maemo.org - Talk
Page 2 of 2 1 2
Show 40 post(s) from this thread on one page

maemo.org - Talk (https://talk.maemo.org/index.php)
-   General (https://talk.maemo.org/forumdisplay.php?f=7)
-   -   help accomplish a mitm attack on my network (https://talk.maemo.org/showthread.php?t=88751)

szopin 2013-01-24 21:15
Re: help accomplish a mitm attack on my network
 
Strange... for me on freshly flashed N900 it is just: install KP, cleven (to get the driver), YAMAS, switch driver, log into network and start yamas. Worked every time. Also with https (but not if some cookies involved, only when user actually logs in typing in login/pass). Latest versions even load YT videos, previously only images would work but no videos (the video has to load fully though, so best results on short ones)

disappear 2013-02-06 19:33
Re: help accomplish a mitm attack on my network
 
Quote:
orginally posted by mr_pingu
I don't have the time to write a detailed guide now, but generally ettercap is only used to arp poison the network you are targetting. From there you use sslstrip to sniff secured connection.

It should work with both -e option and normal, as ettercap is only used to ARP poison and rest is done by sslstrip. Anyway somehow it's impossible to sniff maemo.org passwords and login (easily).
Xmm,with what version of mozilla or crome do this,because until now i cannot get data from my accounts of twiiter and gmail(before maybe one year that It would not be a problem).Except internet explorer,that browser it is very easy to get any info from almost any server.The primary role of sslstrip to keep request on protocol to http,independently that firefox try to transferred you to https,the magic trick when you try to login to gmail,the mozilla answer shoud be "you will transfer to http://www.gmail.com/" or somthing like this,not "you try to visit untrusted page bla.bla" I notice when remove firefox and install again,first time when start shiffing my gmail and twitter accounts,without problems sslstrip transfer me from https to http without any warning,but sesond try is fail.About ettercap and sslstrip on n900,first you can configure etter.conf for accept trafic from iptables,but if do this is not sure than you can shiffing gmail,he is most protected mail server,than others,but when try attack on our n900 with my laptop every try is successful(maybe that hapen because microb it is not newer version,about android version i have no observations),the problem is back connection(n900-laptop).By the way i try with almost options of sslstrip,but result=0,mr_pingu if you realy manage to get data from gmail every time,only thing which i can say well done man

edit:I found very intresting comment about gmail and twitter;
Quote:
"Both use HSTS headers now, so if you're using a browser that supports them (like Chrome,or firefox),there's no opportunity for sslstrip to do anything. That output is from Twisted,and it doesn't indicate any actual problem."
and second:
Quote:
"HSTS fixes this problem by informing the browser that connections to the site should always use SSL. Of course, the HSTS header can be stripped by the attacker if this is the user's first visit.Chrome attempts to limit this problem by including a hard-coded list of HSTS sites.Unfortunately this solution cannot scale to include all websites on the internet; a more workable solution can be achieved by including HSTS data inside DNS records, and accessing them securely via DNSSEC."
and finally https://www.owasp.org/index.php/HTTP...sport_Security


All times are GMT. The time now is 11:59.
Page 2 of 2 1 2
Show 40 post(s) from this thread on one page

vBulletin® Version 3.8.8