I haven't published any of my security related scripts or talked about any penetration testing and security auditing here before, but it's probably something I'll start to do more of.
This is really just to make sslstrip setup more convenient. What's so interesting about sslstrip is how it shows that the average user completley ignores whether an apparently secure site is actually https:// or if its plain old http://. If you're unfamiliar with sslstrip then you should really be visiting Moxie's website.
This script automates the process of becoming the man in the middle and running sslstrip, a tool to present the target with an http page whenever they should be getting an https page. It uses ettercap to arp poison the target on the LAN, and also to display any caught login information. Ettercap on it's own is great for capturing http login info and can also manipulate SSL, although we're using it here because it partners so nicely with sslstrip so we can disregard SSL all together for any target on our LAN. The script uses nmap to create a target choice menu and finds your IP and the gateway IP, making everything except the choice of target automatic.
Click here to grab it.
Depends on:
iptables nat
nmap
sslstrip
ettercap (with the iptables uncommented from the ettercap config file, often located at /etc/etter.conf)
Thursday 8 April 2010
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment