Tuesday, June 28, 2011

Installing SSLStrip [Linux]

I've written most of a how-to and explanation of how to use two programs, SSLStrip and Ettercap, to sniff networks and grab passwords even if a secure connection is used (HTTPS rather than HTTP), but I have to cover a few topics before I release it.
First, I need to explain how to install SSLStrip for those people not using Backtrack 5, then I must explain ARP (Address Resolution Protocol) poisoning and spoofing, since this is an important part of using SSLStrip and Ettercap to grab passwords.

If you're using Backtrack 5, like I mentioned before SSLStrip should be installed already and located in the "/pentest/web/sslstrip" folder and can be run by typing "python sslstrip.py"
For the users not using Backtrack 5, follow the directions below:

  • First, we need to install the dependencies required for SSLStrip. These include Python and a "twisted-web" Python module. Install these by using the apt-get command we've previously learned; type "apt-get install python" (use sudo [super user do] if you're not root or su) and then "apt-get install python-twisted-web"
    Once these dependencies are installed correctly by our apt-get, we can move on.
  • Next, download the SSLStrip tar file. We've done this with Aircrack and Ettercap, so you might have a slight idea what the next steps are, and if you do, try doing it yourself first to see if you can!
    The file is located here. Save to your desktop or home or any folder you can remember and navigate to.
    Make sure you navigate to this folder before issuing the commands below!
  • Of course now we're going to extract the tar file with the command "tar -zxvf sslstrip-0.9.tar.gz" and then move into the newly created directory with "cd sslstrip-0.9"
    You should now be in that folder, check this by typing "pwd"
  • Next, type "python ./setup.py install" and it should install without any errors. Again, if you're not root or a superuser, use the "sudo" command before the above command.
Again, this install was quite easy, but hopefully you understand how to extract and install the tar and tar.gz files that are used in Linux every day!
I'll be posting an informative post tomorrow or the next day (I've been busy starting a new job) about ARP and why it's important to understand, then I will post a really fun tutorial about how to steal passwords over wifis using SSLStrip and Ettercap!


  1. Interesting. I think I might install it too.

  2. I had this a year ago, pretty simple stuff.

  3. It's odd how a few years back I would have classed myself as pretty computer literate yet now I need to learn things from scratch again.

  4. same here jrallen, interesting stuff and a very well written tutorial thanks man.

  5. Great post for those of us who aren't big linux nerds already.

  6. Goes to show you how easy it can be to get through SSL. Good post.

  7. this should help when I install Linux tomorrow!

  8. good to know, i always wondered how this works/ not that i want to try it.

  9. Thanks guys, I'll be posting an SSLStrip/Ettercap tutorial by the end of the week so you can sniff passwords over networks; it's scary how effective it is.

  10. Thank you, these tutorials are great.