Comments (6)
This is exactly the direction I wanted to go. My thought, however, was to start with something as simple as possible and then implement BREACH/CRIME/compression attacks once that's in place. The simplest thing I could think of that would still have very high effectiveness against a lay person was to implement some kind of SSL server and serve a self-signed SSL cert for every https domain they visit since we know that the majority of people just click through SSL security warnings. SSLstrip was in an older version of this program but SSLstrip absolutely murders the victim's browsing speeds to the point of uselessness.
I'm going to keep this issue open until I get the basic self-signed SSL proxy working and hopefully won't have the same speed issues at SSLstrip.
from lans.py.
Ahh, so you want the SSL proxy as a "victim" which you can test the attack against? Does it serve another purpose which I missed?
from lans.py.
Sorry if I grossly misunderstand. I'm just starting to learn chosen plain text attacks and python networking.
P.S. I love your choice to use Scapy. :)
from lans.py.
End goal is to make it so when you use the -s option or maybe -ssl option the script will use it's own self signed certificate for all https sites the victim visits so the victim will see a security warning when they visit pages like gmail.com. Since the script is using it's own SSL cert, it can decrypt the traffic the user sends to the https site.
from lans.py.
ahh, got yah. That will allow MITM without the normal traffic being disrupted.
from lans.py.
Another video on the topic, this time from blackhat: https://www.youtube.com/watch?v=e3hOJfrSD9g&list=PLiq_fDYFoqMocM7ADQCTfGAdI9CXA-kUs&index=34
from lans.py.
Related Issues (20)
- Unable to scan using wireless device HOT 1
- What is the license on this? HOT 6
- Update repo description. HOT 1
- Improve URLSpy filtering
- Call Back Failure HOT 9
- Don't assume apt-get is the package manager on the system HOT 5
- Beef Hook HOT 3
- Requirements HOT 2
- Wrong LAN subnet
- Updated to Ubuntu 15.04 having some issues HOT 3
- Airmon-ng update HOT 2
- Enabling monitor mode failed (Kali linux 2.0) HOT 1
- KALI 2.0 Error HOT 3
- [Errno 19] No such device HOT 4
- The script is crashing HOT 1
- What this error? HOT 1
- OSError: [Errno 100] Network is down
- cant' install python-nfqueue HOT 3
- "no wireless interface found"
- I have run the codes in phyton but it found 104 errors
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from lans.py.