i did sslstrip on victim and got the user name and pass..
the pass is "&digest" or "digest" and what is the remaining thing "993661f9d0476e945a00a9692ddfc76a"
and what did he do in the last para...
2015-10-07 15:36:48,322 POST Data (192.168.1.1):
param1=9C39DEB1564855AF629CED3747BE8B82¶m2=001F2199ADEFCF5546C479F375DDEC4D&id=03&sessId=84E1F217B12415CD4C0FED5F62FB7211&select2=English&uName=admin&pass=&digest=993661f9d0476e945a00a9692ddfc76a
2015-10-07 15:37:22,988 POST Data (192.168.1.1):
csrfToken=8573A59F9A0CAF1A7F00247630C31BB3&inputxml=%3CdbInfo%3E%3CdbInfoRequest%3E%3CpageId%3ElogMonitor%3C%2FpageId%3E%3CviewType%3Efilterlist%3C%2FviewType%3E%3Ccmd%3Eget%3C%2Fcmd%3E%3C%2FdbInfoRequest%3E%3C%2FdbInfo%3E
2015-10-07 15:37:23,042 POST Data (192.168.1.1):
csrfToken=8573A59F9A0CAF1A7F00247630C31BB3&inputxml=%3CdbInfo%3E%3CdbInfoRequest%3E%3CpageId%3ElogMonitor%3C%2FpageId%3E%3CviewType%3Estatuscheck%3C%2FviewType%3E%3Ccmd%3Eget%3C%2Fcmd%3E%3C%2FdbInfoRequest%3E%3C%2FdbInfo%3E
2015-10-07 15:38:08,797 POST Data (192.168.1.1):
csrfToken=8573A59F9A0CAF1A7F00247630C31BB3&cfmethod=&tableIndex=-1&webcfsFilterHTTPSSites=on&webcfsFailedTimeout=5&webcfsBlockOnFail=0&webcfsBlockBlockedSites=on&webcfsLogBlockedSites=on&webcfsCacheSize=5120&cboxwebcfsBlockOnFail=&cboxwebcfsBlockBlockedSites=&cboxwebcfsLogBlockedSites=&cboxwebcfsFilterHTTPSSites=&cboxcfsServFailoverEnable=&cboxcfsEnableWireMode=&cfsPolicyIndex=&cfspName=&cfspOptionMask=&cfspCatMask=&cfsPolicyTime=&cfspInUse=&cfspAllowedSite=&cfspForbiddenSite=&cfspKeyword=&cfspSrcAllowed=&cfspSrcForbidden=&cfspSrcKeyword=&cfspEnYouTube4School=&cfspSchoolID=&localallowedURLsdel=&localtrustedURLsdel=&localforbiddenURLsdel=&localkeyworddel=&allowedURLsadd=&forbiddenURLsadd=airproxy.gq&trustedURLsadd=&keywordadd=&cboxaupEnable=&aupActivityTimeout=0&aupURL1=&aupURL3=&aupURL4=&acceptedRedirectURL=&acceptedFilterRedirectURL=&aupURL2=&aupAddIP=&aupDelIP=&cgiaction=none
2015-10-07 15:38:55,487 Host resolution error: Failure instance: Traceback (failure with no frames): <class 'twisted.internet.error.DNSLookupError'>: DNS lookup failed: address 's-static.ak.facebook.com' not found: [Errno -3 Temporary failure in name resolution.
2015-10-07 15:39:23,711 Host resolution error: Failure instance: Traceback (failure with no frames): <class 'twisted.internet.error.DNSLookupError'>: DNS lookup failed: address 's-static.ak.facebook.com' not found: [Errno -3 Temporary failure in name resolution.
5 Responses
Can you explain more so we can help you?
i did arpspoof on the victim, and through sslstrip i got this, i want to know whether the password as you can see above is "&dijest" OR "dijest" and what does the nig no is..
and also what the last para means..
what exactly the victim did after logging into the gateway.
The password looks to be hashed by using a digest access authentication method, maybe. I would guess that's why pass is empty "pass=" and digest has the hash behind it "digest=993661f9d0476e945a00a9692ddfc76a". The & is simply indicating the next variable.
The last couple of paragraphs seem to be a dns error.
twisted.internet.error.DNSLookupError
&
DNS lookup failed: address 's-static.ak.facebook.com' not found
Seem to show a lookup error.
At least that's my guess.
Thought so too
so if i enter the hash will i login ? or convert it.....
Share Your Thoughts