choosetwo
commented
8 years ago Hi again,
Did you have any link for show how it's work with MITMf ?
Closed karencho777 closed 8 years ago
choosetwo
commented
8 years ago Hi again,
Did you have any link for show how it's work with MITMf ?
karencho777
commented
8 years ago it is working good... but youtube is blocking because the wrong date and github blocking too...
choosetwo
commented
8 years ago Yeah ok,
How you make working it ?
karencho777
commented
8 years ago i just simple install MITMf and delorean ...run MITMf with "--dns -- spoof --arp --hsts" and turn on delorean.... then i update time in windows and it works....
jselvi
commented
8 years ago @karencho777 What attack are you running with Delorean? Against HSTS? PKI? Do you have a tcpdump capture? it's extremely useful to see what happens at low level.
It usually happens that a website use a lot of javascript/ajax/whatever and this is difficult for SSLStrip (and MITMf seems to use SSLStrip+), so perhaps you should fix something in the code for Youtube. I'm just wondering, I can't tell you more before having a look to the network traffic.
Regarding the automatic update, it is possible in certain platforms. My Defcon talk is on youtube, you can find more information there: https://www.youtube.com/watch?v=hkw9tFnJk8k
karencho777
commented
8 years ago thankss for video... nice one ,i am running the default attac with no flags... and in you presentation i saw that when you were attack on Windows Server time was updating automaticly ,what configuration need for doing this? and one more question ,is there possibility to disable preloaded list of HSTS connections?
jselvi
commented
8 years ago @karencho777 That was the time skimming attack, not the default one, and it's only possible under certain configuration in a Windows box. Everything is explained in the talk.
A preloaded list can't be disabled if you don't control the browser or the server (using max-age: 0), as far as I know.
karencho777
commented
8 years ago cookie.setMaxAge( 0 ) - that JAVA code will disable the hsts preload list ? or its not possible to inject with MITMf some javascript to disable hsts?
jselvi
commented
8 years ago @karencho777 The purpose of this channel is to report issues about Deloran. If you want to ask more generic questions, please use a forum or drop me an email.
karencho777
commented
8 years ago can you tell me your email?
jselvi
commented
8 years ago @karencho777 It's in my slides, the @pentester.es one.
karencho777
commented
8 years ago i have wrote to you
hello i have Kali linux 2.0 ...i have downloaded Delorean and launch MITMf ,and was working normal but only on facebook.com gmail.com....on youtube was giving the message like "fix date and time or something like this ...." and one more is there possible to Delorean inject on specific ip adress....and actualy victim must go and update time and only then it will work yes? or i am doing something wrong?
is there possible to change date and time automaticly ,not to wait until victim will update date and time....