Skip to content

sslstrip fix & don't restore iptables/ip_forward on exit when bettercap did not change them.#1085

Merged
evilsocket merged 1 commit intobettercap:masterfrom
SkyperTHC:master
Aug 8, 2024
Merged

sslstrip fix & don't restore iptables/ip_forward on exit when bettercap did not change them.#1085
evilsocket merged 1 commit intobettercap:masterfrom
SkyperTHC:master

Conversation

@SkyperTHC
Copy link

@SkyperTHC SkyperTHC commented Mar 29, 2024

  1. Do not restore ip_forward and iptables settings if they were not changed by bettercap (e.g. when set http.proxy.redirect false was used)
  2. sslstrip was broken and did not handle these cases:
  • Location redirects to https://foo.com:443 ended up as http://foo.com:443 and the victim's browser would try to open a cleartext HTTP connection to port 443. It should go to port 80 (the most likely HTTP port).
  • The orig.Scheme get overwritten with https in http_proxy_base_sslstriper.go in the Request function. Thus the check for 'http' later will always fail (because it's not 'https').
  • Response: always need to fix cookies (even during a 302/Location).
  • Response: Must change all HTTPS to HTTP in cookies

@evilsocket evilsocket merged commit 06623dd into bettercap:master Aug 8, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@SkyperTHC @evilsocket @rootTHC