• Introducing XDA Computing: Discussion zones for Hardware, Software, and more!    Check it out!

[DEV] SSLStrip for Android , Open Source

Search This thread

crazyricky

Member
Mar 11, 2012
5
6
SSLStrip for Android, is port from sslstrip(python script) to Android !

SSLStrip for Android requires a rooted device

Features included:
arpspoof
sslstrip
save sslstrip logs to sdcard
...
more is coming!


Works:
Galaxy nexus, AOKP maguro build 21 with francisco #47
Moto Atrix (stock firmware, but forget version )

Doesn't work:

Market link:
play.google.com/store/apps/details?id=com.crazyricky.androidsslstrip

Feel free to contribute on this project:
github.com/crazyricky/SSLStrip-for-Android
 

zinjashike

Member
Jul 11, 2008
19
0
Gave this a try, it seems like everything works except arpspoof (had to use actual arpspoof application separate - this caused problems but shows sslstrip itself working right).

Device used: Samsung Stratosphere
 

moehawk

Member
May 10, 2010
21
0
The tool – called ‘SSL strip’ – is based around a man-in-the-middle attack, where the system for redirecting people from the insecure to the secure version of a web page is abused. By acting as a man-in-the-middle, the attacker can compromise any information sent between the user and the supposedly secure webpage.
 

plazma247

Senior Member
Jun 17, 2007
298
101
Wow great app :)

Man, thanks for porting this to android your a complete super star.

Would it be possible to update the market version or someone post a recent apk here as ive noticed the market version does not have an option to save logs out, where as the github source says it does and ive got no idea where to start building the source with eclipse.

:) PLAzmA
 

lwi

New member
May 8, 2009
1
0
Not working on HTC Desire

Hi,

I just tested it on:

-Model: HTC Desire / Bravo
-Rom: (aokp_bravo_milestone-5)
-OS: Android 4.0.4
-Kernel: 2.6.38.8 Tiamat-ICS#2

First of all, arpspoof standalone works fine. So I experimented a little with the iptable-commands out of the sourcecode and the shell reports:


"FIX ME! implement getprotobyname() bionic/libc/bionic/stubs.c:450"

is this a possible reason for not showing me results in the app?
 

E:V:A

Inactive Recognized Developer
Dec 6, 2011
1,449
2,215
-∇ϕ
I haven't checked the code for that tool, but it seem that it may be dependent on the type WiFi chip you have (and how its implemented)? What are the device/driver dependencies for those tools?
 

Top Liked Posts

  • There are no posts matching your filters.
  • 5
    SSLStrip for Android, is port from sslstrip(python script) to Android !

    SSLStrip for Android requires a rooted device

    Features included:
    arpspoof
    sslstrip
    save sslstrip logs to sdcard
    ...
    more is coming!


    Works:
    Galaxy nexus, AOKP maguro build 21 with francisco #47
    Moto Atrix (stock firmware, but forget version )

    Doesn't work:

    Market link:
    play.google.com/store/apps/details?id=com.crazyricky.androidsslstrip

    Feel free to contribute on this project:
    github.com/crazyricky/SSLStrip-for-Android