Jump to content

SSL Strip


czepeda

Recommended Posts

Hey guys,

Just got my Mark V and I definitely have watched a ton of tutorials.

My question is does the SSL strip feature even work?

When I connect a client to the Pineapple AP on Chrome and Mozilla it don't budge every connection stays htttps:\\

On Internet Explorer some connections do change to http:\\ but Facebook won't even load and some connections take decades to load?

If you guys can help me out, because in all the youtube tutorials it seems that even mozilla loads so seemless.

Or is it that chrome, mozilla fight against SSL strip attacks.

I was looking so forward to getting it, but if this is the case it really sucks.

Thanks for the responses!!!

Link to comment
Share on other sites

Most websites have changed their implementation of SSL. sslstrip no longer works on them. And they changed that implementation in a way that there's no simple fixes for sslstrip to make it work. Good for them. That was something sslstrip did well - it forced sites like Twitter and Facebook and Amazon and eBay, as well as banking sites to fix their security.

There are obviously people working on breaking SSL again. About the time they break it and the sites fix it again, us non-professionals will get access to whatever replaces sslstrip. By the time we get it, it won't work either.

There's things they can't fix, which is why things like the Rubber Ducky scare the crap out of them.

Link to comment
Share on other sites

Makes complete sense and that it what I figured. I usually run Cain and Able and have been extremely successful with for emails and people running IE, so I'll stick with that.

What are the basic attacks or things you recommend I start at for the Pineapple? It is just so overwhelming how much stuff it has, I just need some guidance on where to start and what I can be successful doing.

Thanks

Link to comment
Share on other sites

Well, Karma still works on a lot of devices, and PineAP seems like it's pulling in connections. evilportal - nodogsplash with dnsspoof can yield the same results as sslstrip and that's something they can never *fix* because 90-something percent of people believe something that looks like Facebook IS Facebook. Same with any other login page. For pen testing, security audits it doesn't matter how you penetrate as long as you do. (that's besides it being fun)

Takes some practice and a little coding to use those methods, but once you've built your evil versions of those website front ends and the scripts to utilize them, you're going to pull in credentials often enough to make it worth the trouble.

Takes some practice, but learning stuff is what hacking is supposed to be about.

All this is, of course, just my opinion. Look for stuff they can't secure. Like human nature.

Link to comment
Share on other sites

Also, if you don't want to go through the trouble of Karma and PineAP, a honey pot AP still works and always will. All that takes is a good name. I've used "Free Fast and Private WiFi" and that brings in more connections than Karma and PineAP. People just don't use their noggins. "McDonald's #2" and "Starbucks Open" are a bit of a risk. Unnecessary too.

"Free WiFi" works, and you aren't using anyone else's name.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...