veggiefish Posted June 8, 2016 And the lib doesnt actually exist in /usr/lib/ Quote Share this post Link to post Share on other sites
veggiefish Posted June 12, 2016 root@rj45:/sd/modules/tcpdump/dump# opkg install libevent2-openssl Package libevent2-openssl (2.0.22-1) installed in sd is up to date. root@rj45:/sd/modules/tcpdump/dump# sslsplit sslsplit: can't load library 'libevent_openssl-2.0.so.5' root@rj45:/usr/lib# ls | grep libevent root@rj45:/usr/lib# does this currently work for anyone? Can you share your output of above command? Quote Share this post Link to post Share on other sites
zB0o3z Posted June 14, 2016 Hey this module seams to work fine on my nano, nice work ! I tried the module on a client with chrome, and with all the major https website, they have hsts and so chrome yells at us that there is an attack ... So whats the point of this now that HSTS makes it impossible to use... no? 1 Quote Share this post Link to post Share on other sites
s36 Posted June 14, 2016 @zB0o3z - the module is being updated to include the latest SSLStrip which will work with SHA256 and resolve the issues you are facing above. Quote Share this post Link to post Share on other sites
veggiefish Posted June 15, 2016 Hey guys, since its working on yours, could you do me a favour and check your libs? Quote Share this post Link to post Share on other sites
s36 Posted June 15, 2016 SSLSplit that was! I keep mistyping Quote Share this post Link to post Share on other sites
s36 Posted June 15, 2016 @veggiefish, here's output... /usr/lib# ls | grep libevent libevent-2.0.so.5 libevent-2.0.so.5.1.10 libevent_core-2.0.so.5 libevent_core-2.0.so.5.1.10 libevent_extra-2.0.so.5 libevent_extra-2.0.so.5.1.10 libevent_openssl-2.0.so.5 libevent_openssl-2.0.so.5.1.10 libevent_pthreads-2.0.so.5 libevent_pthreads-2.0.so.5.1.10 Quote Share this post Link to post Share on other sites
Chilidog42 Posted June 18, 2016 I start the PineAP and connect my iPhone 5S to the Nano. I go to the Chrome app and the internet is working fine. I start SSLsplit. I then go back to the iPhone 5s and it cannot connect to the internet. The same thing happened when connecting with the Macbook Pro. Any Ideas why SSLsplit is stopping access to the internet? I'm using Windows 7 with the WiFi Pineapple Nano. Thanks for any help! Quote Share this post Link to post Share on other sites
Chilidog42 Posted June 18, 2016 OK, I reset my Nano and reinstalled SSLsplit. Everything seems to be working with the internet and everything. Now, when I turn on SSLsplit, go to like Facebook.com, the page is in plain text. Is SSLsplit supposed to do this? Is there a setting I can change to make the facebook page look normal again? Any help is appreciated. Quote Share this post Link to post Share on other sites
zB0o3z Posted June 22, 2016 facebook.com, like others, uses HSTS, i had some issues with that and couldn't access anything using sslsplit. In my case, Chrome just simply block the facebook page saying there is an attack since its not https. Quote Share this post Link to post Share on other sites
hypervista Posted July 9, 2016 Can someone please tell me how secure of a delete is performed when selecting delete on files stored in sslsplit's History tab in Pineapple Nano web interface? Thanks! Quote Share this post Link to post Share on other sites
Foxtrot Posted July 9, 2016 The SSLSplit module uses 'rm' to delete files: // api/module.php:325 exec("rm -rf /pineapple/modules/SSLsplit/log/".$this->request->file); The reason rm isn't secure is best (imo) explained here. 1 Quote Share this post Link to post Share on other sites
hypervista Posted July 9, 2016 5 minutes ago, Foxtrot said: The SSLSplit module uses 'rm' to delete files: // api/module.php:325 exec("rm -rf /pineapple/modules/SSLsplit/log/".$this->request->file); The reason rm isn't secure is best (imo) explained here. Thanks Foxtrot! I know what to do from here. I appreciate the quick response. Quote Share this post Link to post Share on other sites
hypervista Posted July 9, 2016 My mood right now: https://www.reddit.com/r/hacking/comments/3l0cxt/i_just_made_a_gif_of_elliots_wipe_procedure_from/ Quote Share this post Link to post Share on other sites
Darksoldier205 Posted July 14, 2016 On 22/6/2016 at 8:31 AM, zB0o3z said: facebook.com, like others, uses HSTS, i had some issues with that and couldn't access anything using sslsplit. In my case, Chrome just simply block the facebook page saying there is an attack since its not https. is my case too ! someone has resolved this? Quote Share this post Link to post Share on other sites
skia Posted August 5, 2016 Hello. I'm trying to use SSLSplit module. When it's working and I try to open any HTTPS page (e.g. facebook) from my test laptop I always get an error about wrong SSL certificate of the page in the browser. Is there a workaround to solve it? Quote Share this post Link to post Share on other sites
BeNe Posted August 6, 2016 No, there is no workaround! It´s all about "HSTS" 2 Quote Share this post Link to post Share on other sites
Ddawg747 Posted September 7, 2016 I dont understand how to use sslsplit at all. Quote Share this post Link to post Share on other sites
