Crack SSL Using SSLStrip With BackTrack5 ~ Break The security

Well this is the tutorial based article, so you must know about SSL (secure socket layer) and something about Backtrack5 because we are using backtrack5 for this tutorial, if you are using some old version like backtrack4 or if you are using some other Linux so you must be sure to install all the dependencies that being used in this tutorial.

Secure socket layer or SSL used to established a secure and encrypt connection between user and the server and we would like to break this secure connection so the sniffing will be occur successfully.

To crack SSL protection we launch man in the middle attack, so doing this we need some tools and the requirement list is

Linux (Backtrack)
Arpspoof
IP Tables
SSL Strip
Netstat

1. Linux OS 2. Arpspoof 3. IPTables 4. SSLStrip 5. NetStat

Read more at: http://vishnuvalentino.com/computer/break-ssl-protection-using-sslstrip-and-backtrack-5/
Copyright © Vishnu Valentin

Now start the game first of all, make your Linux box to start port forwarding use this command.

echo '1' > /proc/sys/net/ipv4/ip_forward

Read more at: http://vishnuvalentino.com/computer/break-ssl-protection-using-sslstrip-and-backtrack-5/
Copyright © Vishnu Valentino
echo '1' > /proc/sys/net/ipv4/ip_forward

After this your Linux box will able to forward all the packets, now you must know about your gateway IP, to know about your gateway use the command

netstat -nr

Now use ARPSpoof to perform attack

arpspoof -i eth0 192.168.8.8

Here eth0 represents the network interface card if you are using wireless link than it may be wlan0, while 192.168.8.8 is the default gateway in your case may be it different normally people are using 192.168.1.1 or 10.0.0.1

Its time to use SSL Strip, download and install SSL strip from the official website shared before, after installation we are using SSL strip, make your firewall to redirect all the traffic from port 80 to port 8080 so use the command