Transparent for an "occasional" user. An "advanced" user might notice that the connection use HTTP and not HTTPS.
If the attacker use sslstrip with "-f" option, an advanced user might notice the...
Type: Posts; User: alfoc
Transparent for an "occasional" user. An "advanced" user might notice that the connection use HTTP and not HTTPS.
If the attacker use sslstrip with "-f" option, an advanced user might notice the...
I guess that your rules are incorrect. You should have "eth0" interface into FORWARD rules, not "at0". Like this:
Chain FORWARD (policy ACCEPT 6434 packets, 740K bytes)
pkts bytes target ...
I agree and no one says it! :)
I think gmail/facebook/twitter apps works only with 443 port, so sslstrip is useless for them :(
It's a big issue for a fake-AP. Nowadays all users use applications...
ok, it works, but can you try again load for example gmail account with "gmail app on android"... it works?
I've two question:
1- into dhcpd.conf you have specified an dns server. Is configured on 192.168.1.1 and the client use it?
2- is used the rule "...PREROUTING -p udp -j DNAT..." to permit dns...