veggiefish Posted June 8, 2016 Share Posted June 8, 2016 And the lib doesnt actually exist in /usr/lib/ Link to comment Share on other sites More sharing options...
veggiefish Posted June 12, 2016 Share Posted June 12, 2016 root@rj45:/sd/modules/tcpdump/dump# opkg install libevent2-openssl Package libevent2-openssl (2.0.22-1) installed in sd is up to date. root@rj45:/sd/modules/tcpdump/dump# sslsplit sslsplit: can't load library 'libevent_openssl-2.0.so.5' root@rj45:/usr/lib# ls | grep libevent root@rj45:/usr/lib# does this currently work for anyone? Can you share your output of above command? Link to comment Share on other sites More sharing options...
zB0o3z Posted June 14, 2016 Share Posted June 14, 2016 Hey this module seams to work fine on my nano, nice work ! I tried the module on a client with chrome, and with all the major https website, they have hsts and so chrome yells at us that there is an attack ... So whats the point of this now that HSTS makes it impossible to use... no? Link to comment Share on other sites More sharing options...
s36 Posted June 14, 2016 Share Posted June 14, 2016 @zB0o3z - the module is being updated to include the latest SSLStrip which will work with SHA256 and resolve the issues you are facing above. Link to comment Share on other sites More sharing options...
veggiefish Posted June 15, 2016 Share Posted June 15, 2016 Hey guys, since its working on yours, could you do me a favour and check your libs? Link to comment Share on other sites More sharing options...
s36 Posted June 15, 2016 Share Posted June 15, 2016 SSLSplit that was! I keep mistyping Link to comment Share on other sites More sharing options...
s36 Posted June 15, 2016 Share Posted June 15, 2016 @veggiefish, here's output... /usr/lib# ls | grep libevent libevent-2.0.so.5 libevent-2.0.so.5.1.10 libevent_core-2.0.so.5 libevent_core-2.0.so.5.1.10 libevent_extra-2.0.so.5 libevent_extra-2.0.so.5.1.10 libevent_openssl-2.0.so.5 libevent_openssl-2.0.so.5.1.10 libevent_pthreads-2.0.so.5 libevent_pthreads-2.0.so.5.1.10 Link to comment Share on other sites More sharing options...
Chilidog42 Posted June 18, 2016 Share Posted June 18, 2016 I start the PineAP and connect my iPhone 5S to the Nano. I go to the Chrome app and the internet is working fine. I start SSLsplit. I then go back to the iPhone 5s and it cannot connect to the internet. The same thing happened when connecting with the Macbook Pro. Any Ideas why SSLsplit is stopping access to the internet? I'm using Windows 7 with the WiFi Pineapple Nano. Thanks for any help! Link to comment Share on other sites More sharing options...
Chilidog42 Posted June 18, 2016 Share Posted June 18, 2016 OK, I reset my Nano and reinstalled SSLsplit. Everything seems to be working with the internet and everything. Now, when I turn on SSLsplit, go to like Facebook.com, the page is in plain text. Is SSLsplit supposed to do this? Is there a setting I can change to make the facebook page look normal again? Any help is appreciated. Link to comment Share on other sites More sharing options...
zB0o3z Posted June 22, 2016 Share Posted June 22, 2016 facebook.com, like others, uses HSTS, i had some issues with that and couldn't access anything using sslsplit. In my case, Chrome just simply block the facebook page saying there is an attack since its not https. Link to comment Share on other sites More sharing options...
hypervista Posted July 9, 2016 Share Posted July 9, 2016 Can someone please tell me how secure of a delete is performed when selecting delete on files stored in sslsplit's History tab in Pineapple Nano web interface? Thanks! Link to comment Share on other sites More sharing options...
Foxtrot Posted July 9, 2016 Share Posted July 9, 2016 The SSLSplit module uses 'rm' to delete files: // api/module.php:325 exec("rm -rf /pineapple/modules/SSLsplit/log/".$this->request->file); The reason rm isn't secure is best (imo) explained here. Link to comment Share on other sites More sharing options...
hypervista Posted July 9, 2016 Share Posted July 9, 2016 5 minutes ago, Foxtrot said: The SSLSplit module uses 'rm' to delete files: // api/module.php:325 exec("rm -rf /pineapple/modules/SSLsplit/log/".$this->request->file); The reason rm isn't secure is best (imo) explained here. Thanks Foxtrot! I know what to do from here. I appreciate the quick response. Link to comment Share on other sites More sharing options...
hypervista Posted July 9, 2016 Share Posted July 9, 2016 My mood right now: https://www.reddit.com/r/hacking/comments/3l0cxt/i_just_made_a_gif_of_elliots_wipe_procedure_from/ Link to comment Share on other sites More sharing options...
Darksoldier205 Posted July 14, 2016 Share Posted July 14, 2016 On 22/6/2016 at 8:31 AM, zB0o3z said: facebook.com, like others, uses HSTS, i had some issues with that and couldn't access anything using sslsplit. In my case, Chrome just simply block the facebook page saying there is an attack since its not https. is my case too ! someone has resolved this? Link to comment Share on other sites More sharing options...
skia Posted August 5, 2016 Share Posted August 5, 2016 Hello. I'm trying to use SSLSplit module. When it's working and I try to open any HTTPS page (e.g. facebook) from my test laptop I always get an error about wrong SSL certificate of the page in the browser. Is there a workaround to solve it? Link to comment Share on other sites More sharing options...
