help with a basic SSL MiTM attack
128 views
Skip to first unread message
zwx...@gmail.com
May 24, 2015, 3:43:33 AM5/24/15
to nogot...@googlegroups.com
when i start to a testing of basic SSL MiTM attack following the getting_started.md, have some problems.
the mitm server ,client and wget all runed on a VM,but the logs always shows can't established ssl connection when i type the code : proxychains wget https://google.com --no-check-certificate
please help me,thx
zwx...@gmail.com
May 24, 2015, 4:11:55 AM5/24/15
to nogot...@googlegroups.com, zwx...@gmail.com
sorry,here is the server 's logs:
在 2015年5月24日星期日 UTC+8下午3:43:33,zwx...@gmail.com写道:
[root@localhost test]# python -m nogotofail.mitm --mode socks --port 8080 --serverssl server.crt
2015-05-24 16:01:41,777 [INFO] Starting...
2015-05-24 16:02:15,330 [INFO] Blame: New client from 127.0.0.1
2015-05-24 16:02:39,932 [INFO] [127.0.0.1:36650<=>202.205.232.1:53 21e6a1b1-b71a-463a-9ff2-7a9898045096 logging](Unknown) Selected for connection
2015-05-24 16:02:40,099 [INFO] [127.0.0.1:36650<=>202.205.232.1:53 21e6a1b1-b71a-463a-9ff2-7a9898045096 logging](client=Linux 3.17.4-301.fc21.i686 application="dig baidu.com" version="0") Connection established
2015-05-24 16:02:40,116 [INFO] [127.0.0.1:36650<=>202.205.232.1:53 21e6a1b1-b71a-463a-9ff2-7a9898045096 logging](client=Linux 3.17.4-301.fc21.i686 application="dig baidu.com" version="0") Connection closed
2015-05-24 16:02:40,119 [INFO] [127.0.0.1:36652<=>220.181.57.217:443 7e1a128a-a72a-42ad-a6aa-003c919c5f3b logging](Unknown) Selected for connection
2015-05-24 16:02:43,154 [INFO] [127.0.0.1:36652<=>220.181.57.217:443 7e1a128a-a72a-42ad-a6aa-003c919c5f3b logging](client=Linux 3.17.4-301.fc21.i686 application="wget![]()
https://baidu.com" version="0") Connection established
2015-05-24 16:02:43,157 [INFO] [127.0.0.1:36652<=>220.181.57.217:443 7e1a128a-a72a-42ad-a6aa-003c919c5f3b logging](client=Linux 3.17.4-301.fc21.i686 application="wget![]()
https://baidu.com" version="0") Handler being removed
2015-05-24 16:02:43,158 [INFO] [127.0.0.1:36652<=>220.181.57.217:443 7e1a128a-a72a-42ad-a6aa-003c919c5f3b selfsigned](client=Linux 3.17.4-301.fc21.i686 application="wget![]()
https://baidu.com" version="0") Selected for connection
2015-05-24 16:02:43,862 [INFO] [127.0.0.1:36652<=>220.181.57.217:443 7e1a128a-a72a-42ad-a6aa-003c919c5f3b selfsigned](client=Linux 3.17.4-301.fc21.i686 application="wget![]()
https://baidu.com" version="0") Connection closed
2015-05-24 16:01:41,777 [INFO] Starting...
