SSLStrip

This method about finding the password by looking at the sslstrip.log file is VERY TEDIOUS because:

1.- The data stored in the file is in the order of 350 MB or higher.

2.- When you look for passwords in this file using words like passwd= or email= or login=

you get a lot of useless material and it makes it IMPOSSIBLE to look for the passwords.

Anyone knows a better way of doing this?

For users: navigate to the proper URL. = The one containing the "S".

I have a tendency to forward local ports through ssh tunnels.

You don't learn anything from scriptkiddies telling you "Type this: .... then next type this:.... BINGO you've hacked, KTHXBAI!"

I don't know for sure, but the thing with SSLStrip is that you place you mashine "in between":

Victim ----> you ----> hotspot ----> internet

So I believe that everything send to and from the victim CAN be read. Google SSLStrip and click on the first hit to view a 1½ hour long presentation of the software.

nice job John! im one of your current stud right now in SANS 504 Training :-)

this video is redundant. These 8:40 min could be summarized in a few sentences, like the author of the software has done on his web site.

Could you do a video using the same attack,

against a user who is tunneling his traffic through

SSL ??

Okay, so you used a man in the middle attack and intercepted the users traffic thereby

'stripping' the SSL ;

but would SSL strip work if the user was tunneling his traffic through SSL as opposed to

having his traffic wide open like this and just signing in to an encrypted webpage ?

I think I know the answer to this is no, it would not work -- or correct me if I'm wrong.

Are there any exploits out there for users who

tunnel their traffic through SSL and SSH ??