Elgon2003 Posted November 8, 2018 Share Posted November 8, 2018 Hi, I bought recently an wifi pineaple nano and i started using dwall and tcpdump but i could get most of the encrypted stuff so i serched and discovered sslsplit but when i use it my browser says that i´m using a invalid/fake certificate and i dont know where i can get a valid certificate! Does this have to do with the config that comes with sslsplit? My config: ################################################################## # Certain packets are redirected to the local port 8080 and 8443 # ################################################################## ## Plain text HTTP traffic (80) is redirected to port 8080 iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-ports 8080 ## WhatsApp (5222) is redirected to port 8080 iptables -t nat -A PREROUTING -p tcp --dport 5222 -j REDIRECT --to-ports 8080 ## SSL-based HTTPS traffic (443) is redirected to port 8443 iptables -t nat -A PREROUTING -p tcp --dport 443 -j REDIRECT --to-ports 8443 ## IMAP over SSL (993), SMTP over SSL (465 and 587) is redirected to port 8443 iptables -t nat -A PREROUTING -p tcp --dport 587 -j REDIRECT --to-ports 8443 iptables -t nat -A PREROUTING -p tcp --dport 465 -j REDIRECT --to-ports 8443 iptables -t nat -A PREROUTING -p tcp --dport 993 -j REDIRECT --to-ports 8443 Link to comment Share on other sites More sharing options...
Spycial Posted November 9, 2018 Share Posted November 9, 2018 SSLSPLIT doesnt have HSTS bypass function. Link to comment Share on other sites More sharing options...
tommyq Posted July 1, 2020 Share Posted July 1, 2020 So Tetra and firmware version 2.7.0. SSL split working fine, but the browser spots the SSLstrip root CA. I'd read about dynamically generates SSL certificates. Does this mean there is hope for MiTM attacks on https and maybe HSTS sites? I suspect not, but it would be fantastic if there was a solution. Else, any other ideas on how to achieve this? Link to comment Share on other sites More sharing options...
PanicAcid Posted July 7, 2020 Share Posted July 7, 2020 On 7/1/2020 at 6:51 PM, tommyq said: So Tetra and firmware version 2.7.0. SSL split working fine, but the browser spots the SSLstrip root CA. I'd read about dynamically generates SSL certificates. Does this mean there is hope for MiTM attacks on https and maybe HSTS sites? I suspect not, but it would be fantastic if there was a solution. Else, any other ideas on how to achieve this? Nope, HSTS is a tough one. Check out SSLStrip+ / aka SSLStrip2 on GitHub. Mileage may vary. Best bet is find another attack vector / evil portal if all you want is creds etc. Link to comment Share on other sites More sharing options...
tommyq Posted July 8, 2020 Share Posted July 8, 2020 Thankyou very much. I'll go and do more digging!! Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.