willbro Posted May 15, 2015 Share Posted May 15, 2015 Hello all Currently i am aware that there are two methods one being Delorean and the other being SSLSTRIP2/HSTS. Is there any other methods to defeat HSTS ? Are we able to use Delorean or SSLSTRIP2 with the wifi pinapple yet ? Is there anyway that we can set the Wifi Pineapple to leave alone https traffic and the only log http traffic maybe through dns? Thanks in advance Quote Link to comment Share on other sites More sharing options...
Sildaekar Posted May 15, 2015 Share Posted May 15, 2015 (edited) While I'm not sure on SSLSTRIP2, there is a Delorean infusion for the Pineapple available, it is a CLI infusion which you can find more info here. As far as other methods feel free to search around...here are a few interesting topics on these forums: https://forums.hak5.org/index.php?/topic/35276-just-another-ssl-mitm-question/ https://forums.hak5.org/index.php?/topic/35191-because-sslstrip-i-do-not-work/ https://forums.hak5.org/index.php?/topic/34996-sslstrip-question/ Edited May 15, 2015 by Sildaekar Quote Link to comment Share on other sites More sharing options...
sud0nick Posted May 15, 2015 Share Posted May 15, 2015 SSLStrip2 is not on the Pineapple yet. I'm not sure if anyone has even tried making an infusion for it. The version I linked to appears to be a simple python script that only requires dns2proxy (another python script) to function. That would be really simple to put on the Pineapple assuming this version works. I think everyone is just waiting for MiTM Proxy. Quote Link to comment Share on other sites More sharing options...
willbro Posted May 15, 2015 Author Share Posted May 15, 2015 Thanks for your responses If i set up sslstrip2 and dns to reverse changes on vps would that work? Could i somehow forward all traffic from the wifi pineapple to a vps with the above setup? Quote Link to comment Share on other sites More sharing options...
crazyclown Posted May 15, 2015 Share Posted May 15, 2015 Thanks for your responses If i set up sslstrip2 and dns to reverse changes on vps would that work? Could i somehow forward all traffic from the wifi pineapple to a vps with the above setup? There is some success rate, but not on the latest browsers. Futhermore, dns2proxy won't work on the Pineapple. Not sure what you hope you achieve by forwarding traffic to a VPS, but you can do that using IP tables. Quote Link to comment Share on other sites More sharing options...
willbro Posted May 16, 2015 Author Share Posted May 16, 2015 My thoughts with the VPS were that i could run dns2proxy and other software that dosent work on the pineapple to do the logging there. My Last question is can we leave https alone and just log http.Not all sites are https so with iptables could we tcpdump on port 80 and maybe forward all https traffic to act normally to avoid the user seeing suspicious warnings on https sites.In my opinion it would be better to log just http than nothing at all. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.