BeNe Posted August 6, 2016 Share Posted August 6, 2016 No, there is no workaround! It´s all about "HSTS" Link to comment Share on other sites More sharing options...
Ddawg747 Posted September 7, 2016 Share Posted September 7, 2016 I dont understand how to use sslsplit at all. Link to comment Share on other sites More sharing options...
Purrball Posted October 1, 2016 Share Posted October 1, 2016 Running into strange behaviors with the current firmware on Tetra. SSLsplit always shows as started even if it's not. I've emptied the page cache, restarted multiple times, it's not checked to autostart and yet it appears to be stuck in the 'started' state. Thought it might be browser cache, but clearing that didnt fix it either. Any thought? Link to comment Share on other sites More sharing options...
Master Luc Posted October 8, 2016 Share Posted October 8, 2016 Installed on my nano and had a few comments to share or get feedback on. First thanks for the hard work of getting this going, much appreciated for my testing. 1.) Output on the nano seems different from various tutorials I've been watching (maybe they were for SSLStrip though). Output will show me accessing a page but not show my clear text POST data. However if I download my history I can see it right there. This may be as intended, just thought it was worth mentioning. Actually entering the dummy clear text information does have problems that are stated below. 2.)I am currently having problems with it actually working to silently strip SSL. I have test servers with valid SSL certs installed (no HSTS) and it still gives me a security warning on my device connected through PineAP. Big red error about connection not private and cert is invalid. I get the not being able to work on HSTS sites but sites not using that technology I'm still just getting SSL warnings. Is there some other dependency that needs to be installed for this to work? Testing it while tethered to a PC sharing internet connection. Thanks for any feedback. Link to comment Share on other sites More sharing options...
IMEI Posted November 28, 2016 Share Posted November 28, 2016 ssl_split seem to be an outdated module. I found a way with Kali and SSLstrip2 + HSTS https://github.com/byt3bl33d3r/sslstrip2 Link to comment Share on other sites More sharing options...
kevinliu18 Posted January 1, 2017 Share Posted January 1, 2017 All the certificates and dependency are installed correctly, but when I try to start SSL Split it does not start. Is there something wrong with the configuration (under configuration tab)? To be honest, I'm new at this. Is there a tutorial on how to use this module? Thanks! Link to comment Share on other sites More sharing options...
Noth Posted January 4, 2017 Share Posted January 4, 2017 On 01/01/2017 at 1:37 AM, kevinliu18 said: All the certificates and dependency are installed correctly, but when I try to start SSL Split it does not start. Is there something wrong with the configuration (under configuration tab)? To be honest, I'm new at this. Is there a tutorial on how to use this module? Thanks! It seems that sslsplit binary expects dynamic libs named "libevent_xxx-2.0.so.5" and sadly, libs installed in "/sd/usr/lib/" have a ".5.1.10" suffix: ldd /sd/bin/sslsplit libssl.so.1.0.0 => /usr/lib/libssl.so.1.0.0 (0x77214000) libcrypto.so.1.0.0 => /usr/lib/libcrypto.so.1.0.0 (0x770ae000) libevent_openssl-2.0.so.5 => /usr/lib/libevent_openssl-2.0.so.5 (0x7709a000) libevent_pthreads-2.0.so.5 => /usr/lib/libevent_pthreads-2.0.so.5 (0x77088000) libevent-2.0.so.5 => /usr/lib/libevent-2.0.so.5 (0x7704b000) libgcc_s.so.1 => /lib/libgcc_s.so.1 (0x77027000) libpthread.so.0 => /lib/libpthread.so.0 (0x77001000) libc.so.0 => /lib/libc.so.0 (0x76f94000) libdl.so.0 => /lib/libdl.so.0 (0x76f80000) ld-uClibc.so.0 => /lib/ld-uClibc.so.0 (0x77272000) ls /sd/usr/lib/ libevent-2.0.so.5.1.10 libevent_extra-2.0.so.5.1.10 libevent_pthreads-2.0.so.5.1.10 libevent_core-2.0.so.5.1.10 libevent_openssl-2.0.so.5.1.10 opkg You can either: remove .5.1.10 suffixes manually create symlinks with proper names in /usr/lib/ second option actually worked for me Link to comment Share on other sites More sharing options...
Noth Posted January 4, 2017 Share Posted January 4, 2017 I wrote a small program to extract SSLSplit log files into a set of subdirectories with raw payload contents: https://github.com/NothNoth/SSLSplitParser Result is probably close to what sslsplit produces when used with "-S" option instead of "-L" actually. Link to comment Share on other sites More sharing options...
currahee Posted February 12, 2017 Share Posted February 12, 2017 On 1 de enero de 2017 at 1:37 AM, kevinliu18 said: All the certificates and dependency are installed correctly, but when I try to start SSL Split it does not start. Is there something wrong with the configuration (under configuration tab)? To be honest, I'm new at this. Is there a tutorial on how to use this module? Thanks! The same is happening to me. I can only make it start when installing sslsplit module to internal storage. However, I dont like this solution, as the generated logs may fill the internal storage. I also tried to install sslsplit to SD card and then renaming libevent-2.0.so files by removing ".5.1.10" sufrix as explained by Noth, but that didnt work. (module didnt't start). Would ir be possible to keep this module installed in internal storage and make the logs be stored in SD? (maybe with symbolic links, but I don't know how that can be done) Any guidance would be much appreciated. Thanks Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.