Results 1 to 5 of 5

Thread: Ettercap and sslstrip in backtrack 5

  1. #1
    Join Date
    May 2011

    Ettercap and sslstrip in backtrack 5

    I have a difficulty with Ettercap and Sslstrip. If I uncomment iptables on etter.conf, ettercap take over ssl, and the browser gives certificate errors. If I keep ignoring the errors, I ultimately get signed in. If I keep the iptables commented on etter.conf, sslstrip seem to get hold of over ssl connections and catches the login information. Nonetheless, the browser gets redirect back to sing up page. Basically, I can't log in. Seeing at the log, the whole thing is forwarded and spoofed appropriately. How can I overcome this problem?

  2. #2
    Join Date
    Nov 2009

    re: Ettercap and sslstrip in backtrack 5

    If you wish to use ettercap as listener and sslstrip. You need to do following thing.
    1. Forward physically with echo 1
    2. Arpspoof equally ways with arpspoof -i ethx -t
    3. Start ettercap as listener and grasp traffic in a file
    ettercap -Tqi ethX -u -l my_ssl_data
    4. Start iptables and run sslstrip -p -f
    5. If you dash in this way ettercap, open an additional terminal and re-check the forwarding you did manually wit: cat /proc/sys.../ip_forward.And you will observe that is "1", because ettercap is in a row with -u, without forwarding.

  3. #3
    Join Date
    Nov 2009

    re: Ettercap and sslstrip in backtrack 5

    Hey guys I was facing the problem in setting up ethcercap and sslstrip I followed the above steps but u also have to check the sslstrip.log and you will observe a lot of information, but the user and password there gmail:
    The information in ettercap files with -l limitation, should be my_data_ssl.eci, release it with etterlog.You should install the etherlog (aptitude install etherlog)
    expect this help you..I did work for me after two months of inspection videos and evaluating the various posts.

  4. #4
    Join Date
    Nov 2008

    re: Ettercap and sslstrip in backtrack 5

    After doing all settings I can see the captured user and password on ettercap. This is what I did.
    sudo ettercap -Tqdi ethX -M arp:remote /target/ /router/
    sudo iptables -t Nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-ports 10000
    sudo sslstrip -a -k –f.When I open Gmail, I don't see the certificate error anymore even with iptables uncommented on etter.conf. Yea! I can't log in though. Of course I skipped "echo 1

  5. #5
    Join Date
    Nov 2009

    re: Ettercap and sslstrip in backtrack 5

    It worked for you. As sslstrip is concerned, it should work. You can try this: iptables -t Nat --flush (flush the iptables, it flushes all appended chains to tables, in this case -A PREROUTING -p tcp --destination-port 80).Then re-type or re-enter the chain to the Table: iptables -t Nat - A REROUTING -to-port 10000sslstrip -p -f (I suggest to log only ssl posts which is the default)..Remember that the default port to listen for sslstrip is 10000, so no need to use the -l 10000.the log file will be left on the desktop if you are using Backtrack, if you are using Ubuntu it will be left in the /home/root/ directory, in both cases as sslstrip.log unless you use the -w option and give a path and name lo save the file. If you want to see the file "live" as it runs, open an additional terminal and type: tail -f my_ssldata.log this way you will see all http or https traffic as you navigate through, off course depending on the ssl parameters you use (-p, -a).I used both and the amount of info with -a is too much, unless you want to make a more deep study of traffic, use the -p option (default)..The -f is to show the little favicon showing that is a "secure page “then re-run ettercap. Try it.

Similar Threads

  1. Backtrack
    By kantu in forum Operating Systems
    Replies: 1
    Last Post: 29-09-2011, 12:28 PM
  2. Replies: 5
    Last Post: 22-07-2011, 12:46 AM
  3. SSLSTRIP and WIFIZOO in BackTrack 5
    By Baldwin in forum Operating Systems
    Replies: 5
    Last Post: 09-07-2011, 08:59 PM
  4. How to upgrade from Backtrack 4 to Backtrack 5
    By Upendra in forum Operating Systems
    Replies: 6
    Last Post: 09-07-2011, 08:52 PM
  5. Install sslstrip on backtrack
    By Trini Alvarado in forum Windows Software
    Replies: 6
    Last Post: 11-05-2010, 10:14 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts