Results 1 to 10 of 10

Thread: Workaround for SSLsplit Segmentation Fault

  1. #1
    Join Date
    2015-Mar
    Posts
    48

    Workaround for SSLsplit Segmentation Fault

    The segmentation fault is most likely due to both versions 1.0 and 1.1 of libssl being installed. How can I get sslstrip working again?

  2. #2
    Join Date
    2013-Jul
    Posts
    841
    The sslstrip+ is found included in the mitmf package.

    MTeams has gotten the sslstrip+ to function within our Pwnstar9.0 beta for KaliR2 under construction and have stripped out the older sslstrip and added sslstrip+ See:

    https://forums.kali.org/showthread.p...-kali-linux-R2

    We can post working command lines and in xterm windows if required.


    Musket Teams
    Last edited by mmusket33; 2017-01-02 at 07:07.

  3. #3
    Join Date
    2015-Mar
    Posts
    48
    Thanks, but I need sslsplit not sslstrip.

  4. #4
    Join Date
    2013-Jul
    Posts
    841
    To scorpius

    MTeams was unsure as you wrote sslsplit in the heading and sslstrip in the body of the thread. We are currently working with both. If we find anything for sslsplit we will advise you here.


    Musket Teams

  5. #5
    Join Date
    2013-Jul
    Posts
    841
    To scorpius

    MTeams has been unable to induce a segmentation fault. Could you give us more information. This problem is of interest to us as we would like to bring sslsplit into the Pwnstar package. Our problem has been augmenting the iptables to support the http/https split to different ports while still keeping Pwnstar 9 captive portal functioning

  6. #6
    Join Date
    2015-Mar
    Posts
    48
    In one terminal, I run the following to arp poison and redirect ports in one step.
    Code:
    bettercap -T 192.168.0.4 \
    --custom-redirection 'TCP 80 8080' \
    --custom-redirection 'TCP 443 8443' \
    --custom-redirection 'TCP 993 8443' \
    --custom-redirection 'TCP 995 8443'
    In another terminal, I run sslsplit.
    Code:
    sslsplit -j /tmp -S /tmp ssl 0.0.0.0 8443 tcp 0.0.0.0 8080
    On the target machine I start some form of ssl communication, and then sslsplit exits with a segmentation fault.

  7. #7
    Join Date
    2013-Jul
    Posts
    841
    To: scorpius

    Currently MTeams is using a i386 Hardrive install of Kali-linux R2 updated but NOT upgraded

    1. We were unable to install bettercap

    2. We could not induce a segmentation fault

    3. Your command line "sslsplit -j /tmp -S /tmp ssl 0.0.0.0 8443 tcp 0.0.0.0 8080" could not be run as it did not include -k ca.key -c ca.crt ssl

    The lack of that data was in the error code

    We did get the following to run:

    sslsplit -D -l connections.log -j /tmp -S /tmp -k ca.key -c ca.crt ssl 0.0.0.0 8443 tcp 0.0.0.0 8080


    You might refer here:

    https://blog.heckel.xyz/2013/08/04/u...l-connections/

    In closing we have gotten the sslsplit to run thru our captive portal in Pwnstar9. We currently have sslsplit sslstrip+ thru mitmf and ferret all logging data at the same time.

    MTeams
    Last edited by mmusket33; 2017-01-09 at 09:05.

  8. #8
    Join Date
    2015-Mar
    Posts
    48
    I was using -k ca.key -c ca.crt, but I simply forgot to paste it in my message. Anyway, it's not a problem of syntax or how to run the attack. I can run sslsplit successfully on kali and also on a plain debian distro. However, a recent apt upgrade in kali resulted in 1.1 of libssl being installed, and that's when the problem started. I'm using a vm and can return to a previous snapshot at any time.

    So the problem is with libssl 1.1 and sslsplit. If you are using a vm could you try apt upgrade and see if it breaks sslsplit?

    Thanks for your time.

  9. #9
    Join Date
    2013-Jul
    Posts
    841
    To scorpius

    MTeams doesnot use any vmware type programs.

    MTeams has stopped upgrading any kali-linux distribution. Very few of our upgrades were successfull and we spent way too much time trying to correct the problems that developed even when they could be identified. Now we simply update and reload the newer distro when issued.

    Reference sslsplit": We now have a moderate amount of testing time with this program. It sets off a google warning due to the use of openssl produced certificate files and a https request. Have you found a way around this? This is the same problem when using apache2 to accept https requests

    MTeams
    Last edited by mmusket33; 2017-01-12 at 01:28.

  10. #10
    Join Date
    2015-Mar
    Posts
    48
    Yes, I guess updates can sometimes cause things to break. Oh well.

    The only way to not see a warning is to install the certificate on the target.

Similar Threads

  1. Wireshark segmentation fault
    By hopes in forum TroubleShooting Archive
    Replies: 13
    Last Post: 2017-05-05, 23:20
  2. Segmentation fault in pyrit
    By shahbaz in forum General Archive
    Replies: 3
    Last Post: 2014-07-04, 20:23
  3. SSL Sniff Segmentation Fault
    By expphoto in forum General Archive
    Replies: 2
    Last Post: 2013-05-15, 18:28

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •