Share perl script buat sslstrip MITM attack - Printable Version +- Indonesian Back|Track Team (https://www.indonesianbacktrack.or.id/forum) +-- Forum: Penetration Testing Os (https://www.indonesianbacktrack.or.id/forum/forum-170.html) +--- Forum: Backtrack (https://www.indonesianbacktrack.or.id/forum/forum-171.html) +---- Forum: BackTrack 5 (https://www.indonesianbacktrack.or.id/forum/forum-74.html) +----- Forum: BackTrack 5 Tools (https://www.indonesianbacktrack.or.id/forum/forum-79.html) +----- Thread: Share perl script buat sslstrip MITM attack (/thread-1033.html) Pages:
1
2
|
perl script buat sslstrip MITM attack - nasa - 10-27-2011 abis training kmaren ttg sslstrip MITM attack (sniffing password over secure connection) jdi nyari semua yang ngebahas tentang sslstrip, eh nemu script perl buat ngejalanin secara auto.. tpi seperti biasa, saran ane mari kita pahami cara kerjanya.... buat yang pengen ke tkp tempat ane baca nih tutorial, silahkan ke : sslstrip MITM attack tools yg wajib ada biar script ini berfungsi : Linux (ane pake BT 5 R1) Ettercap (specifically etter.conf) <---- pasti ada di BT X-term ( BT5 R1) Arpspoof SSLStrip <--- kl ini sesuai saran om zee ane download di http://www.thoughtcrime.org/software/sslstrip/sslstrip-0.2.tar.gz Nmap ( BT 5 r1) disini ane kasih nama auto_mitm.pl boleh pake apa aja buat paste nih script nasa@IBTeam:/pentest/nasa/tools/sniffing# nano auto_mitm.pl Code: #! /usr/bin/perl -w stlh di paste save nasa@IBTeam:/pentest/nasa/tools/sniffing# chmod +x auto_mitm.pl trus jalanin pake command : nasa@IBTeam:/pentest/nasa/tools/sniffing# perl auto_mitm.pl ntar hasilnya seperti ini, yg pake tanda <-- berarti itu yag ane input. ######################################## You will have to uncomment iptables redirect. Inside nano use ctrl+o to save your changes & ctrl+x to exit and continue the script. Would you like to open /etc/etter.conf to uncomment iptables redirect? (y/n) y <-- ( ngedit file etter.conf kl belum di uncomment) ######################################## Changing iptables to redirect traffic from port 80 to port 8080 ######################################## Checking to make sure ip forwarding is enabled 0 <--- (ngecek ip forward udah aktif blm, ini hasilnya) Does ip forward = 0? (y/n) y <--- ( krn msh 0 ane jawab y, trus ganti 0 dengan 1 , save) 1 ######################################## Kernel IP routing table Destination Gateway Genmask Flags MSS Window irtt Iface 0.0.0.0 0.0.0.0 0.0.0.0 U 0 0 0 ppp0 10.64.64.64 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0 What is the default gateway? 10.64.64.64 <--- (default gateway ane) ######################################## eth1 Link encap:Ethernet HWaddr 00:1d:7d:4b:25:f6 UP BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) Interrupt:43 Base address:0x2000 eth2 Link encap:Ethernet HWaddr 00:08:a1:68:c7:9e UP BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) Interrupt:19 Base address:0xa000 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:824 errors:0 dropped:0 overruns:0 frame:0 TX packets:824 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:128389 (128.3 KB) TX bytes:128389 (128.3 KB) ppp0 Link encapoint-to-Point Protocol inet addr:10.162.159.172 P-t-P:10.64.64.64 Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1440 Metric:1 RX packets:13817 errors:0 dropped:0 overruns:0 frame:0 TX packets:14766 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:3 RX bytes:11568238 (11.5 MB) TX bytes:2223037 (2.2 MB) Which network interface would you like to use? ppp0 <--- (interface yg ane pake, tpi ppp0 blm support ) ######################################## ppp0 Link encapoint-to-Point Protocol inet addr:10.162.159.172 P-t-P:10.64.64.64 Mask:255.255.255.255 UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1440 Metric:1 RX packets:13823 errors:0 dropped:0 overruns:0 frame:0 TX packets:14770 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:3 RX bytes:11569670 (11.5 MB) TX bytes:2224883 (2.2 MB) What is your IP address? 10.162.159.172 <--- (ip address ane) ######################################## Would you like to run an nmap scan of the network to find a target? (y/n) n <--- ( make nmap buat scan jaringan, ane jawab aja no) ######################################## Do you want to spoof a specific target? (y/n) n <--- (jawab y kl buat 1 target, kl buat semua jwab aja n) ######################################## Starting SSL Strip. We have a few options for our parameters with SSL Strip. Here are you options: sniff all traffic, kill active sessions, log data (akl) kill, log, and sniff only https traffic (kl) log https traffic only(l) akl <--- (ane pilih pilihan yang pertama) Enter name of the log file, it has to end with '.log'? (ex: strip.log ) tes.log <--- ( nama buat log'y) ######################################## Do you want to start to follow the log file in real time? (y/n) y <-- (y kl mo liat log secara realtime) Starting to tail the sslstrip log file. nah script'y berakhir d sini, tpi bkalan terbuka 3 xterm window 1. buat log'y 2. spoofing 3 window buat sslstrip fiuhh, cape jg ngetiknya... hehehe , silahkan d comment y, Thx.... ( break it a part and find out how this script work, may be you can improve it) RE: perl script buat sslstrip MITM attack - betefive - 10-27-2011 trus bagi victim effect ny apa om? RE: perl script buat sslstrip MITM attack - nasa - 10-27-2011 (10-27-2011, 12:44 AM)betefive Wrote: trus bagi victim effect ny apa om? script ini buat sniffing password lewat secure connection, misalnya : https://www.facebook.com https:// accounts.google.com ntar kl sempat ane tambahin sc'y RE: perl script buat sslstrip MITM attack - iKONspirasi - 10-27-2011 (10-27-2011, 12:44 AM)betefive Wrote: trus bagi victim effect ny apa om? nanti hasilnya jika websitenya https:// maka akan berubah menjadi http:// sehingga bisa kita sniff username n passwordnya RE: perl script buat sslstrip MITM attack - cassaprodigy - 10-27-2011 sslstrip tools lama yang masih ampuh RE: perl script buat sslstrip MITM attack - betefive - 10-28-2011 contoh situs yg bisa di mitm pk file perl ini apa om? RE: perl script buat sslstrip MITM attack - m4k4ss4rh4ck3r - 10-28-2011 (10-28-2011, 01:37 AM)betefive Wrote: contoh situs yg bisa di mitm pk file perl ini apa om? google + dan semua web yg protokolnya HTTPS RE: perl script buat sslstrip MITM attack - koecroet - 10-28-2011 mantap broo!! +1 dr ane RE: perl script buat sslstrip MITM attack - andriestifler - 11-23-2011 cuman https aja yaaa? RE: perl script buat sslstrip MITM attack - Veronochi - 11-23-2011 ngeliat lognya di man?? |