Friday, December 10, 2010

SSLstrip - Google SSLstrip Demo

The first, i recommnet: "I can`t hack SSL". Note, SSL is protocol used to exchange security data, base on PKI. In this example, attacker use sslstrip, is the man in the middle, attacker is proxy, will replace all https link by http. You can see more at: http://securitytube.net/Defeating-SSL-using-SSLStrip-%28Marlinspike-Blackhat%29-video.aspx
or: https://www.blackhat.com/html/bh-dc-09/bh-dc-09-speakers.html#Marlinspike
Nothing is security :)).
So, if you type https, instead of click to link, you can prevent is. But follow me, note to certificate, if untrust, not connect. It is mistakes.
Demo use SSLstrip, ettercap
Link: http://www.mediafire.com/?j6laxbcceructc0




------------------------------------------------------------
Thanks for reading
--------------------------------------------------------------------------
All my Lab:
Linux Lab -- window and Cisco Lab
to be continued - I will update more.

No comments:

Install Xposed Inspector and Frida on Genymotion

Today i had some work with android. So i need trace application. I found 2 nice tool can help me: Xposed Inspector and Frida. To setup ther...