LinuxCommandLibrary

sslstrip

SSL/TLS man-in-the-middle attack tool

TLDR

Log only HTTPS POST traffic on port 10000 by default

$ sslstrip
copy


Log only HTTPS POST traffic on port 8080
$ sslstrip --listen=[8080]
copy


Log all SSL traffic to and from the server on port 8080
$ sslstrip --ssl --listen=[8080]
copy


Log all SSL and HTTP traffic to and from the server on port 8080
$ sslstrip --listen=[8080] --all
copy


Specify the file path to store the logs
$ sslstrip --listen=[8080] --write=[path/to/file]
copy


Display help
$ sslstrip --help
copy

SYNOPSIS

sslstrip

DESCRIPTION

sslstrip 0.6 by Moxie Marlinspike

OPTIONS

-w , --write= Specify file to log to (optional). -p, --post Log only SSL POSTs. (default) -s, --ssl Log all SSL traffic to and from server. -a, --all Log all SSL and HTTP traffic to and from server. -l , --listen= Port to listen on (default 10000). -f, --favicon Substitute a lock favicon on secure requests. -k, --killsessions Kill sessions in progress. -h Print this help message.

Copied to clipboard