2015-05-24 16:02:15,330 [INFO] Blame: New client from 127.0.0.1
2015-05-24 16:02:39,932 [INFO] [127.0.0.1:36650<=>202.205.232.1:53 21e6a1b1-b71a-463a-9ff2-7a9898045096 logging](Unknown) Selected for connection
2015-05-24 16:02:40,099 [INFO] [127.0.0.1:36650<=>202.205.232.1:53 21e6a1b1-b71a-463a-9ff2-7a9898045096 logging](client=Linux 3.17.4-301.fc21.i686 application="dig baidu.com" version="0") Connection established
2015-05-24 16:02:40,116 [INFO] [127.0.0.1:36650<=>202.205.232.1:53 21e6a1b1-b71a-463a-9ff2-7a9898045096 logging](client=Linux 3.17.4-301.fc21.i686 application="dig baidu.com" version="0") Connection closed
2015-05-24 16:02:40,119 [INFO] [127.0.0.1:36652<=>220.181.57.217:443 7e1a128a-a72a-42ad-a6aa-003c919c5f3b logging](Unknown) Selected for connection
2015-05-24 16:02:43,154 [INFO] [127.0.0.1:36652<=>220.181.57.217:443 7e1a128a-a72a-42ad-a6aa-003c919c5f3b logging](client=Linux 3.17.4-301.fc21.i686 application="wget
2015-05-24 16:02:43,157 [INFO] [127.0.0.1:36652<=>220.181.57.217:443 7e1a128a-a72a-42ad-a6aa-003c919c5f3b logging](client=Linux 3.17.4-301.fc21.i686 application="wget
2015-05-24 16:02:43,158 [INFO] [127.0.0.1:36652<=>220.181.57.217:443 7e1a128a-a72a-42ad-a6aa-003c919c5f3b selfsigned](client=Linux 3.17.4-301.fc21.i686 application="wget
2015-05-24 16:02:43,862 [INFO] [127.0.0.1:36652<=>220.181.57.217:443 7e1a128a-a72a-42ad-a6aa-003c919c5f3b selfsigned](client=Linux 3.17.4-301.fc21.i686 application="wget
****************************************************************************************************
here is the client's :
python -m nogotofail.clients.linux.pyblame -A selfsigned -D httpdetection -p 1 -v localhost 8443
2015-05-24 16:02:13,748 [INFO] Connected...
Connect to 55:36:83:4E:B1:38:1C:BD:66:64:A2:E9:07:C6:F4:78:91:96:07:4A:F5:E6:86:6D:9A:D3:98:CB:50:04:D0:61 y/N? y
2015-05-24 16:02:15,327 [INFO] SSL connection established
2015-05-24 16:02:40,098 [INFO] Blame request for 36650=>127.0.0.1:8080 owner:2476 command:dig baidu.com
2015-05-24 16:02:40,305 [INFO] Blame request for 36652=>127.0.0.1:8080 owner:2474 command:wget![]()
https://baidu.com
Connect to 55:36:83:4E:B1:38:1C:BD:66:64:A2:E9:07:C6:F4:78:91:96:07:4A:F5:E6:86:6D:9A:D3:98:CB:50:04:D0:61 y/N? y
2015-05-24 16:02:15,327 [INFO] SSL connection established
2015-05-24 16:02:40,098 [INFO] Blame request for 36650=>127.0.0.1:8080 owner:2476 command:dig baidu.com
2015-05-24 16:02:40,305 [INFO] Blame request for 36652=>127.0.0.1:8080 owner:2474 command:wget
$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$$
here is the wget's logs:
root@localhost test]# proxychains wget ![]()
https://baidu.com --no-check-certificate -4
ProxyChains-3.1 (![]()
http://proxychains.sf.net)
--2015-05-24 16:02:39--![]()
https://baidu.com/
Resolving baidu.com (baidu.com)... |DNS-request| baidu.com
|S-chain|-<>-127.0.0.1:8080-<><>-202.205.232.1:53-<><>-OK
|DNS-response| baidu.com is 220.181.57.217
220.181.57.217
Connecting to baidu.com (baidu.com)|220.181.57.217|:443... |S-chain|-<>-127.0.0.1:8080-<><>-220.181.57.217:443-<><>-OK
connected.
Unable to establish SSL connection.
ProxyChains-3.1 (
--2015-05-24 16:02:39--
Resolving baidu.com (baidu.com)... |DNS-request| baidu.com
|S-chain|-<>-127.0.0.1:8080-<><>-202.205.232.1:53-<><>-OK
|DNS-response| baidu.com is 220.181.57.217
220.181.57.217
Connecting to baidu.com (baidu.com)|220.181.57.217|:443... |S-chain|-<>-127.0.0.1:8080-<><>-220.181.57.217:443-<><>-OK
connected.
Unable to establish SSL connection.
Thanks for helping me. : )
在 2015年5月24日星期日 UTC+8下午3:43:33,zwx...@gmail.com写道:
Reply all
Reply to author
Forward
0 new messages