WiFi Attack Pineapple SSL: Easy to get JD password

Although tcpdump can dump the data that passes through, but it is not possible to see the contents of encrypted data, HTTPS is a typical example. So how to decrypt the HTTPS packet to read it. This time for you to explain the SSLstrip intercept https example.

(Note: Only for offensive drills and safety precautions, prohibited for illegal purposes)

1. Before using, let's look at the help options to determine what parameters are available. Enter "Sslstrip-h" directly inside the terminal to see the specific options.

According to the help instructions we only need to use the "-l" option and the "-w" option, if you want to be lazy some can directly use the "-l" option, "-W" line selection if not fill the default will generate a Sslstrip.log file in the current directory.

2, know the use of SSLstrip after the next can start our HTTPS middleman cheat, at the beginning of some need to pay attention to the operation, many people say that the use of SSLstrip to intercept HTTPS packet is unsuccessful, in fact, many times is not turned on the packet forwarding this function, This step is often one of the easiest steps for beginners to overlook.

3, after the packet forwarding is turned on, it is necessary to forward the packet of 80 port to other ports iptables.

The above command is 80 port of data forwarding one to 8888 port, then we use SSLstrip to listen to 8888 port.

4, using SSLstrip monitoring 8888 port, you can add the "-w" option to specify the file name to save the log.

After entering the command will prompt SSLstrip is running, because after adding a "&" This thing tells the system need to run this command in the background, so the prompt to hit a return can continue.

5, and then with Ettercap use

6. Next, use your phone to log in to the page containing HTTPS to test if you can intercept the traffic in HTTPS.

6, click Log in to the terminal to see if the password is recorded.

You can see that the password has been crawled.