Hello again, guys! I am trying to use sslstrip between two of my machines, but I am coming up with something strange;
I have run SSLStrip successfully against a virtual machine of mine, but am having an issue when trying to strip my macbook. I think it is worth noting that the virtual machine was running on the same PC that was stripping it ('wired' connectioin).
The macbook I am using however, is connected via WIFI. I think that is worth noting, but I am not sure if that is a big problem. In case it was a problem, I went ahead and plugged my wifi dongle in and tried to do this attack through wifi. I was not able to complete my testing because for some reason I would get "could not ARP host: XXX.XXX.X.XX" when trying to use wlan0 as my spoofing interface.
- Should I be doing SSLStrip through wifi since my laptop is connected via wifi?
- What is the reasoning behind Arpspoof not working for me when trying to use my external WI-FI dongle?
Thanks in advance!
P.S.
I would also like to note that I tried using Safari and Chrome on the Macbook just to make sure Safari wasn't stopping me. Both browsers go straight to HTTPS.
ex. facebook.com goes right to https://www.facebook.com
4 Responses
I feel as though I am misunderstanding something. The Macbook is wireless and my Kali is wired. Do they both have to be wired or wireless? Or can one be wired and one wireless?
I am using / Wireless Dongle
These Browsers implement HTTP Strict Transport Security to prevent this attack.More info http://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security
Why did this receive a -1? LOL
Share Your Thoughts