PaulDotCom mailing list archives
Evil Access Point / sslstrip
From: joe.mcmanus at gmail.com (Joseph McManus)
Date: Fri, 13 Nov 2009 21:31:53 -0500
Oh I was not aware that SSLStrip could run on the Fon. On Fri, Nov 13, 2009 at 4:21 PM, Robin Wood <dninja at gmail.com> wrote:
2009/11/13 Joseph McManus <joe.mcmanus at gmail.com>:Hello, The way I got this to work was setting the ip of my Linux machine as the default gateway on the Fon. Then use the Iptable rules as usual on the linux machine iptables -t nat -A PREROUTING -p tcp --destination-port 80-jREDIRECT --to-port 10000 set ssl strip to listen to port 10000. Workslikea charm.That is having sslstrip on the PC, I wanted it on the Fon, I assumed Nils did but this is an option. Robin~Joe Make sure your Linux machine is set to forwarding mode. On Fri, Nov 13, 2009 at 9:38 AM, Robin Wood <dninja at gmail.com> wrote:Good luck with this, I've been trying to get it working for at least the past month, see all the questions I asked the list about bridging and iptables. The problem as far as I can tell is that when the two nics are bridged that it is very hard to get hold of the traffic as it doesn't make it to the iptables layer. You apparently need to use ebtables to manipulate this traffic but again, I couldn't make ebtables affect the traffic. If you do get anything working or want any help then let me know and I can share my notes. Robin 2009/11/13 Nils <nils at hemmann.de>:Hi, I got a question on the LaFonera Tech Segment in episode 174. When using sslstrip you suggest to use this iptables rule on theFonera:iptables -t nat -A PREROUTING -p tcp --destination-port 443 -jREDIRECT--to-port 80 having sslstrip listen on port 80 I'm working an evil AP script combining all these attacks using BT4withsome additions and I'm using this iptables rule: iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000 having sslstrip listen on port 10000 I got the impression that it is not necessary to pipe https traffic on port 443 through sslstrip and that the session initiation on http port 80 is what sslstrip takes care of. By the way, episode 173 inspired me to include the Social Engineering Toolkit in my script. I wonder how that works out ;-) Nils _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com-- Computer Problems? I can Help! http://www.crossloop.com/joemcmanus _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com_______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
-- Computer Problems? I can Help! http://www.crossloop.com/joemcmanus -------------- next part -------------- An HTML attachment was scrubbed... URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20091113/3b905e08/attachment.htm
Current thread:
- Evil Access Point / sslstrip Nils (Nov 13)
- Evil Access Point / sslstrip Robin Wood (Nov 13)
- Evil Access Point / sslstrip Joseph McManus (Nov 13)
- Evil Access Point / sslstrip Robin Wood (Nov 13)
- Evil Access Point / sslstrip Joseph McManus (Nov 13)
- Evil Access Point / sslstrip Nils (Nov 14)
- Evil Access Point / sslstrip Robin Wood (Nov 14)
- Evil Access Point / sslstrip Nils (Nov 17)
- Message not available
- Evil Access Point / sslstrip Nils (Nov 17)
- Evil Access Point / sslstrip Robin Wood (Nov 17)
- Evil Access Point / sslstrip Joseph McManus (Nov 13)
- Evil Access Point / sslstrip Robin Wood (Nov 13)