Purrball Posted October 1, 2016 Running into strange behaviors with the current firmware on Tetra. SSLsplit always shows as started even if it's not. I've emptied the page cache, restarted multiple times, it's not checked to autostart and yet it appears to be stuck in the 'started' state. Thought it might be browser cache, but clearing that didnt fix it either. Any thought? Quote Share this post Link to post Share on other sites
Master Luc Posted October 8, 2016 Installed on my nano and had a few comments to share or get feedback on. First thanks for the hard work of getting this going, much appreciated for my testing. 1.) Output on the nano seems different from various tutorials I've been watching (maybe they were for SSLStrip though). Output will show me accessing a page but not show my clear text POST data. However if I download my history I can see it right there. This may be as intended, just thought it was worth mentioning. Actually entering the dummy clear text information does have problems that are stated below. 2.)I am currently having problems with it actually working to silently strip SSL. I have test servers with valid SSL certs installed (no HSTS) and it still gives me a security warning on my device connected through PineAP. Big red error about connection not private and cert is invalid. I get the not being able to work on HSTS sites but sites not using that technology I'm still just getting SSL warnings. Is there some other dependency that needs to be installed for this to work? Testing it while tethered to a PC sharing internet connection. Thanks for any feedback. Quote Share this post Link to post Share on other sites
IMEI Posted November 28, 2016 (edited) ssl_split seem to be an outdated module. I found a way with Kali and SSLstrip2 + HSTS https://github.com/byt3bl33d3r/sslstrip2 Edited November 28, 2016 by IMEI Quote Share this post Link to post Share on other sites
kevinliu18 Posted January 1, 2017 (edited) All the certificates and dependency are installed correctly, but when I try to start SSL Split it does not start. Is there something wrong with the configuration (under configuration tab)? To be honest, I'm new at this. Is there a tutorial on how to use this module? Thanks! Edited January 1, 2017 by kevinliu18 Quote Share this post Link to post Share on other sites
Noth Posted January 4, 2017 On 01/01/2017 at 1:37 AM, kevinliu18 said: All the certificates and dependency are installed correctly, but when I try to start SSL Split it does not start. Is there something wrong with the configuration (under configuration tab)? To be honest, I'm new at this. Is there a tutorial on how to use this module? Thanks! It seems that sslsplit binary expects dynamic libs named "libevent_xxx-2.0.so.5" and sadly, libs installed in "/sd/usr/lib/" have a ".5.1.10" suffix: ldd /sd/bin/sslsplit libssl.so.1.0.0 => /usr/lib/libssl.so.1.0.0 (0x77214000) libcrypto.so.1.0.0 => /usr/lib/libcrypto.so.1.0.0 (0x770ae000) libevent_openssl-2.0.so.5 => /usr/lib/libevent_openssl-2.0.so.5 (0x7709a000) libevent_pthreads-2.0.so.5 => /usr/lib/libevent_pthreads-2.0.so.5 (0x77088000) libevent-2.0.so.5 => /usr/lib/libevent-2.0.so.5 (0x7704b000) libgcc_s.so.1 => /lib/libgcc_s.so.1 (0x77027000) libpthread.so.0 => /lib/libpthread.so.0 (0x77001000) libc.so.0 => /lib/libc.so.0 (0x76f94000) libdl.so.0 => /lib/libdl.so.0 (0x76f80000) ld-uClibc.so.0 => /lib/ld-uClibc.so.0 (0x77272000) ls /sd/usr/lib/ libevent-2.0.so.5.1.10 libevent_extra-2.0.so.5.1.10 libevent_pthreads-2.0.so.5.1.10 libevent_core-2.0.so.5.1.10 libevent_openssl-2.0.so.5.1.10 opkg You can either: remove .5.1.10 suffixes manually create symlinks with proper names in /usr/lib/ second option actually worked for me Quote Share this post Link to post Share on other sites
Noth Posted January 4, 2017 I wrote a small program to extract SSLSplit log files into a set of subdirectories with raw payload contents: https://github.com/NothNoth/SSLSplitParser Result is probably close to what sslsplit produces when used with "-S" option instead of "-L" actually. Quote Share this post Link to post Share on other sites
currahee Posted February 12, 2017 On 1 de enero de 2017 at 1:37 AM, kevinliu18 said: All the certificates and dependency are installed correctly, but when I try to start SSL Split it does not start. Is there something wrong with the configuration (under configuration tab)? To be honest, I'm new at this. Is there a tutorial on how to use this module? Thanks! The same is happening to me. I can only make it start when installing sslsplit module to internal storage. However, I dont like this solution, as the generated logs may fill the internal storage. I also tried to install sslsplit to SD card and then renaming libevent-2.0.so files by removing ".5.1.10" sufrix as explained by Noth, but that didnt work. (module didnt't start). Would ir be possible to keep this module installed in internal storage and make the logs be stored in SD? (maybe with symbolic links, but I don't know how that can be done) Any guidance would be much appreciated. Thanks Quote Share this post Link to post Share on other sites