Thursday, 13 January 2011

HIJACKING SSL

Lovers Of Hackersbay.in, How you all Doing Today…Hope you all Doing Good,Today I am Gonna Show You How To Crack SSL Certification Sites, Where U all PAY Bucks To Buy Stuffs..Lemme Take Yoy Through…

Before We Get Into..!! Let Us Know What Is SSL STRIP:
The SSL Strip Works By Watching All the Http Traffic, When a User Try to create Https Connection, SSL Strip replace the http By Https..And Persuade The User He was Connected To a HTTPS Connection..! You May B Posted Some Warnings Ba ur Browser..Like “Page appears to be invalid “ Or “Link was Broken” or “404 Timed Out” Or “Server Not Responding”  Don Mind Keep your Movin ON.

What The Author Of The TOOL Says:
The author of the tool Moxie Marlinspike says:”” This tool provides a demonstration of the HTTPS stripping attacks that were presented at Black Hat DC 2009. It will transparently hijack HTTP traffic on a network, watch for HTTPS links and redirects, and then map those links into either look-alike HTTP links or homograph-similar HTTPS links. It also supports modes for supplying a favicon which looks like a lock icon, selective logging, and session denial.””

A https Padlock Will Be Spoofed On the URL Bar, and make The User Believe He/She isWith Secured Website..LOL..!! And a SSL Connection Has Been Created Which Aint Be Pierced..!!

FLAW IN SSL AS PRACTISE:
Researcher Have Used 3 Techniques To Bring This Operation Success..! FAKE LEAF NODE CERTIFICATION . NULL CHARACTER ATTACK , MAN-IN-THE-MIDDLE ATTACK…We aint Gonna Discuss About this ..Coz a Person Who Buys a Car Don Need To Kno The Cars Tech Like TURBINE POWER, FUEL INJECTION TECHNIQUES, Enigines CC..Etcetra..!! If He Knows To Drive that’s Hell a Lot Enuf..Like Guys if u Can abl 2 Understand n Deploy..More Than Enuf.. !!
Here Is a Concept, For SSL Connection X509 Certificate is used To Authenticante a Person to Logging in His SECURED SERVER(Lmao).. !! for example -If u are Logged into www.paypal.com.




They don fuckin care whether ur Requesting Into anything.paypal.com OR something.paypal.com..!! Wateva the page in Noob Lang.. X509 Certificates are formatted thro ASN1 Notation..! PASCAL Lang used By ASN1.. Pascal Will Consider the NULL as Character..! this is the Flaw.

So Signing a Request Like www.paypal.com \ 0.paypal.com Will be treated valid by authentication Servers. Coz the prefix can be ignored by servers..!!

If u guys any Doubt in Rejecting “0” Shoot ur Comments I have a real time Example that will Help u Understand Better..! the Blueanarchy.org can create a Fake Cert and use as Paypal.com and Use it..!

PERFORMING THE HIJACK ON WINDOWS:
Using the SSL Strip On Windows iz Similar 2 Using In LINUX..!! But LINUX Has Inbuilt FIREWALL , PORT FORWARDING mean If there is a Traffic On a Port While The Data is Travelling it has been Redirect 2 Another Port..! BUT Ma Man BILL GATES Forgot to Consider Tis Shits While Constructin His OS`s.
So We Make it as Manual .!!
Turn ur Machine Into IP FORWARDING MODE.
Riderct ur HTTP traffic To SSL Strip.
Now Run Ur SSL Strip.
Perform Arp Spoof to Decieve Ur network that all Traffic Has Been Pass Away Ba You.

