[Official - Not yet released] SSLstrip

[Whistle Master]

Module: SSLstrip

Version: 1.0

Features:

• Install dependencies
• Manage firewall rules
• Live output with filter options
• Run History
• Autostart on boot

​

[M47H3W]

I know that there's a SSLStrip module for the Nano but I am wondering, what version is it? Is it the version 1 one or is it version 2 that utilizes some stuff with the DNS to get rid of the HSTS headers?

[Whistle Master]

It's the v1 for the moment.

[kingoddball]

Hello!

My Nano arrived today - I need to learn how to use it a little better; seems a little awkward, sometimes I can join other times I cannot. That's a later problem. So...

I saw a forum post about sslstrip 1.0 but I cannot find it in the module download page.

Is anyone able to help with how to install?

I found a few good ones and so far my favourite is urlsnarf (thank you creator! It's great). Have not tried much else yet.

If anyone can help can help with sslstrip that would

Be great!

So far the nano is pretty cool! Better than I expected, just a learning curve required I think.

Thanks!!

[PaulFinch]

Hi, i just think it will be available later. As the nano is quite new, more and more modules appear slowly...

So, just wait ... Not sure it will be long

[jwells13]

I just got my pineapple nano a couple of days ago and was looking into sslstrip but I can't seem to find anything about it with the nano only with the MARK V. Is there any way to install sslstrip on the pineapple nano?

[sud0nick]

https://forums.hak5.org/index.php?/topic/37077-sslstrip/

[s36]

First, Thank you Whistle Master for all of your work!  I have been learning a lot from your modules.

Sorry for what I'm sure is a basic question.  I have tried searching as best I can...  how can I obtain an updated version of sslstrip (0.5.0) ?  I can't find a compiled one and from what I have read I can't compile on the pineapple.  I'm completely new to cross compiling in linux, but if that's the direction I need to go I will figure it out.  If anyone can point me in the right direction I would appreciate it!

Reason for it is the need to work with sha256 which has been added to version 0.5.0.

Thanks!

[phoenix916]

hello, in can't find in the gui or opkg install sslstrip

 

it says :

 opkg install sslstrip
Unknown package 'sslstrip'.
Collected errors:
 * opkg_install_cmd: Cannot install package sslstrip.
 

thanks

 

jl

 

[phoenix916]

hi

for all 

un install from the GUI

from root

 opkg install sslstrip

install from gui, check depend

it's OK

[SystemCrash86]

Just wondering if there will be a module for sslstrip for the wifi pineapple nano and tetra?

There is still one for the mark 5 and that's it.

[b0N3z]

@Zylla has been working on it for sometime but has been waiting to upload to the module manger to make sure it works no matter what.

[SystemCrash86]

Ok that's good, i didn't know if anyone was working on it. I'm glad someone is working on it and it's great to know @Zylla is actually taking the time to make sure it works and not rushing it. It makes for a better module.

Can't wait to see the finished product.

[iHaveBlueHair]

I am unable to find a module for sslstrip or sslstrip2 (and by extension, dns2proxy) for the Tetra.  Is someone developing a module for them or are there work-around manual installs for them.

 

Thank you for your time,

- iHaveBlueHair

[Lord_KamOS]

12 minutes ago, iHaveBlueHair said:

sslstrip

Because its outdated, the pineapple has SSLSplit (does the same) and SSLStrip2

 

[iHaveBlueHair]

Thank you!

[crystal]

On 7/20/2017 at 11:07 AM, Lord_KamOS said:

Because its outdated, the pineapple has SSLSplit (does the same) and SSLStrip2

SSLsplit is not the same as SSLstrip.

@Whistle Master Are you still working on this module?

[Whistle Master]

Well, the module is ready but not the dependencies, which is on @Sebkinne's hands.

But as sslstrip2 is working (Thanks to @Zilla), I wonder if I should not see with him to make a module out of his work.

[Just_a_User]

26 minutes ago, Whistle Master said:

But as sslstrip2 is working (Thanks to @Zilla), I wonder if I should not see with him to make a module out of his work.

That Collaboration would be great!

Maybe you could also build in this one into site survey @Whistle Master  you can use it to both target individual SSID's as well as blanket gathering :)  I have  used it and found the handshake files to be much more reliable.

 

[nacho77]

Hi Whistle Master... i have a question...

you have sslstrip module working con pineapple NANO? you can share this module for testing? thanks for your time.

[ngotri]

Hi all,

when I start sslstrip victim can't connect internet, I using firmware 2.0.2,  please help me, thanks all

[ngotri]

please help me 

[Zylla]

10 minutes ago, Zylla said:

Yeh, that's what i suspected.
Either you can add these two lines to this file: /etc/profile :

export PATH=$PATH:/sd/usr/bin:/sd/usr/sbin:/sd/bin:/sd/sbin
export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/sd/lib:/sd/usr/lib:/lib:/usr/lib

OR. Download this version i posted to pastebin, and repliace your version with it. (It will give you a fancy red terminal when logging in with SSH as well)

This should fix your issues. (Reboot the nano after making the changes)
Tagging you @Sebkinne. Just in case you werent aware of this. :)

 

[Virgula]

I'm trying to configure out an attack on my router... so I set successfully the attack and pineapple create the "free wifi " from wpa2 protected device....

Now I'm trying to use ssltrip to intercept passwords on https... and I connected my device to test this...

I start ssltrip but If I go on an https site from my phone trying to access, ssl trip is still freezed on this moment forever and it doesn't work:

Why? how can I resolve?

[l1ghtman]

For some reason, I can not find the module that would downgrade HTTPS to HTTP, however, I see a lot of tutorials on what seems to be an older version of wifi pineapple that has that functionality included.

My questions are:

1) Is there a way for me to install a module, from, let's say GitHub?

2)Is there a module that is able to do the functionality that I described above?