2009/11/13 Joseph McManus <[email protected]>: > Hello, > > The way I got this to work was setting the ip of my Linux machine as the > default gateway on the Fon. Then use the Iptable rules as usual on the > linux machine iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j > REDIRECT --to-port 10000 set ssl strip to listen to port 10000. Works like > a charm.
That is having sslstrip on the PC, I wanted it on the Fon, I assumed Nils did but this is an option. Robin > > ~Joe > > Make sure your Linux machine is set to forwarding mode. > > On Fri, Nov 13, 2009 at 9:38 AM, Robin Wood <[email protected]> wrote: >> >> Good luck with this, I've been trying to get it working for at least >> the past month, see all the questions I asked the list about bridging >> and iptables. >> >> The problem as far as I can tell is that when the two nics are bridged >> that it is very hard to get hold of the traffic as it doesn't make it >> to the iptables layer. You apparently need to use ebtables to >> manipulate this traffic but again, I couldn't make ebtables affect the >> traffic. >> >> If you do get anything working or want any help then let me know and I >> can share my notes. >> >> Robin >> >> 2009/11/13 Nils <[email protected]>: >> > Hi, >> > I got a question on the LaFonera Tech Segment in episode 174. >> > When using sslstrip you suggest to use this iptables rule on the Fonera: >> > iptables -t nat -A PREROUTING -p tcp --destination-port 443 -j REDIRECT >> > --to-port 80 >> > having sslstrip listen on port 80 >> > >> > I'm working an evil AP script combining all these attacks using BT4 with >> > some additions and I'm using this iptables rule: >> > iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT >> > --to-port 10000 >> > having sslstrip listen on port 10000 >> > >> > I got the impression that it is not necessary to pipe https traffic on >> > port 443 through sslstrip and that the session initiation on http port >> > 80 is what sslstrip takes care of. >> > >> > By the way, episode 173 inspired me to include the Social Engineering >> > Toolkit in my script. I wonder how that works out ;-) >> > >> > Nils >> > >> > _______________________________________________ >> > Pauldotcom mailing list >> > [email protected] >> > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> > Main Web Site: http://pauldotcom.com >> > >> _______________________________________________ >> Pauldotcom mailing list >> [email protected] >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> Main Web Site: http://pauldotcom.com > > > > -- > Computer Problems? I can Help! > http://www.crossloop.com/joemcmanus > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
