PaulDotCom mailing list archives
Evil Access Point / sslstrip
From: nils at hemmann.de (Nils)
Date: Fri, 13 Nov 2009 10:27:02 +0100
Hi, I got a question on the LaFonera Tech Segment in episode 174. When using sslstrip you suggest to use this iptables rule on the Fonera: iptables -t nat -A PREROUTING -p tcp --destination-port 443 -j REDIRECT --to-port 80 having sslstrip listen on port 80 I'm working an evil AP script combining all these attacks using BT4 with some additions and I'm using this iptables rule: iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000 having sslstrip listen on port 10000 I got the impression that it is not necessary to pipe https traffic on port 443 through sslstrip and that the session initiation on http port 80 is what sslstrip takes care of. By the way, episode 173 inspired me to include the Social Engineering Toolkit in my script. I wonder how that works out ;-) Nils
Current thread:
- Evil Access Point / sslstrip Nils (Nov 13)
- Evil Access Point / sslstrip Robin Wood (Nov 13)
- Evil Access Point / sslstrip Joseph McManus (Nov 13)
- Evil Access Point / sslstrip Robin Wood (Nov 13)
- Evil Access Point / sslstrip Joseph McManus (Nov 13)
- Evil Access Point / sslstrip Nils (Nov 14)
- Evil Access Point / sslstrip Robin Wood (Nov 14)
- Evil Access Point / sslstrip Nils (Nov 17)
- Message not available
- Evil Access Point / sslstrip Nils (Nov 17)
- Evil Access Point / sslstrip Robin Wood (Nov 17)
- Evil Access Point / sslstrip Joseph McManus (Nov 13)
- Evil Access Point / sslstrip Robin Wood (Nov 13)