sslsniff man page on Kali

Man page or keyword search:  
man Server   9211 pages
apropos Keyword Search (all sections)
Output format
Kali logo
[printable version]

SSLSNIFF(1)							   SSLSNIFF(1)

NAME
       sslsniff - SSL/TLS man-in-the-middle attack tool

SYNOPSIS
       sslsniff [options]

DESCRIPTION
       This manual page documents briefly the sslsniff command.

       sslsniff	 is  designed  to  create man-in-the-middle (MITM) attacks for
       SSL/TLS connections, and dynamically generates certs  for  the  domains
       that  are  being	 accessed  on  the  fly. The new certificates are con‐
       structed in a certificate chain that is signed by any certificate  that
       is provided.
       sslsniff	 also  supports other attacks like null-prefix or OCSP attacks
       to achieve silent interceptions of connections when possible.

OPTIONS
       Modes:

       -a     Authority mode.  Specify a certificate that will act as a CA.

       -t     Targeted mode.  Specify a directory full of certificates to tar‐
	      get.

       Required options:

       -c <file|directory>
	      File  containing	CA cert/key (authority mode) or directory con‐
	      taining a collection of certs/keys (targeted mode)

       -s <port>
	      Port to listen on for SSL interception.

       -w <file>
	      File to log to

       Optional options:

       -u <updateLocation>
	      Location of any Firefox XML update files.

       -m <certificateChain>
	      Location of any intermediary certificates.

       -h <port>
	      Port to listen on for HTTP interception  (required  for  finger‐
	      printing).

       -f <ff,ie,safari,opera>
	      Only intercept requests from the specified browser(s).

       -d     Deny OCSP requests for our certificates.

       -p     Only log HTTP POSTs

       -e <url>
	      Intercept Mozilla Addon Updates

       -j <sha256>
	      The sha256sum value of the addon to inject

NOTES
       sslsniff works only on the FORWARD traffic (not on INPUT or OUTPUT).

EXAMPLES
       To intercept traffic on port 8443, start sslsniff on a local port:

	      sslsniff	-a  -c	/usr/share/sslsniff/certs/wildcard  -s 4433 -w
	      /tmp/sslsniff.log

       and redirect traffic to this port using the iptables nat table:

	      iptables -t nat -A PREROUTING -p tcp --destination-port 8443  -j
	      REDIRECT --to-ports 4433

AUTHOR
       sslsniff was written by Moxie Marlinspike.

       This  manual  page was written by Pierre Chifflier <pollux@debian.org>,
       for the Debian project (and may be used by others).

				August 16, 2009			   SSLSNIFF(1)
[top]

List of man pages available for Kali

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Tweet
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
....................................................................
Vote for polarhome
Free Shell Accounts :: the biggest list on the net