Optionally deauthenticate connected users using SSLStrip

natedizzl / subterfuge

Automatically exported from code.google.com/p/subterfuge

GNU General Public License v3.0

0 stars 0 forks source link

Optionally deauthenticate connected users using SSLStrip #40

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago

This is a feature request not a bug report.
SSLStrip has a "-k" switch to kill active sessions in order to force connected 
users to reconnect and therefore collect there credentials. I suggest 
implementing this as an option in Subterfuge.

Original issue reported on code.google.com by houcem.h...@gmail.com on 6 May 2012 at 2:02

GoogleCodeExporter commented 9 years ago

[deleted comment]

GoogleCodeExporter commented 9 years ago

[deleted comment]

GoogleCodeExporter commented 9 years ago

[deleted comment]

GoogleCodeExporter commented 9 years ago

The Session Hijacking Module will be a similar option to the one you are 
requesting which is more transparent to the victims. Your suggestion may become 
an advanced configuration option in the future, but likely won't ship as a 
default option. Stealth and transparency are some of the core values of the 
Subterfuge Project. Thank you for your suggestions, they will be considered for 
the final release.

Original comment by topher.s...@gmail.com on 6 May 2012 at 3:08

GoogleCodeExporter commented 9 years ago

Original comment by topher.s...@gmail.com on 7 Aug 2012 at 7:14