sslstrip and arpspoofing with Kali linux Tutorial
Kali Linux |
Intention/Intro
Educational purposes only.
This tutorial will teach how to ARP Spoof a network and get user information even from websites with that use encryption (HTTPS). This tutorial we’ll use the Kali Linux (Live CD), the sslstrip software, we’ll modify the etter.conf file, add new rules to the iptables and use the ettercap software.
This tutorial will teach how to ARP Spoof a network and get user information even from websites with that use encryption (HTTPS). This tutorial we’ll use the Kali Linux (Live CD), the sslstrip software, we’ll modify the etter.conf file, add new rules to the iptables and use the ettercap software.
Pre-configurations
The commands below will set the iptables to redirect everything that comes from port 80 to port 10000. Our goal here is to set the sslstrip to strip HTTPS from pages and give to the end user a HTTP page (with no security, no encryption). So, the port that we’ll use to redirect the striped content will be the port 10000.
$echo 1 > /proc/sys/net/ipv4/ip_forward
$iptables -t nat -A PREROUTING -p tcp –destination-port 80 -j REDIRECT –to-port 10000
Usage
It’s time to run sslstrip and do the tricks that I mentioned before. To run it, use the command below:
$sslstrip -l 10000
Now, open another terminal windows and run the command below:
$ettercap -G
A windows will pop and that’s the ettercap GUI. Click on Sniff > Unifed sniff and choose the interface that you have a internet connection (same as your victims). For exemple, I choose wlan0, but if I’re using a cable, and would’ve choose the eth0 interface. Now click on Host > Scan for hosts. Now click again on Host > Host List. Select your gateway (the IP that you can access your router. It’s usually some IP that ends with 1 [like 192.168.2.1] . Keep in mind that’s not a rule!) and click on the button Target 1. Select the IP that your target is using and click on the button Target 2 (you can select multiples IP’s if you click on them holding the Ctrl or Command key). Now, click on Plugins > Manage Plugins and a list of plugins will appear. Now, double click on dns_spoof and make shore that there’s an asterisk ( * ) by it when you double click it. Now, click on Mitm > Arp spoofing and select the first option that you see in the windows that pop up and click on OK. Now click onStart > Start sniffing. You’re all set! Wait until your target access pages like gmail, facebook, twitter or anything that you have to use credentials. When your target access those sites, the ettercap will show the user and password that your target used. Remember: Thesslstrip is the responsible for making the HTTPS website unsecured! What I’m saying is that the target’s browser will request the page and the server will return a HTTPS page. The sslstrip intercept it on port 10000 and return to the user a HTTP page (no encryption). Beautiful, isn’t it?
Conclusion
This attack is simple to do and very effective. I strongly recommend that you use the Live Kali (instead of installing on your machine or on a VM). I have Kali installed on a computer and it often gives me headache to fix my mistakes. The ettercap might not work if your using a VM. In order to work, you should download/install all the extras VM tools that’s available. The ettercap might not work on a installed Kali. I couldn’t find one reason for that problem yet, but I read that if you uninstall it and install it from the Github resource, it might work better than the one that came with Kali. Warning: To install ettercap from Github, you might face missing libs. It uses a lot of different libs and it will take some time to you get them all installed on your machine. If you want to try to install it, use the commands below:
$sudo apt-get remove ettercap-common ettercap-graphic
$git clone https://github.com/Ettercap/ettercap
$cd ettercap && mkdir build && cmake ../ && make install
Ettercap, sometimes, didn’t work when I pressed the Star Sniffing option. What I did to make it work? Went to the first step of this tutorial and repeated everything.
How can you protect yourself from attacks like this? You could use a software like XArp, create static ARP tables, or you could read this.
Source:http://l33ttutorials.wordpress.com
How can you protect yourself from attacks like this? You could use a software like XArp, create static ARP tables, or you could read this.
Source:http://l33ttutorials.wordpress.com
Post a Comment