Jump to content

HSTS Methods


willbro
 Share

Recommended Posts

Hello all

Currently i am aware that there are two methods one being Delorean and the other being SSLSTRIP2/HSTS.

Is there any other methods to defeat HSTS ?

Are we able to use Delorean or SSLSTRIP2 with the wifi pinapple yet ?

Is there anyway that we can set the Wifi Pineapple to leave alone https traffic and the only log http traffic maybe through dns?

Thanks in advance

Link to comment
Share on other sites

While I'm not sure on SSLSTRIP2, there is a Delorean infusion for the Pineapple available, it is a CLI infusion which you can find more info here. As far as other methods feel free to search around...here are a few interesting topics on these forums:

https://forums.hak5.org/index.php?/topic/35276-just-another-ssl-mitm-question/

https://forums.hak5.org/index.php?/topic/35191-because-sslstrip-i-do-not-work/

https://forums.hak5.org/index.php?/topic/34996-sslstrip-question/

Edited by Sildaekar
Link to comment
Share on other sites

SSLStrip2 is not on the Pineapple yet. I'm not sure if anyone has even tried making an infusion for it. The version I linked to appears to be a simple python script that only requires dns2proxy (another python script) to function. That would be really simple to put on the Pineapple assuming this version works. I think everyone is just waiting for MiTM Proxy.

Link to comment
Share on other sites

Thanks for your responses

If i set up sslstrip2 and dns to reverse changes on vps would that work?

Could i somehow forward all traffic from the wifi pineapple to a vps with the above setup?

There is some success rate, but not on the latest browsers. Futhermore, dns2proxy won't work on the Pineapple.

Not sure what you hope you achieve by forwarding traffic to a VPS, but you can do that using IP tables.

Link to comment
Share on other sites

My thoughts with the VPS were that i could run dns2proxy and other software that dosent work on the pineapple to do the logging there.

My Last question is can we leave https alone and just log http.Not all sites are https so with iptables could we tcpdump on port 80 and maybe forward all https traffic to act normally to avoid the user seeing suspicious warnings on https sites.In my opinion it would be better to log just http than nothing at all.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...