PREREQUSITE:
Install Python , And SSLStrip is a Python based tool. You need two machines running Windows on same LAN- one for attacker, another for victim



  • Step 1:
  • Enable IP forwarding on Attacker’s Machine
  • Get the hacker machine into acting as a router as it
  • needs to forward all the traffic coming to it to outside
  • internet.
  • • Start Registry Editor (Regedit.exe).
  • • In Registry Editor, locate the following registry key:
  • • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
  • Services\Tcpip\Parameters
  • • Set the following registry value:
  • • Value Name: IPEnableRouter
  • • Value type: REG_DWORD
  • • Value Data: 1
  • • A value of 1 enables TCP/IP forwarding for all
  • network connections that are installed and used by
  • this computer.
  • • Quit Registry Editor. Restart the PC.


Step 2:
Set a firewall rule that forwards HTTP trafc from the victim to hacker’s machine for modification:
It tells all HTTP traffic from victim, coming on port 80 of hacker’s machine to redirect it on port 10000 on the same hacker’s machine. Port 10000 is used by SSLStrip tool by default..if u don find any utility to set a new firewall rule Visit Kenneth Xu (http://
kennethxu.blogspot.com) and fetch it..! Java based TCP/IP port forwarding utility – (Download here http://code.google.com/p/portforward/downloads/list)

C:\>java -classpath commons-logging.jar;portforward.jar org.enterprisepower.net.portforward. Forwarder 80 localhost:10000
This command forwards all HTTP traffic received on port 80 of Hacker’s machine to port 10000 of the same machine. SSLStrip runs on port 10000 by default

GOT INTERSTING..!! If u are a Die Hard Hacker U Must Be, I kno To Be a Hacker, It Takes Years , And Matters Full Of Brain n Passion in Wat He Do.! Lemme Come to Topic..
Step 3:
ARP spoof the target traffic to redirect to hacker’s machine Suppose the Victim machine’s IP is 192.168.1.10 and IP of the gateway is 192.168.1.1. It will poison the victim machine (192.168.1.10) MAC table and instead of sending the traffic to Gateway (192.168.1.1) it will send to the hacker’s machine falsely assuming it as the real gateway.Run the following command on attacker’s machine
arpspoof –t 192.168.1.10 192.168.1.1
It Will Update The Update The ARP Table Of Victim Machine.
Step 4:
Run SSLStrip on hacker’s machine:
Run the following command on Hacker’s machineè
python sslstrip.py -f lock.ico
You can see the log fle in the SSLStrip installation folder for logged credentials.The SSLStrip will log all the traffic coming from Victim’s machine and strips the all the SSL link (https://) to http:// between the Victim and Hacker. Thus the traffic between the Victim to Hacker is transparent and in clear








View page source can also reveal that links are stripped of SSL:
..
Gmail on http: see Figure 7




****IMP Look Up The URL BAR Guys…!! Fuck The SECURITY..! FUCK THE WORLD..!!
An example of Log file of SSLStrip, Passwords logged: see Figure 8.





Guys There We Are…!! Have Spent Some time Get to Know About SSL Stripps Where are Other Guys Was Spendin Time Thinkin About Wen Their GIRL FRIEND STRIPS OFF HER CLOTHES For them..! He he he.. Jus For Kiddin..LOL…!!
GOSH ..!! My Back Hurts !!
Materials Refered, I just gave d cream ,And For Ur Future Reference As Well..If u wanna Kno In Depth Info Fetch the Research Papers Wat I fuckin Gone Thro To Put in ma Own Sentence..! Here They Are…=è

SSLStrip tool:
http://www.thoughtcrime.org/software/sslstrip/
http://www.thoughtcrime.org/papers/null-prefix-attacks.pdf
http://www.blackhat.com/presentations/bh-dc-09/Marlinspike/BlackHat-DC-09-Marlinspike-Defeating-SSL.pdf


This Contents Are Strictly Belongs To The Property Of (hackersbay.in)-> HACKERS & Also d techie Who Helped To Bring this Paper To Our Readers Nilesh Kumar, A Nerd From HONEYWELL TECHNOLOGY, Bengaluru….!

2 comments:

  1. @hackfreak--
    Dude, why you always cry in starting description of your every tutorial/whitepapers ? :O :O
    can't your language go little easy and simple :(

    ReplyDelete