Header AD

How To Hack Username And Password With SSLStrip On Kali Linux

How To Hack Username And Password With SSLStrip On Kali Linux

How To Hack Username And Password With SSLStrip On Kali Linux
How To Hack Username And Password With SSLStrip On Kali Linux

What us Sslstrip

Sslstrip is a Middle Attack tool. It is used to capture the username and password from secure protocol [HTTPS]. Sslstrip allows attackers to convert HTTPS traffic into HTTP.HTTPS and HTTPS are the protocols that browser uses to communicate with websites.The only difference between HTTP and HTTPS is that HTTPS is secured it uses encryption so any information sent over HTTPS can not be read if it's captured.So Sslstrip manipulates the internet traffic and converts HTTPS traffic into HTTP in this way we can steal credentials[Username and Password] and read them in plain text.

How does SSL strip work

I am assuming that attacker has already started SSL strip and arp spoof.For now, forget about arp spoof we will cover this later in the tutorial.
Step 1:
The first thing that will happen victim will open his web browser and attempts to open website via the HTTPS connection. With the help of art, spoof router will forward that request to the attacker.
Step 2:
Once router forwards the request to attacker then the attacker will cycle through Sslstrip and converts the HTTPS to HTTP. After recycling the request to Sslstrip attacker sends that request back to the router.
Step 3:
Then attacker will send that request back to the router then the attacker will send the request to the website.When website will respond and the victim is going to connect via HTTP.This is the step 1 we have forced the victim to connect via HTTP.
Now when victim logins to any website like facebook or yahoo and press login button then their username and password will be sent to the Router and arp spoof will forward that information to attacker and attacker will cycle through Sslstrip which will Log that information and again will send it to the website and website will process the login information.
Now that we have the basic understanding how SSL strip works we are ready to do it practically.
the first thing you need is to connect to the same network as the victim.And open your terminal.Make note of your network interface.If you are connected to the internet via wifi then it should be wlan0 if wired or ethernet then eth0.

Enable Ip forwarding

Now we need to enable the IP forwarding so our computer can route traffic.So type the following command in your terminal.
root@seven:~# echo 1 > /proc/sys/net/ipv4/ip_forward

Configure Iptables

Now we have to configure Iptables to redirect the traffic.For a web server default, the port number is assigned 80.for experiments 8080 is an alternative for port 80 so we will redirect traffic to 8080 port. Type or copy the following command in your terminal and hit enter.

Also Check: Beginners Ethical Hacking Course
root@seven:~# iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 8080
Redirecting traffic

Find gateway IP address

the gateway address is also known as the Router's address.We need to find the Router's address that we are connected to.So type the following command and make note of your gateway address.
root@seven:~# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface         UG    1024   0        0 eth0   U     0      0        0 eth0
Now you need to grab IP address of your victim.Go ahead and scan your network with not discover or Angry Ip Scanner
Once you have your target we are ready to move forward.

Start Arpspoof

Now we need start arp spoof to redirect the HTTP traffic to our computer.type the following command in your terminal.Make note of interface I am connected to the internet via ethernet so my interface is eth0 if you are connected via wifi then enter wlan0.
root@seven:~# arpspoof -i eth0 -t -r 
Arpspoof needs 3 arguments network interface, router's address, and victim's IP address.
-i is for the interface, -t is for target[victim's Ip Address] and -r is for your router's address.

Start Sslstrip

Open another terminal we need to start SSL strip.
root@seven:~# sslstrip -l 8080
Once you have started SSL strip now when your victim login to facebook, yahoo or any other website to login. Then we will receive username and password in the og file.Username and password will not be displayed in terminal so you need to open sslstrip.log file.

open sslstrip.log file

Username and password will be stored inside sslstrip.log file in home directory.So navigate to your home directory and check sslstrip.log file. Type the following command.

Also Check: Beginners Ethical Hacking Course
root@seven:~# cat sslstrip.log 
Username and password

Note: This Article in only for Education Purpose.

So above are the How To Hack Username And Password With SSLStrip On Kali Linux. Hope you like this article, keep on sharing with others too. Also, share your experience with us in a comment box below.

No comments