Tuesday, June 28, 2011

[OLD] Installing SSLStrip [Linux]

I've written most of a how-to and explanation of how to use two programs, SSLStrip and Ettercap, to sniff networks and grab passwords even if a secure connection is used (HTTPS rather than HTTP), but I have to cover a few topics before I release it.
First, I need to explain how to install SSLStrip for those people not using Backtrack 5, then I must explain ARP (Address Resolution Protocol) poisoning and spoofing, since this is an important part of using SSLStrip and Ettercap to grab passwords.

If you're using Backtrack 5, like I mentioned before SSLStrip should be installed already and located in the "/pentest/web/sslstrip" folder and can be run by typing "python sslstrip.py"
For the users not using Backtrack 5, follow the directions below:


  • First, we need to install the dependencies required for SSLStrip. These include Python and a "twisted-web" Python module. Install these by using the apt-get command we've previously learned; type "apt-get install python" (use sudo [super user do] if you're not root or su) and then "apt-get install python-twisted-web"
    Once these dependencies are installed correctly by our apt-get, we can move on.
  • Next, download the SSLStrip tar file. We've done this with Aircrack and Ettercap, so you might have a slight idea what the next steps are, and if you do, try doing it yourself first to see if you can!
    The file is located here. Save to your desktop or home or any folder you can remember and navigate to.
    Make sure you navigate to this folder before issuing the commands below!
  • Of course now we're going to extract the tar file with the command "tar -zxvf sslstrip-0.9.tar.gz" and then move into the newly created directory with "cd sslstrip-0.9"
    You should now be in that folder, check this by typing "pwd"
  • Next, type "python ./setup.py install" and it should install without any errors. Again, if you're not root or a superuser, use the "sudo" command before the above command.
Again, this install was quite easy, but hopefully you understand how to extract and install the tar and tar.gz files that are used in Linux every day!
I'll be posting an informative post tomorrow or the next day (I've been busy starting a new job) about ARP and why it's important to understand, then I will post a really fun tutorial about how to steal passwords over wifis using SSLStrip and Ettercap!