Wednesday, December 26, 2012

"And a happy new (F)ear!" ...SslStrip said !

Hello,
          Merry Christmas everyone! Today,  26/12/12 I will tell you a story which Mr. F told me yesterday. Actually, it's a horror story, which none of us would like to be protagonist!

 Sit comfortably and pay attention.

"Mr. F was on holidays (since 23/12/12) and he wanted to hang out for a coffee. He took his netbooks's case, he wore a jean and after an hour he was drinking a coffee at Syntagma square (Attiki - Syntagma, Athens). While he was listening to the well-known horrible music of the coffee shop, he decided to turn on his asus netbook and perform a simple Port Scan with his favorite port scanner, Nmap. At first, he didn't noticed anything, but after a while, a huge list of available host's was displayed in his 10.1 inch screen. 'Wow' , he said! 'It's my lucky day.' After that, a crazy idea crossed Mr. F's mind. He  called John, (Best friend), to ask him for sending Sslstrip via Dropbox.  I'm sure everyone knows what Mr. F will attempt to do. While he was waiting for the Sslstrip, he continued drinking his coffee and relaxing. Then, we pressed 'F5' on his Dropbox account, and he suddenly show an new folder named 'Sslstrip 0.9' with a tar.gz file inside. He extracted it, he checked if everything works great and he started thinking.

He didn't type anything for 2 minutes. He was thinking, what I must do now? The final thought was to enable port forwarding with the following command : $echo '1' > /proc/sys/net/ipv4/ip_forward . And that's what he entered. Then he checked if the ip_forward was '1' instead of '0'. 'Everything is ok', he thought. After a while, he typed the 2nd command: $iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 8080. 'With the above command , I will redirect requests from port 80 to port 8080 and I will be able to reassure the connections with destination the correct port'. After that, he was ready to type the 3rd command!

Read more : http://vishnuvalentino.com/hacking-tutorial/break-ssl-protection-using-sslstrip-and-backtrac
That was $arpspoof -i wlan0 -t 192.168.1.7 192.168.1.1 . With the above command he would be able to perform an ARP MITM attack between Target ( 192.168.1.7) and Host(192.168.1.1) . - You can easily notice that he didn't use broadcast arpspoof. The reason is that, he actually tried it, but the network was crashing! -  'Perfect!' he said, while he was watching the network traffic! 



'I am ready', he said. 'I am ready to proceed to the final step!' Can you guess the final step? He only, had to make Sslstrip listening on port 8080. 'Very easy', he said. 'I only have to type : $ python sslstrip.py -l 8080 and then, I will wait as long as I need.'
He entered the command, he drunk his water ( He had already had his coffee) and he was waiting for the magic moment! 
  

He made some calls, he browsed facebook, he played some mobile-games and after 20' he decided to stop sslstrip and he browsed the .log file. The results was awesome. Banking, Facebook, Ebay , Gmail, Hotmail account had been logged into Ssslstrip Log file! He was able to have access in any account. He was ready to buy products, browse emails, transfer money and other things! 
Ebay account example


After he finished with that, he closed his netbook, he paid the waiter and he left the coffee shop by singing ' I wish you a Merry Christmas, I wish you a Merry Christmas ... and a Happy New (F)ear!!!' 

Are you still here? Do you still feel safe with https? Mr. F hopes so. ;)

Thanks,
              Nikos Danopoulos


 
 
Posted by at

2 comments:

  1. AnonymousApril 20, 2017 at 12:22 AM

    Any sort of additional reads? A good beginners tut? I am trying to decrypt system files on my android using my android, and I'm kind of learning the hard way. Correspondence is probably easiest on email. Jonnyboytrip2@gmail.com. thanks

    ReplyDelete
  2. No NameAugust 28, 2020 at 5:21 PM

    Hello Everyone !

    USA SSN Leads/Fullz available, along with Driving License/ID Number with good connectivity.

    All SSN's are Tested & Verified.

    **DETAILS IN LEADS/FULLZ**

    ->FULL NAME
    ->SSN
    ->DATE OF BIRTH
    ->DRIVING LICENSE NUMBER
    ->ADDRESS WITH ZIP
    ->PHONE NUMBER, EMAIL
    ->EMPLOYEE DETAILS

    *Price for SSN lead $2
    *You can ask for sample before any deal
    *If you buy in bulk, will give you discount
    *Sampling is just for serious buyers

    ->Hope for the long term business
    ->You can buy for your specific states too

    **Contact 24/7**

    Whatsapp > +923172721122

    Email > leads.sellers1212@gmail.com

    Telegram > @leadsupplier

    ICQ > 752822040

    ReplyDelete

Subscribe to: Post Comments (Atom)