Results 1 to 3 of 3

Thread: Mitm Attacks +sslstrip fixed by updates?

  1. #1
    Join Date

    Question Mitm Attacks +sslstrip fixed by updates?

    Hi there,
    i'm trying to reproduce a mitm sslstrip attack in my Network but it seems a fullpatched, firewalled Win7 machine refuses the connection, causing the sslstrip script to produce several traceback Errors and shutting down.
    I use the new x64 kali 1.0.6 and tryed it within virtual machines and stand alone boxes.

    Kali config:

    Ipv4 forward enabled
    iptables redirected to port 10000
    ettercap arp:remote connection between target & router
    sslstrip listening on port 10000

    Also tryed a dns spoofing which resluted in a redirection within chrome and the win7 machine to a
    google generated notification site, that the connection seems to be compromised, even redirecting
    to non ssl sites.

    Did anyone try mitm attacks recently or can confirm errors?

  2. #2
    Join Date
    I can't confirm this for a Win7 machine, but I can confirm a similar issue running Kali in VMware Fusion and the target 'victim' is a Macbook running iOS 10.8.5 (browsers - Google CHROME and Safari)

    I've also tried arpspoof along with ettercap arp-poisoning to facilitate the MITM attack, but no luck. Just a few days ago, it was working fine for me (on non-SSL sites) but now I cannot load ANY sites from the victim machine i'm using.

    I've noticed that Kali is running an older version of iptables (1.4.14) and there is a new version of iptables avaliable over at NetFilter. Maybe updating iptables will possibly remedy this.?

    Pertinent info:
    Kali Linux 1.0.6 installed on VMWare Fusion 6 // Host Macbook Pro 2012 - Intel i7 core 2.9 GHz
    USB wireless adapter: Alfa AWUS036H - chipset Realtek RTL8187L
    iptables v1.4.14
    ettercap v0.8.0

  3. #3
    Join Date
    Similar boat.

    Running 10.9.2 VMfusion with Kali 1.0.6 on MBP MD104LL/A maxed out on hardware. Local netbook running Kali successfully MiTM's target, but the VM just causes the target W7 machine to stall loading the browser & times out. Tried the echo "1" vs echo 1, and -k. Dropped the firewall on the the Mac, enabled ICS and created bridged eth0 in the VM. Have had success with an iPhone as a target, but running sslstrip outward from the VM to the target just stalls the target connection. Would greatly appreciate any advice, or if anyone has experienced the same of late.

Similar Threads

  1. Installing MIMTf - SSLslip+ for advanced MITM Attacks
    By mmusket33 in forum How-To Archive
    Replies: 10
    Last Post: 2016-02-12, 06:33
  2. Replies: 0
    Last Post: 2014-01-30, 09:01

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts