Permalink
Browse files

added testmitm.sh script

  • Loading branch information...
1 parent 3c6ddda commit 4fbbf2de1c65e059bc9294b9871869976ac7de2f @koto committed Jun 2, 2012
Showing with 39 additions and 0 deletions.
  1. +17 −0 app_cache_poison/README
  2. +22 −0 testmitm.sh
@@ -19,6 +19,23 @@ Exemplary response tampering with HTML AppCachePoison:
As a bonus, once google analytics HTTP version will be requested, the spoofed content of it will be cached for 10 years.
+
+EASY LOCAL TESTING MITM (for Ubuntu systems):
+
+# create sslstrip admin user
+
+# forward local traffic
+$ sudo ./testmitm.sh start `id -u sslstrip`
+
+# run sslstrip to hijack traffic
+$ chown -R sslstrip /path/to/sslstrip/
+$ su sslstrip
+$ python sslstrip.py -t app_cache_poison/config.ini -p
+
+# stop
+$ sudo ./testmitm.sh stop
+
+
More info:
http://blog.kotowicz.net/2010/12/squid-imposter-phishing-websites.html
View
@@ -0,0 +1,22 @@
+#!/bin/sh
+# by Krzysztof Kotowicz <kkotowicz at gmail dot com>
+if [ "$1" = "start" ]; then
+ echo "Accepting port 80 packets from user UID $2"
+ iptables -t nat -A OUTPUT -p tcp -m owner --uid-owner $2 -j ACCEPT
+ echo "Forwarding other port 80 packets to port 10000"
+ iptables -t nat -A OUTPUT -p tcp --dport 80 -j REDIRECT --to-port 10000
+
+elif [ "$1" = "stop" ]; then
+ echo "Flushing MITM rules"
+ iptables -t nat -F
+ iptables -t nat -X
+else
+ echo "Usage: "
+ echo ""
+ echo "$0 start <uid>"
+ echo " MITM all port 80 connections in sslstrip run by user <uid>"
+ echo ""
+ echo "$0 stop"
+ echo " Stop MITM"
+ echo ""
+fi

0 comments on commit 4fbbf2d

Please sign in to comment.