How To: Use SSLstrip On Kali Linux
https://www.ispeech.org/text.to.speech
In this tutorial, I'm going to teach you how to use sslstrip on Kali Linux. Additionally, we will simulate a target to demonstrate how sslstrip is used to capture a target's Facebook login information.
WHAT WILL YOU LEARN IN THIS TUTORIAL?
1) Nmap
You will learn how to use Nmap to scan a network and discover hosts. Nmap is the tool that we'll use to find our target.
2) ARPspoof
You will learn how to use ARPspoof to redirect a device's internet traffic to your computer. ARPspoof is the tool that we'll use to intercept the target's HTTPS requests and login information.
3) IPtables
You will learn how to enable IP forwarding and create an iptables rule to forward and filter internet traffic. These are the tools that we'll use to redirect our target's port 8080 traffic (HTTPS traffic) to port 80 (HTTP).
4) SSLstrip
You will learn how to use sslstrip to observe and manipulate internet traffic. SSLstrip is the tool that we'll use to convert our target's HTTPS requests into HTTP requests. It will also be used to capture our target's HTTP POST data (i.e. usernames and passwords).
NOTE: It is illegal to perform this attack unless you have explicit permission from the target. The information presented in this video is for educational purposes only and should not be used outside of a secure test platform.
2014-02-24 19:52:40
source
Gloss