Jump to content
Whistle Master

[Official] SSLsplit

Recommended Posts

1 hour ago, micadunet said:

Ok, i Will try with other sd cards.

Could you explain how to mount a usb memory? You have to plug in at the back of the pineapple? Then how can you mount it as sd? 

It's a little long and "technical" if you will, but if you're used to using Linux, and mounting stuff there, then it shouldn't be a problem for you.
Yes, you have to take out the sd-card. And then insert a usb-memory stick into the Nano's USB-port. Easy-peasy.
The exact procedure have been discussed countless times within a thread i created in this forum called: "MANA Toolkit for Wifi Pineapples".
Just partition the memory stick like the SD-card. One ext4 partition, and one swap partition.
Then to get it to re-mount at every boot you need to edit the /etc/config/fstab file.
But all this is explained within my thread. Just look it up, i've written it so many times in there :)

Edited by Zylla

Share this post


Link to post
Share on other sites
8 minutes ago, Zylla said:

It's a little long and "technical" if you will, but if you're used to using Linux, and mounting stuff there, then it shouldn't be a problem for you.
Yes, you have to take out the sd-card. And then insert a usb-memory stick into the Nano's USB-port. Easy-peasy.
The exact procedure have been discussed countless times within a thread i created in this forum called: "MANA Toolkit for Wifi Pineapples".
Just partition the memory stick like the SD-card. One ext4 partition, and one swap partition.
Then to get it to re-mount at every boot you need to edit the /etc/config/fstab file.
But all this is explained within my thread. Just look it up, i've written it so many times in there :)

Many thanks for your patience and sympathy.

I will give some news when i ll receive the new sd card.

Again, thanks  !!!

Share this post


Link to post
Share on other sites

Hey!

 

Recently I got a new nano (old one was stolen), and Ive been playing about with it. I was able to get 29 clients with pineap which I was very happy with.

 

I've had an issue with SSLSplit, in which when I enable it, no clients get access to the internet. When they go to a web page it just says no connection.

Any help would be greatly appreciated :)

And on a side note, I can't get random roll to work. Everything is turned on but nothing happens when they go to a webpage.

Thanks!!  

Share this post


Link to post
Share on other sites

Sslsplit is very old. Most common browsers and sites are protected against such attacks. This is why i recommend making sslstrip2 and dnsproxy2 work with you( do not expect facebook or gmail to work thought).

About randomroll, i never really experimented with it. Im not sure how it works so i cant help you there.

Share this post


Link to post
Share on other sites
7 minutes ago, Rinilyn said:

Sslsplit is very old. Most common browsers and sites are protected against such attacks. This is why i recommend making sslstrip2 and dnsproxy2 work with you( do not expect facebook or gmail to work thought).

About randomroll, i never really experimented with it. Im not sure how it works so i cant help you there.

Thanks, is there any way to get SSLStrip2 to work as a module? So I don't have to SSH in everytime. And what exactly MANA attack module? 

 

Thanks

Share this post


Link to post
Share on other sites

Mana toolkit includes ssltrip2. Google is your friend, learn about the mana attack there. I included an installation guide to get the mana module working in the mana post. A usb hub is required thought

Share this post


Link to post
Share on other sites
16 hours ago, Rinilyn said:

Mana toolkit includes ssltrip2. Google is your friend, learn about the mana attack there. I included an installation guide to get the mana module working in the mana post. A usb hub is required thought

Thanks man, I'll look into it right now. I remember being able to install mana on my pineapple fine without a usb hub, why do I need one?

I'm not a big fan of using the terminal, I much more prefer the modules and web interface. Is there any web interface tools still worth using other than the mana module?

Share this post


Link to post
Share on other sites
On 12/02/2018 at 10:57 PM, Zylla said:

It's a little long and "technical" if you will, but if you're used to using Linux, and mounting stuff there, then it shouldn't be a problem for you.
Yes, you have to take out the sd-card. And then insert a usb-memory stick into the Nano's USB-port. Easy-peasy.
The exact procedure have been discussed countless times within a thread i created in this forum called: "MANA Toolkit for Wifi Pineapples".
Just partition the memory stick like the SD-card. One ext4 partition, and one swap partition.
Then to get it to re-mount at every boot you need to edit the /etc/config/fstab file.
But all this is explained within my thread. Just look it up, i've written it so many times in there :)

Hi,

I tried 4 micro sd cards, and still does not work.

