Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/mrmugiwara/airbase-ng-sslstrip-airstrip-
While documenting some MitM attacks I was looking into setting up a fake AP with BT5 and my good old loved ALFA . There's a whole bunch of scripts out there which do the job nicely, if you are ready to modify them here and there. In order for it to work, you need to run airmon-ng to start the card in monitor mode, run airbase-ng to run it in AP mode, run a DHCP server, set up routing, configure iptables for NAT and set up ip forwarding...that's all ;) Anyway, this works great, ... but great evil minds like to add layers of evilness upon evilness ;) So: why not add sslstrip to the mix and capture all those nice SSL pages which are redirected from normal HTTP? Not that hard: just add an extra iptables line to redirect HTTP traffic to SSLStrip and "Airstrip"is born. Note that this is just something that was cooked up in about an hour, so don't expect any robustness. Also: if it doesn't work out of the box: you are on your own. It works for me, with my particular setup but if you have any experience with BT/Linux, you should be able to make it work for you as well .
https://github.com/mrmugiwara/airbase-ng-sslstrip-airstrip-
Last synced: 3 months ago
JSON representation
While documenting some MitM attacks I was looking into setting up a fake AP with BT5 and my good old loved ALFA . There's a whole bunch of scripts out there which do the job nicely, if you are ready to modify them here and there. In order for it to work, you need to run airmon-ng to start the card in monitor mode, run airbase-ng to run it in AP mode, run a DHCP server, set up routing, configure iptables for NAT and set up ip forwarding...that's all ;) Anyway, this works great, ... but great evil minds like to add layers of evilness upon evilness ;) So: why not add sslstrip to the mix and capture all those nice SSL pages which are redirected from normal HTTP? Not that hard: just add an extra iptables line to redirect HTTP traffic to SSLStrip and "Airstrip"is born. Note that this is just something that was cooked up in about an hour, so don't expect any robustness. Also: if it doesn't work out of the box: you are on your own. It works for me, with my particular setup but if you have any experience with BT/Linux, you should be able to make it work for you as well .
- Host: GitHub
- URL: https://github.com/mrmugiwara/airbase-ng-sslstrip-airstrip-
- Owner: MrMugiwara
- Created: 2014-10-29T01:11:34.000Z (about 10 years ago)
- Default Branch: master
- Last Pushed: 2014-10-30T09:37:28.000Z (about 10 years ago)
- Last Synced: 2024-04-24T14:15:36.451Z (7 months ago)
- Language: Shell
- Size: 121 KB
- Stars: 13
- Watchers: 3
- Forks: 8
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- awesome-network-stuff - **6**星 - ng to start the card in monitor mode, run airbase-ng to run it in AP … (<a id="42f9e068b6511bcbb47d6b2b273097da"></a>未分类 / <a id="3bd67ee9f322e2c85854991c85ed6da0"></a>投毒&&Poisoning)
README
AIRBASE-NG + SSLSTRIP = AIRSTRIP
=============================
While documenting some MitM attacks I was looking into setting up a fake AP with BT5 and my good old loved ALFA . There's a whole bunch of scripts out there which do the job nicely, if you are ready to modify them here and there. In order for it to work, you need to run airmon-ng to start the card in monitor mode, run airbase-ng to run it in AP mode, run a DHCP server, set up routing, configure iptables for NAT and set up ip forwarding...that's all ;) Anyway, this works great, ... but great evil minds like to add layers of evilness upon evilness ;) So: why not add sslstrip to the mix and capture all those nice SSL pages which are redirected from normal HTTP? Not that hard: just add an extra iptables line to redirect HTTP traffic to SSLStrip and "Airstrip"is born. Note that this is just something that was cooked up in about an hour, so don't expect any robustness. Also: if it doesn't work out of the box: you are on your own. It works for me, with my particular setup but if you have any experience with BT/Linux, you should be able to make it work for you as well .