Jump to content

sslstrip


telot

Recommended Posts

So I got tcpdump working like a charm (as long as you utilize a sshfs destination so you don't fill up the tiny MBs of onboard), but like any good hacker, I want to strip those pesky ssl's. Browsers have certainly come a long way since moxie blessed us with the fruit of his labors, but its still fun to play around with, despite it being somewhat deprecated. I dug up my old thread on getting sslstrip to work with the pineapple (long before the Amazing Whistlemaster made it a module):

https://forums.hak5.org/index.php?/topic/26759-full-sslstrip-guide/

and everything works great up until the iptables prerouting portion. Can any iptables-fu ninja help me out with the appropriate commands to run to get it to work? Or is this just not possible with the lan turtle? Many thanks!

telot

Link to comment
Share on other sites

I started playing around with this today and thought I had it working... turns out, once I started browsing on the victim host, sslstrip threw a bunch of exception errors. I do not belive the problem was with my iptables though, I think it was with my installation over sshfs. Let me describe what I did to see if I was in the right direction...

1) SSH into turtle and enable, start, and verify SSHFS is operational (mounted at /sshfs)

2) Added a new line at the end of /etc/opkg.conf file.

dest sshfs /sshfs

3) Install sslstrip to mounted sshfs

opkg install --dest sshfs sslstrip

4) link to python2.7 dependencies (where I think my issues are....)

ln -s /sshfs/usr/lib/python2.7/ /usr/lib/python2.7

5) setup init file

touch /sshfs/usr/lib/python2.7/site-packages/zope/__init__.py

6) verify port forwarding is enabled (should be 1). Mine was already enabled by default

cat /proc/sys/net/ipv4/ip_forward

7) setup iptables to redirect traffic. I made sure to explicitly define the interface, maybe this is where you were having problems @telot?

iptables -t nat -A PREROUTING -i br-lan -p tcp --dport 80 -j REDIRECT --to-port 6969

8) start sslstrip

sslstrip -l 6969

It will function as normal until a website is requested, then sslstrip throws the following errors

sslstrip 0.9 by Moxie Marlinspike running...
Traceback (most recent call last):
  File "/usr/lib/python2.7/site-packages/twisted/python/log.py", line 48, in callWithLogger
    return callWithContext({"system": lp}, func, *args, **kw)
  File "/usr/lib/python2.7/site-packages/twisted/python/log.py", line 33, in callWithContext
    return context.call({ILogContext: newCtx}, func, *args, **kw)
  File "/usr/lib/python2.7/site-packages/twisted/python/context.py", line 59, in callWithContext
    return self.currentContext().callWithContext(ctx, func, *args, **kw)
  File "/usr/lib/python2.7/site-packages/twisted/python/context.py", line 37, in callWithContext
    return func(*args,**kw)
--- <exception caught here> ---
  File "/usr/lib/python2.7/site-packages/twisted/internet/selectreactor.py", line 139, in _doReadOrWrite

That makes it seem like my forwarding is working, but sslstrip is not...likely due to the sshfs mount... I wonder if the "thou shalt not install kernal modules on USB storage" also applies for SSHFS mounts. ;) - source https://dev.openwrt.org/ticket/10739

Tomorrow I am going to just download the standalone tarball and execute sslstrip without performing an installation and see what happens...

Link to comment
Share on other sites

  • 3 months later...
  • 3 weeks later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...