Could you please give me a link for the thread  "MANA Toolkit for Wifi Pineapples"? I did not find it in this forum (really sorry).

Thanks :)

Share this post


Link to post
Share on other sites
1 minute ago, micadunet said:

Hi,

I tried 4 micro sd cards, and still does not work.

Could you please give me a link for the thread  "MANA Toolkit for Wifi Pineapples"? I did not find it in this forum (really sorry).

Thanks :)

 

Share this post


Link to post
Share on other sites

Im having problems if my SSLsplit v1.1,

it's unstable, i click start, but it don't start, or starts but immediately stops, or stop the internet connect.

Any idea what i can do?

Share this post


Link to post
Share on other sites

I don't believe this tool has worked in 5 years... maybe it does work on sites that have not Implant the latest security protocols like hsts.

 

You guys should learn how to use these tools on a kali linux labtop. Understand the steps it takes to configure these attacks. Then trouble shooting is simple...

 

back in the day I would use arpspoof and sslstrip... its a simple attack to learn. Maybe 4 commands to configure this.

Share this post


Link to post
Share on other sites

just installed SSLStrip on a NANO, everything installed, no issues, but when I hit start it says:

SSLsplit is not running...

ssh into the nano and type ssltrip.... no luck, it installed on SDCard..I run it directly from /sd/bin and it says:

./sslsplit: can't load library 'libevent_openssl-2.0.so.5'

 

seems to be an issue with the installation.

any help would be appreciated

 

Share this post


Link to post
Share on other sites

I have installed the module SSLsplit v1.2 and its dependencies.

Each time I click Start it says "Starting.." and the goes back to Start, like it did not start.

Anyone knows what to do here ?

 

Share this post


Link to post
Share on other sites

Sounds like something isn't working under the hood.

 Ssh into your pineapple and run ssl split on the command line to see if it's even starting up.

 

good chance it's the log directory not existing (https://github.com/hak5/wifipineapple-modules/pull/18)

A quick fix may be to ssh into your pineapple and do "mkdir /pineapple/modules/SSLsplit/log"

 

 

Share this post


Link to post
Share on other sites

 At me too the module is launched only with the second attempt. I installed on the SD card - it turned out ok. But the browsers check the root certificate, so you will not cheat anyone.

Share this post


Link to post
Share on other sites
34 minutes ago, trashbo4t said:

Yea I would réserve this attack for mobile devices

Browsers for mobile devices also check root certificates.

Share this post


Link to post
Share on other sites
Just now, art445 said:

Browsers for mobile devices also check root certificates.

Yes, but a user on mobile is more likely to ignore the warning (at least in my experience).

 

Share this post


Link to post
Share on other sites
2 hours ago, trashbo4t said:

Yes, but a user on mobile is more likely to ignore the warning (at least in my experience).

 

Very doubtful hope. I can not log into Facebook  from a smartphone (if enabled SSLsplit) - there's just no such option and there is a warning .

Share this post


Link to post
Share on other sites
1 minute ago, art445 said:

Very doubtful hope. I can not log into Facebook  from a smartphone (if enabled SSLsplit) - there's just no such option and there is a warning .

Perhaps we need a module that can replicate the server.
Essentially an attacker would need to sit in between the session with access to decryption capabilities.

I imagine although, this is near impossible. I also do not understand the handshake well enough to know how keys are exchanged.

We would need some sort of passive/injection technique to trick a client into thinking the pineapple is the server.

Share this post


Link to post
Share on other sites
1 hour ago, trashbo4t said:

Perhaps we need a module that can replicate the server.
Essentially an attacker would need to sit in between the session with access to decryption capabilities.

I imagine although, this is near impossible. I also do not understand the handshake well enough to know how keys are exchanged.

We would need some sort of passive/injection technique to trick a client into thinking the pineapple is the server.

You can not fool the browser from the middle. He has a list of trusted certificate publishers. If he receives a certificate from an unknown publisher, he immediately swears. Everything else, the details of the handshake exchange, etc., do not matter.

Share this post


Link to post
Share on other sites
9 minutes ago, art445 said:

You can not fool the browser from the middle. He has a list of trusted certificate publishers. If he receives a certificate from an unknown publisher, he immediately swears. Everything else, the details of the handshake exchange, etc., do not matter.

Challenge accepted!

 

  • Like 1

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...