SSLStrip and Driftnet Introduction
In this tutorial we will be capturing images from the victim which in this case is my phone. For this attack to work you would have to be on the inside of the network. We will use ARP spoofing to get the victim to send its traffic to use then we will re-route it back out. On my phone I will be browsing through my Instagram to get images to populate through the network traffic. Lets get started.
First we need to check for updates. Run ‘sudo apt-get update’
After the update is done, we can set up the attack. In this case, I will be putting my phone on my wifi. My kali linux VM is on my LAN. You will need to find out the IP address of the victim. You can either just look on your access points DHCP table or scan the network with nmap. Also note that if you are running Kali on virtualbox you will need to go to the network settings of the machine and change it from NAT mode to bridged mode.
First we will have to set our interface to re-route the traffic, to do this we run the following.
Next, we will spoof the traffic coming from the router to the victim and visa versa.
Not that we have set up the re-routing of packets and have successfully placed ourselves between the victim and the gateway we can start the steps to circumvent ssl encryption.
After SSLstrip has been started, we can start driftnet.
When you press “Enter” it will open up the driftnet box. This box will start to display the images that the victim is browsing through as traffic starts to move through our interface.