For those of you who do not know SSL stripping. It is a technology that is used to downgrade https in the HTTP. Http, in contrast, uses SSL (Secure Socket Layer) to transfer data. We will remove the AS so that we can compromise and prevent data. Which is called a man in Middle Attack (MITM).
SSHStrip MITM Attack
For this tutorial, we will need Kali Linux with a chipset which supports Monitor mode. Exclusive condition if you are on a wired connection
If these mods are not supported, the WiFi adapter will do better.
Now let’s get started.
Boot into Kali and open the terminal. We will change the home directory and install our script, easy-credits. Type the following commands.
$ cd ~
$ git clone https://github.com/brav0hax/easy-creds.git
Now we can navigate to the easy-credit folder and we can change the executable permission and run the installer. Type the following commands.
The script will ask what OS we are on.
Please choose your OS to install easy-creds
1. Debian/Ubuntu and derivatives
2. Red Hat or Fedora
3. Microsoft Windows
Select Debian / Ubuntu and press Enter. It will ask for the path you want to easy-install. Just use/select.
Easy-Credits will now start installing all the dependencies.
If there is an error, unable to install libs. Do not worry, this is typical. You’re good to go until one of them is properly installed.
Now we will run our script. Type in easy-credits and hit enter. Now you need a menu.
1. Prerequisites & Configurations
2. Poisoning Attacks
3. FakeAP Attacks
4. Data Review
q. Quit current poisoning session
Select FakeAP Attacks. After that choose FakeAP Attack Static.
Now you click no for a sidejacking attack.
The interface connected to the internet (ex. eth0):
Since I’m using WiFi I will enter my interface as wlan0. This may vary for you.
You will be greeted with this.
PHY Interface Driver Chipset
phy0 wlan0 iwlwifi Intel Corporation Dual Band Wireless-AC 3168NGW [Stone Peak] (rev 10)
Wireless interface name (ex. wlan0):
Now we will enter our interface name. Again, mine is wlan0.
ESSID you would like your rogue AP to be called, example FreeWiFi:
This is asking what you want to name your fake hot spot. The name should be convincing so that people actually join.
Now we will be broadcasting on channel 11. So type that in and hit enter.
Your interface has now been placed in Monitor Mode
phy0 wlan0mon iwlwifi Intel Corporation Dual Band Wireless
Your interface should now be in monitor or promiscuous mode. You will now enter the name of your new interface. Mine is wlan0mon.
The next step is up to you. There is no need to change the MAC address for me so I’m going to select no.
Now we are going to choose a tunnel interface name. We are just going to choose at0. Type at0 and press enter.
We do not have a dhcpd.conf file to use. Press no and enter.
Network range for your tunneled interface, example 10.0.0.0/24:
If you haven’t noticed by now we have used a lot of the default settings. The same applies here, 10.0.0.0/24 and then press enter.
Enter the IP address for the DNS server, example 126.96.36.199:
Once again, we will be using 188.8.131.52, after you press enter 5 windows should pop up. From here you should be able to see who joins your fake hot spot, what they are searching, and the passwords they enter. All in plain text.