Convert Figma logo to code with AI

moxie0 logosslstrip

A tool for exploiting Moxie Marlinspike's SSL "stripping" attack.

1,908
427
1,908
27
View on GitHub

Top Related Projects

byt3bl33d3r's avatar

MITMf

3,554

Framework for Man-In-The-Middle attacks

kgretzky's avatar

evilginx2

10,590

Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication

trustedsec's avatar

social-engineer-toolkit

10,692

The Social-Engineer Toolkit (SET) repository from TrustedSec - All new versions of SET will be deployed here.

bettercap's avatar

bettercap

16,239

The Swiss Army knife for 802.11, BLE, HID, CAN-bus, IPv4 and IPv6 networks reconnaissance and MITM attacks.

rapid7's avatar

metasploit-framework

33,737

Metasploit Framework

Quick Overview

SSLstrip is a network security tool designed to perform man-in-the-middle attacks against HTTPS connections. It downgrades HTTPS connections to HTTP, allowing an attacker to intercept and manipulate secure traffic. SSLstrip was created by Moxie Marlinspike to demonstrate the vulnerabilities in SSL/TLS implementations.

Pros

  • Effectively demonstrates the importance of proper HTTPS implementation
  • Useful for security researchers and penetration testers
  • Raises awareness about potential vulnerabilities in network security
  • Can be used to test and improve security measures

Cons

  • Can be misused for malicious purposes
  • May be detected by modern security measures and browser implementations
  • Requires a privileged network position to be effective
  • Not effective against properly implemented HSTS (HTTP Strict Transport Security)

Getting Started

To get started with SSLstrip:

  1. Clone the repository:

    git clone https://github.com/moxie0/sslstrip.git

  2. Install dependencies:

    pip install twisted pyopenssl service_identity

  3. Run SSLstrip:

    python sslstrip.py -l 10000 -w output.log

  4. Set up IP forwarding and iptables rules to redirect traffic through SSLstrip.

Note: Use this tool responsibly and only on networks and systems you have permission to test.

Competitor Comparisons

byt3bl33d3r logo

MITMf

3,554

Framework for Man-In-The-Middle attacks

Pros of MITMf

  • More comprehensive and feature-rich, offering additional attack vectors
  • Actively maintained with regular updates and bug fixes
  • Supports plugins for extended functionality

Cons of MITMf

  • More complex to set up and use compared to the simpler SSLstrip
  • Requires more system resources due to its expanded feature set
  • May have a steeper learning curve for beginners

Code Comparison

SSLstrip (Python 2):

def process(self, request, client):
    logging.debug("Stripping ssl from %s %s" % (request.getHeader('host'), request.uri))
    url = self.stripSSL(request.getAllHeaders(), request.uri)
    return self.proxyViaHTTP(request, url)

MITMf (Python 2):

def process(self, request, client):
    self.creds.append(request.uri)
    client.setHeader("Connection", "close")
    url = self.stripSSL(request)
    return self.proxyViaHTTP(request, url)

Both projects aim to perform SSL stripping attacks, but MITMf offers a more comprehensive suite of tools for various man-in-the-middle scenarios. SSLstrip focuses specifically on SSL stripping, making it simpler and more lightweight. MITMf builds upon SSLstrip's concept, adding more features and attack vectors, but at the cost of increased complexity and resource usage.

kgretzky logo

evilginx2

10,590

Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication

Pros of evilginx2

  • More advanced phishing capabilities, including full session hijacking
  • Supports multiple target websites and customizable phishing scenarios
  • Actively maintained and updated with new features

Cons of evilginx2

  • More complex setup and configuration process
  • Requires more resources to run effectively
  • May be detected by some advanced security systems

Code Comparison

sslstrip:

def handleSecureRedirect(self, client, host, port):
    connectedPort = self.getConnectedPort(client)
    if connectedPort != self.listenPort:
        return self.handleSecureRedirectSSL(client, host, port)

evilginx2:

func (p *HttpProxy) handleHttps(w http.ResponseWriter, r *http.Request) {
    if r.Method != "CONNECT" {
        p.handleHttp(w, r)
        return
    }
    hij, ok := w.(http.Hijacker)
    if !ok {
        log.Printf("httpserver does not support hijacking")
        return
    }

Both tools aim to intercept and manipulate HTTPS traffic, but evilginx2 offers more sophisticated phishing capabilities and broader target support. However, it comes with increased complexity and resource requirements. sslstrip is simpler but less feature-rich, focusing primarily on downgrading HTTPS connections to HTTP.

trustedsec logo

social-engineer-toolkit

10,692

The Social-Engineer Toolkit (SET) repository from TrustedSec - All new versions of SET will be deployed here.

