I just figured that my Jasager Fon had been re-flashed with Fon's original firmware to re-activate my Fon account before I went to the US. I'm having a day off this week and will give it a try then. Robin, are you using the standard sslstrip python script on the Fonera or is it some special package?
For my evil AP script on BT4, I do have a rocking solid combination of airbase-ng or karma, sslstrip, ettercap (without ARP poisoning), tcpxtract, msg-, urlsnarf, ferret and hamster What I'm kind of missing is the packet mangling capability of ettercap on layer-2. I'd like to have ssh downgrade or smb clear text capabilities. What I thought of is switching on ARP poisoning between the external AP network and the internal LAN but I think that might break the iptables-fu for e.g. sslstrip. Does anyone have a good idea how to realize this on layer-3? Is there some standalone tool which can perform ssh downgrade or force SMB clear text just with iptables magic and without ARP poisoning? Thanks, Nils Robin Wood wrote: > There is a sslstrip package for openwrt which installs fine on the > fon, I just couldn't get it to work! Very frustraiting, being in the > middle but note being able to actually modify any of the traffic. > > Robin > > 2009/11/14 Nils <[email protected]>: > >> sorry, I meant on the PC. My script has been written for BT4. >> So then the iptables rule with port 80 is still fine at least for PC usage. >> >> Robin, I still have your Jasager Installation on one of my Foneras. I'll >> give it a try with sslstrip. >> >> >> >> Robin Wood wrote: >> >>> 2009/11/13 Joseph McManus <[email protected]>: >>> >>> >>>> Hello, >>>> >>>> The way I got this to work was setting the ip of my Linux machine as the >>>> default gateway on the Fon. Then use the Iptable rules as usual on the >>>> linux machine iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j >>>> REDIRECT --to-port 10000 set ssl strip to listen to port 10000. Works like >>>> a charm. >>>> >>>> >>> That is having sslstrip on the PC, I wanted it on the Fon, I assumed >>> Nils did but this is an option. >>> >>> Robin >>> >>> >>> >>>> ~Joe >>>> >>>> Make sure your Linux machine is set to forwarding mode. >>>> >>>> On Fri, Nov 13, 2009 at 9:38 AM, Robin Wood <[email protected]> wrote: >>>> >>>> >>>>> Good luck with this, I've been trying to get it working for at least >>>>> the past month, see all the questions I asked the list about bridging >>>>> and iptables. >>>>> >>>>> The problem as far as I can tell is that when the two nics are bridged >>>>> that it is very hard to get hold of the traffic as it doesn't make it >>>>> to the iptables layer. You apparently need to use ebtables to >>>>> manipulate this traffic but again, I couldn't make ebtables affect the >>>>> traffic. >>>>> >>>>> If you do get anything working or want any help then let me know and I >>>>> can share my notes. >>>>> >>>>> Robin >>>>> >>>>> 2009/11/13 Nils <[email protected]>: >>>>> >>>>> >>>>>> Hi, >>>>>> I got a question on the LaFonera Tech Segment in episode 174. >>>>>> When using sslstrip you suggest to use this iptables rule on the Fonera: >>>>>> iptables -t nat -A PREROUTING -p tcp --destination-port 443 -j REDIRECT >>>>>> --to-port 80 >>>>>> having sslstrip listen on port 80 >>>>>> >>>>>> I'm working an evil AP script combining all these attacks using BT4 with >>>>>> some additions and I'm using this iptables rule: >>>>>> iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT >>>>>> --to-port 10000 >>>>>> having sslstrip listen on port 10000 >>>>>> >>>>>> I got the impression that it is not necessary to pipe https traffic on >>>>>> port 443 through sslstrip and that the session initiation on http port >>>>>> 80 is what sslstrip takes care of. >>>>>> >>>>>> By the way, episode 173 inspired me to include the Social Engineering >>>>>> Toolkit in my script. I wonder how that works out ;-) >>>>>> >>>>>> Nils >>>>>> >>>>>> _______________________________________________ >>>>>> Pauldotcom mailing list >>>>>> [email protected] >>>>>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >>>>>> Main Web Site: http://pauldotcom.com >>>>>> >>>>>> >>>>>> >>>>> _______________________________________________ >>>>> Pauldotcom mailing list >>>>> [email protected] >>>>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >>>>> Main Web Site: http://pauldotcom.com >>>>> >>>>> >>>> -- >>>> Computer Problems? I can Help! >>>> http://www.crossloop.com/joemcmanus >>>> >>>> _______________________________________________ >>>> Pauldotcom mailing list >>>> [email protected] >>>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >>>> Main Web Site: http://pauldotcom.com >>>> >>>> >>>> >>> _______________________________________________ >>> Pauldotcom mailing list >>> [email protected] >>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >>> Main Web Site: http://pauldotcom.com >>> >>> >> _______________________________________________ >> Pauldotcom mailing list >> [email protected] >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> Main Web Site: http://pauldotcom.com >> >> > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
