Author Topic: witch program for intercept https traffic  (Read 11677 times)

cybercontrol

  • Newbie
  • *
  • Posts: 32
    • View Profile
on: March 28, 2013, 11:33:10 PM
Good evening, what software you can 'be used to decrypt https traffic ?
I can ask for courtesy on windows What software  I can use ?
 

I have downloaded this file( Link Download down on the page )  http://www.komodia.com/sniffer  is a DDL
Is virus ? what is it ?  Thank you so mutch



tunnelshade

  • Newbie
  • *
  • Posts: 5
    • View Profile
    • H@CK UR L!FE
Reply #1 on: March 29, 2013, 02:46:20 PM
You can use sslstrip to sniff https traffic, actually it catches for conversion of http to https. You have to do a man in the middle attack

Avoid the Gates of Hell. Use Linux. :P


weVeg

  • Hero Member
  • *****
  • Posts: 737
    • View Profile
Reply #2 on: March 29, 2013, 11:14:33 PM
sslstrip, also ettercap if your target accept the fake certificate, or if you are into a scenario that allow you to set up a transparent proxy mallory is a good choise!

una voce libera รจ sempre liberatrice
under_r00t


cybercontrol

  • Newbie
  • *
  • Posts: 32
    • View Profile
Reply #3 on: March 30, 2013, 07:27:43 PM

Thanks both   V




ltdan

  • Guest
Reply #4 on: April 27, 2013, 12:43:12 PM
When i tested out ssltrip with easy-creds on BB3 i am able to grab creds from all my accounts, PayPal, Gmail, etc. when going to the sites from my Android.  However, when testing from my lappy, Google Chrome, can't do it.  Let me know if you have any ideas, been googling... 

lt



ltdan

  • Guest
Reply #5 on: May 15, 2013, 11:36:31 PM
Maybe it is because of my dd-wrt router etc but i have totally failed at anything MITM lately, plus, i hammer my network with any settings for arp poison, i've tried and tried.  I've also loaded up other pen test distros, even reaver pro custom, same deal, tried every script i could find, before i got the dd-wrt i could grab any creds with easy-creds or do it all from cli, so, i'm screwed on my network for now, which, i guess is a good thing, but, gonna lay off of it, focus on wireshark and sniffing.  See what i can break there.  Sorry about my "moment" on the channel everyone, sometimes, i freak myself out, a total ass.  Try to be good.  I love BB.  I gotta lay off the "self sabotage" crap i guess.  So, thanx for being more grown up and adult than i act at times.  Sincerely, rod