Pros of Social-Engineer-Toolkit

  • Comprehensive suite of social engineering tools, not limited to HTTPS stripping
  • Regularly updated with new features and security patches
  • Includes a user-friendly command-line interface for easier operation

Cons of Social-Engineer-Toolkit

  • Larger codebase and more complex setup compared to SSLstrip
  • May include unnecessary tools for users only interested in HTTPS stripping
  • Requires more system resources due to its extensive feature set

Code Comparison

SSLstrip (Python):

def process(self, request, client):
    headers = request.getAllHeaders().copy()
    url = headers['host'] + request.uri
    self.stripSSL(url, request, client)

Social-Engineer-Toolkit (Python):

def https_server(self, web_port, directory):
    cert = self.create_self_signed_cert()
    web_server = HTTPServer(('0.0.0.0', int(web_port)), SETHandler)
    web_server.socket = ssl.wrap_socket(web_server.socket, certfile=cert, server_side=True)
    web_server.serve_forever()

The code snippets show that SSLstrip focuses specifically on stripping HTTPS, while Social-Engineer-Toolkit includes broader functionality like setting up HTTPS servers for various attack scenarios.

bettercap logo

bettercap

16,239

The Swiss Army knife for 802.11, BLE, HID, CAN-bus, IPv4 and IPv6 networks reconnaissance and MITM attacks.

Pros of Bettercap

  • More comprehensive network attack and monitoring toolkit
  • Actively maintained with regular updates
  • Supports a wider range of protocols and attack vectors

Cons of Bettercap

  • Steeper learning curve due to more complex features
  • Larger codebase and resource footprint
  • May be overkill for simple SSL stripping tasks

Code Comparison

SSLstrip (Python):

def handleSecureRedirect(self, method, client, host, path, headers, body):
    if self.hsts.has_key(host):
        headers['Location'] = headers['Location'].replace('https://', 'http://')
    return True

Bettercap (Go):

func (mod *HTTPSStrip) onResponseFilter(res *http.Response, ctx *goproxy.ProxyCtx) {
    if res.StatusCode == 301 || res.StatusCode == 302 {
        res.Header.Set("Location", strings.Replace(res.Header.Get("Location"), "https://", "http://", 1))
    }
}

Both tools implement SSL stripping functionality, but Bettercap's implementation is part of a larger, more versatile framework. SSLstrip is more focused and lightweight, while Bettercap offers a broader range of network manipulation capabilities.

rapid7 logo

metasploit-framework

33,737

Metasploit Framework

Pros of Metasploit-Framework

  • Comprehensive penetration testing framework with a vast array of exploits and tools
  • Active development and regular updates from a large community
  • Modular architecture allowing easy integration of custom modules

Cons of Metasploit-Framework

  • Steeper learning curve due to its extensive feature set
  • Larger footprint and resource requirements
  • May be overkill for simple SSL stripping tasks

Code Comparison

SSLstrip (Python):

def handleSecureRedirect(self, method, client, host, path, headers, body):
    if host.endswith(":443"):
        host = host[:-4]
    client.uri = "http://" + host + path
    return True

Metasploit-Framework (Ruby):

def run
  print_status("Sniffing traffic...")
  open_pcap
  each_packet do |pkt|
    if pkt.tcp_dst == 443
      print_good("Detected HTTPS traffic: #{pkt.ip_saddr}:#{pkt.tcp_sport} -> #{pkt.ip_daddr}:#{pkt.tcp_dport}")
    end
  end
end

SSLstrip focuses specifically on SSL/TLS stripping, providing a lightweight solution for this particular attack. Metasploit-Framework, on the other hand, offers a more comprehensive suite of tools for various penetration testing scenarios, including network sniffing capabilities that can be used for similar purposes.

Convert Figma logo designs to code with AI

Visual Copilot

Introducing Visual Copilot: A new AI model to turn Figma designs to high quality code using your components.

Try Visual Copilot

README

sslstrip is a MITM tool that implements Moxie Marlinspike's SSL stripping attacks.

It requires Python 2.5 or newer, along with the 'twisted' python module.

Installing: * Unpack: tar zxvf sslstrip-0.5.tar.gz * Install twisted: sudo apt-get install python-twisted-web * (Optionally) run 'python setup.py install' as root to install, or you can just run it out of the directory.

Running: sslstrip can be run from the source base without installation.
Just run 'python sslstrip.py -h' as a non-root user to get the command-line options.

The four steps to getting this working (assuming you're running Linux) 
are:

1) Flip your machine into forwarding mode (as root):
   echo "1" > /proc/sys/net/ipv4/ip_forward

2) Setup iptables to intercept HTTP requests (as root):
   iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port <yourListenPort>

3) Run sslstrip with the command-line options you'd like (see above).

4) Run arpspoof to redirect traffic to your machine (as root):
   arpspoof -i <yourNetworkdDevice> -t <yourTarget> <theRoutersIpAddress>

More Info: http://www.thoughtcrime.org/software/sslstrip/