December 14, 2017, 06:36:05 PM
Welcome, Guest. Please login or register.

"Have you tried turning it off and then on again?"

Author Topic: Just tested Hax0rBl0x on Kali Linux and seems to be working good..  (Read 3119 times)

Offline n1tr0g3n

  • Super Elite
  • ******
  • Posts: 4734
  • Internets: +63/-2
  • MCSA, MCP, MCTS, DCSE, CE/H, ACSP, N+,A+, CWSP
    • n1tr0g3n Information Security Blog
Grab the script here:   http://code.google.com/p/hax0rbl0x/downloads/list

Grab it and help test the script all my top-Hat peeps.

Ok guys I just tested Hax0rBl0x on Kali Linux and it works great! I have attached the two screenshots 1 of Hax0rBl0x and the second of my ssl_phucke3r script running.

The reason I used my script in conjunction  was just to start the MITM portion so I could sniff creds with Hax0rBl0x. it read the user and pass perfectly but I attached the screenshot to show the difference in the URL that showed up representing where the login creds came from. The creds were shown properly but the url was wrong, for some reason it was stuck on showing myspace.com as the url used to log in when it was actually only my first site I logged into then I tried different sites. I'm not sure why it didn't say the correct site but I just wanted to let the devs know since we told you we would give the script a go running in kali.

I am not bashing the script by any means just giving some feedback so you guys can get the script running perfect since the BT forums didn't seem like they were even alive over there lol The Hax0rBl0x script does exactly what it is meant to do so far and thats awesome I'm loving it and want to do a demo at a Hack Miami meeting in the next week or so. great job on this script it is easy to use and just feels so well thought out and clean that I forget I'm not in a gui  :) 

The pics are proof of working on Kali and also just in case I didn't explain my self very well what I wrote above, which happens a lot  :D

I will continue helping you guys test as I'm pretty sureTAPE will as well if he has some free time since he got Kali up and running so together we can all make this script the go to for sniffing creds! I rate it 5 starts out of 5!!

I haven't got to test Ngrep or Hamster functionality in Kali yet but that is my next step and will let you guys know how it goes.


Hax0rbl0x repeating url




My script showing correct url's

« Last Edit: March 21, 2013, 08:40:54 PM by n1tr0g3n »
"It's mind over matter, If you don't have a mind then it doesn't matter

Youtube  Channnel
http://www.youtube.com/user/n1tr0g3n0x1d3
Twitter  https://twitter.com/n1tr0g3n_com
http://www.n1tr0g3n.com  
http://teamctfu.weebly.com/

Offline ShadowBlade72

  • Prospect
  • *
  • Posts: 7
  • Internets: +0/-0
Re: Just tested Hax0rBl0x on Kali Linux and seems to be working good..
« Reply #1 on: March 23, 2013, 12:41:19 PM »
Thanks for the feedback Nitrogen.

I'm about 99% sure the reason that the script errored out is because there were two SSLStrips running. I saw that it said expression error; the reason it's getting an expression error is because it's finding two copies in the IPTables and then trying to compare those two entires to a number. Which if there is more than one entry, it'll view it as a string with the way that we have it currently written. We've always tested on systems running only one copy of SSLStrip.  I have a pretty good idea how I'm going to fix it already.

As far as it reporting the same site over and over, I'll look into that. Not sure why it wasn't resetting the variables like it should have been.

I'll try and link up with Dopey tomorrow to address the issues.
« Last Edit: March 23, 2013, 01:15:19 PM by ShadowBlade72 »

Offline n1tr0g3n

  • Super Elite
  • ******
  • Posts: 4734
  • Internets: +63/-2
  • MCSA, MCP, MCTS, DCSE, CE/H, ACSP, N+,A+, CWSP
    • n1tr0g3n Information Security Blog
Re: Just tested Hax0rBl0x on Kali Linux and seems to be working good..
« Reply #2 on: March 23, 2013, 01:14:20 PM »
Awesome, i was thinking the same thing. I'll try it tonight when I get home because where I'm at now they have AP isolation. I'm going to run the MITM with no sslstrip to see if it fixes it. What you said makes perfect sense now that you mention it.
"It's mind over matter, If you don't have a mind then it doesn't matter

Youtube  Channnel
http://www.youtube.com/user/n1tr0g3n0x1d3
Twitter  https://twitter.com/n1tr0g3n_com
http://www.n1tr0g3n.com  
http://teamctfu.weebly.com/

Offline ShadowBlade72

  • Prospect
  • *
  • Posts: 7
  • Internets: +0/-0
Re: Just tested Hax0rBl0x on Kali Linux and seems to be working good..
« Reply #3 on: March 23, 2013, 01:26:18 PM »
Yeah, let me know if that fixes the error issue. I have a possible fix coded up, I just need to test it before releasing it.

I'll look into the other issue of it repeating the same site over and over. I'm not sure why it broke the way it did.

Offline n1tr0g3n

  • Super Elite
  • ******
  • Posts: 4734
  • Internets: +63/-2
  • MCSA, MCP, MCTS, DCSE, CE/H, ACSP, N+,A+, CWSP
    • n1tr0g3n Information Security Blog
Re: Just tested Hax0rBl0x on Kali Linux and seems to be working good..
« Reply #4 on: March 23, 2013, 01:28:57 PM »
No problem as soon as I get home and test it I'll post back up with a full run down.
"It's mind over matter, If you don't have a mind then it doesn't matter

Youtube  Channnel
http://www.youtube.com/user/n1tr0g3n0x1d3
Twitter  https://twitter.com/n1tr0g3n_com
http://www.n1tr0g3n.com  
http://teamctfu.weebly.com/