1 of 11 29/01/2019, 00:52
Using sslstrip to conduct a man-in-the-middle attack - Mastering K... https://learning.oreilly.com/library/view/mastering-kali-linux/978...
2 of 11 29/01/2019, 00:52
Using sslstrip to conduct a man-in-the-middle attack - Mastering K... https://learning.oreilly.com/library/view/mastering-kali-linux/978...
3 of 11 29/01/2019, 00:52
Using sslstrip to conduct a man-in-the-middle attack - Mastering K... https://learning.oreilly.com/library/view/mastering-kali-linux/978...
4 of 11 29/01/2019, 00:52
Using sslstrip to conduct a man-in-the-middle attack - Mastering K... https://learning.oreilly.com/library/view/mastering-kali-linux/978...
5 of 11 29/01/2019, 00:52
Using sslstrip to conduct a man-in-the-middle attack - Mastering K... https://learning.oreilly.com/library/view/mastering-kali-linux/978...
6 of 11 29/01/2019, 00:52
Using sslstrip to conduct a man-in-the-middle attack - Mastering K... https://learning.oreilly.com/library/view/mastering-kali-linux/978...
7 of 11 29/01/2019, 00:52
Using sslstrip to conduct a man-in-the-middle attack - Mastering K... https://learning.oreilly.com/library/view/mastering-kali-linux/978...
8 of 11 29/01/2019, 00:52
Using sslstrip to conduct a man-in-the-middle attack - Mastering K... https://learning.oreilly.com/library/view/mastering-kali-linux/978...
NEXT ⏭
PREV
⏮
Reconnaissance of SSL connections Denial-of-service attacks against SSL
! % 🔎
Using sslstrip to
conduct a man-in
-the-middle atta
ck
Despite the security offered by the SSL protection, there are some effec-
tive attacks against the protocol. In 2009, Moxie Marlinspike demon-
strated sslstrip, a tool that transparently hijacks the HTTP traffic
on a network and redirects the traffic to look like HTTP or HTTPS links. It
removes the SSL protection and returns the secured lock icon to the vic-
tim's browser so that the interception cannot be readily detected.
To use sslstrip, you must first configure the intercept system into
the forwarding mode using the following command:
In this example, the listening port has been set to port 5353.
Now that the configuration is complete, run sslstrip using the fol-
lowing command:
9 of 11 29/01/2019, 00:52
Using sslstrip to conduct a man-in-the-middle attack - Mastering K... https://learning.oreilly.com/library/view/mastering-kali-linux/978...
If the target system goes to access SSL-secured content, their queries are
directed through the gateway to the intercepting system.
From the user's perspective, they will be directed to the site and presented
with a There is a problem with the site's security certificate security alert,
prompting them with a decision to proceed. If they select Yes, they will be
directed to their selected page. The lock icon in the lower-right corner of
the browser will still indicate that SSL is engaged, indicating that their
communications are secure.
In the background, the sslstrip tool removes SSL, leaving raw con-
tent that can be viewed in the ettercap log, as shown in the following
screenshot:
This attack is only effective from the same Layer 2 network segment.
However, it is successful on both wired and wireless networks. Although
the ARP redirect can be applied against a network segment, such an at-
tack will impact the network bandwidth, which may be detected. There-
fore, it is most effective to direct this attack against single devices.
10 of 11 29/01/2019, 00:52
Using sslstrip to conduct a man-in-the-middle attack - Mastering K... https://learning.oreilly.com/library/view/mastering-kali-linux/978...
Recommended / Playlists / History / Topics / Tutorials / Settings / Get the App / Sign Out
© 2019 Safari. Terms of Service / Privacy Policy ⏭
PREV NEXT
⏮
Reconnaissance of SSL connections Denial-of-service attacks against SSL
11 of 11 29/01/2019, 00:52