FS#67459 - [sslstrip] make it compatible with twisted>19.2.0
Attached to Project:
Community Packages
Opened by Amin Vakil (aminvakil) - Saturday, 01 August 2020, 13:49 GMT
Last edited by Eli Schwartz (eschwartz) - Tuesday, 30 March 2021, 23:19 GMT
Opened by Amin Vakil (aminvakil) - Saturday, 01 August 2020, 13:49 GMT
Last edited by Eli Schwartz (eschwartz) - Tuesday, 30 March 2021, 23:19 GMT
|
Details
Description:
https://security.stackexchange.com/a/230521/93170 Additional info: 0.9-8 Steps to reproduce: sslstrip I know the package is abandoned by maintainer and will mostly not update, but as it doesn't work right now without tweaking could it be possible to make the change written in https://security.stackexchange.com/a/230521/93170 ? |
This task depends upon
Closed by Eli Schwartz (eschwartz)
Tuesday, 30 March 2021, 23:19 GMT
Reason for closing: Won't fix
Additional comments about closing: Dropped from the repos.
Tuesday, 30 March 2021, 23:19 GMT
Reason for closing: Won't fix
Additional comments about closing: Dropped from the repos.
But it seems that they operate differently, sslstrip catches 30x forwards to https on the fly and therefore clients just see the http version of web page where sniffer who is running sslstrip makes the https connection to the end server, therefore catching passwords, urls, etc.
There is no need to install a CA on any machine to use this, does mitmproxy do this as well?