- This topic has 13 replies, 2 voices, and was last updated 3 years, 9 months ago by
.
- Posts
Hi teacher and hi Diego,
I’ve asked you in udemy but you replied as this :
Hi bro!
As mentioned in other question thread please ask the question in the proper course and section, if you bought a course in ZSecurity website then ask the question there, I will answer you.
There you can asnwer:
Does the script works against http sites?
Which website are you using for testing?
Can you share the content of yout custom script?
Thanks!
Diego1: Script works against http.
2: google.com, download sample txt or pdf, everything comes in https. then I also tried rarlab and winzip, they appear in https.
3. the script I used of trojanfactory: https://github.com/z00z/TrojanFactory/blob/master/mitmproxy_script.pyWhat do you recommend me to run ? everything works only downgrading https to http not working, why ? I always run these attacks against real machines and they perfectly work, I could downgrade https to http with ettercap and bettercap, but not with sslstrip.py, everything is ok, I don’t know why that’s not working.
I also can inject javascript into https there is no problem, the only problem is when https to http for downloads on the fly.
Hi bro!
Google.com will not be downgraded as it uses hsts but winzip.com should work fine. Did you clear the entire browser’s cache in victim machine? Where did you get the sslstrip.py from? Can you share the lnk?
Thanks!
DiegoYes of course, this is the link that I got from network hacking conntinued that Zaid shared with us.
https://github.com/mitmproxy/mitmproxy/tree/v2.0.2/examples/complexI’ve cleared all the browsing data from the victim, but nothing happened.
Google.com uses hsts, but winzip and zsecurity not.
Hi!
You are using an old version, can you try it with the latest one?
https://github.com/mitmproxy/mitmproxy/blob/v6.0.2/examples/contrib/sslstrip.pyLet me know how it goes!
DiegoNo Diego, still doesn’t work.
ettercap -Tq -M arp:remote -i wlan0 -S /192.168.1.103// /192.168.1.1//
mitmproxy/ iptables -t nat -A PREROUTING -p tcp –destination-port 80 -j REDIRECT –to-port 8080
./mitmdump -s sslstrip.py -s /opt/TrojanFactory/mitmproxy_script.pyNot working.
I have ccleared browsing data, it works on http but not on https.
Also when I try to go to google.com and search for anything, it says invalid http request not working.I see that I forgot to type –mode transparent. THAT WORKS NOW.
But when i type zsecurity.org that goes to http good, and some other sites, but mozilla.org, and I type sample txt I see this
https://filesamples.com/formats/txt
this is https and doesn’t get downgraded to http, I try all https when needed to downloads something but doesn’t get http.
i don’t type manually https but I go to google .com and type sample txt sample pdf, they get downloads over https.
I also try bing.com they get downloaded over https again.Hi!
It won’t work against google or bing, both uses hsts and they will redirect you to https sites. So clear browser’s cache and go directly to filesamples.com/formats/txt, don’t search for it or don’t prepend https://, it should work.
Let me know how it goes!
DiegoIt works now when I type ilesamples.com/formats/txt, but when I send a email to the target and they click on it so it will be https
Hi!
Have you tried it? Maybe in such case you can include http:// in the link, so it redirects the victim to http protocol first.Let me know.
DiegoHi!
First of all you need to try it, so send the link by mail and click on it to see what happens.
Let me know.
Diego
- You must be logged in to reply to this topic.
