked on me, I installed a new ASUS P9X79 LE mobo and ever since then it started acting funky.. This ASUS mb has a USB 3.0 boost option I thought was wigging it out so, I disabled that and it seemed fine for a while.. Then Blammo.. Yesterday eve the little light on it would start blinking within 5 min every time. Only a power off of everything and reboot would get it back.

I have all the new P9X79 LE drivers installed etc so maybe this drive was made on a Monday when all the .3 cent an hour workers had a weekend hangover? HA

Welp, sorry to be a pain and I will be sure to Poke Pester and Annoy you in the near future.. Bet you can hardly wait?

Leda

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...