я перехватил запрос на авторизацию в приложении , но sslstrip не видит

Discussion in 'Уязвимости' started by Student :), 24 May 2014.

  1. Student :)

    Student :) Elder - Старейшина

    Joined:
    9 Feb 2007
    Messages:
    291
    Likes Received:
    19
    Reputations:
    -15
    Ребята привет. помогите пож
    есть некое приложение для андроид
    в нём есть авторизация через mail.ru (OAuth)
    c помощью sslstrip в bt 5 я перехватил запрос на авторизацию в приложении , но sslstrip не видит как передаёться запрос (передача логина и пароля на connect.mail.ru) как перехватить запрос на connect mailru в андроид приложении ?
     
  2. Student :)

    Student :) Elder - Старейшина

    Joined:
    9 Feb 2007
    Messages:
    291
    Likes Received:
    19
    Reputations:
    -15
    Code:
    2014-05-23 16:23:55,762 Resolved host successfully: connect.mail.ru -> 94.100.185.164 
    2014-05-23 16:23:55,763 Sending request via HTTP... 
    2014-05-23 16:23:55,786 HTTP connection made. 
    2014-05-23 16:23:55,786 Sending Request: GET /sdc?token=64b0eebb55326a9cfb942950e9a13ce3 
    2014-05-23 16:23:55,787 Sending header: accept-language : ru-RU, en-US 
    2014-05-23 16:23:55,787 Sending header: x-wap-profile : http://218.249.47.94/Xianghe/MTK_Phone_JB_UAprofile.xml 
    2014-05-23 16:23:55,787 Sending header: connection : keep-alive 
    2014-05-23 16:23:55,787 Sending header: accept : text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 
    2014-05-23 16:23:55,787 Sending header: user-agent : Mozilla/5.0 (Linux; U; Android 4.2.1; ru-ru; JY-G3 Build/JOP40D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30 
    2014-05-23 16:23:55,787 Sending header: accept-charset : utf-8, utf-16, *;q=0.7 
    2014-05-23 16:23:55,787 Sending header: host : connect.mail.ru 
    2014-05-23 16:23:55,787 Sending header: cookie : Mpop=1400921993:025505635a065d7b19050219081d02041c  050b4f6a5d5e465e010601021d020976185e4e404a5e07105b  5c44411f4642:[email protected]:; t=obLD1AAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA  AAAAAAAAAAAAAAACAAAAAAAAAAAAAABAAAYH0QcA 
    2014-05-23 16:23:55,815 Got server response: HTTP/1.1 302 OK 
    2014-05-23 16:23:55,815 Got server header: Server:nginx/1.2.9 
    2014-05-23 16:23:55,815 Got server header: Date:Sat, 24 May 2014 08:59:53 GMT 
    2014-05-23 16:23:55,815 Got server header: Content-Type:text/plain 
    2014-05-23 16:23:55,815 Got server header: Content-Length:0 
    2014-05-23 16:23:55,816 Got server header: Connection:close 
    2014-05-23 16:23:55,816 Got server header: P3P:CP="NON CUR OUR IND UNI INT" 
    2014-05-23 16:23:55,816 Got server header: X-Frame-Options:DENY 
    2014-05-23 16:23:55,816 Got server header: Set-Cookie:sdc=IVYUz0MGQoC8AO2W; expires=Fri, 22 Aug 2014 08:59:53 GMT; path=/; domain=.connect.mail.ru; HttpOnly 
    2014-05-23 16:23:55,816 Got server header: Location:http://connect.mail.ru/oauth/authorize?response_type=token&client_id=609966&login=1&display=mobile&sig=e4aff8a53ab6e10a29de91527c6aabd5&redirect_uri=http%3A%2F%2Fconnect.mail.ru%2Foauth%  2Fsuccess.html 
    2014-05-23 16:23:55,816 Got server header: P3P:policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA" 
    2014-05-23 16:23:55,817 Read from server: 
    
    2014-05-23 16:23:55,855 Resolving host: connect.mail.ru 
    2014-05-23 16:23:55,855 Host cached. 
    2014-05-23 16:23:55,855 Resolved host successfully: connect.mail.ru -> 94.100.185.164 
    2014-05-23 16:23:55,855 Sending request via HTTP... 
    2014-05-23 16:23:55,881 HTTP connection made. 
    2014-05-23 16:23:55,882 Sending Request: GET /oauth/authorize?response_type=token&client_id=609966&login=1&display=mobile&sig=e4aff8a53ab6e10a29de91527c6aabd5&redirect_uri=http%3A%2F%2Fconnect.mail.ru%2Foauth%  2Fsuccess.html 
    2014-05-23 16:23:55,882 Sending header: accept-language : ru-RU, en-US 
    2014-05-23 16:23:55,882 Sending header: x-wap-profile : http://218.249.47.94/Xianghe/MTK_Phone_JB_UAprofile.xml 
    2014-05-23 16:23:55,882 Sending header: connection : keep-alive 
    2014-05-23 16:23:55,882 Sending header: accept : text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 
    2014-05-23 16:23:55,882 Sending header: user-agent : Mozilla/5.0 (Linux; U; Android 4.2.1; ru-ru; JY-G3 Build/JOP40D) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30 
    2014-05-23 16:23:55,882 Sending header: accept-charset : utf-8, utf-16, *;q=0.7 
    2014-05-23 16:23:55,882 Sending header: host : connect.mail.ru 
    2014-05-23 16:23:55,883 Sending header: cookie : Mpop=1400921993:025505635a065d7b19050219081d02041c  050b4f6a5d5e465e010601021d020976185e4e404a5e07105b  5c44411f4642:[email protected]:; t=obLD1AAAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA  AAAAAAAAAAAAAAACAAAAAAAAAAAAAABAAAYH0QcA; sdc=IVYUz0MGQoC8AO2W 
    2014-05-23 16:23:55,909 Got server response: HTTP/1.1 302 Moved Temporarily 
    2014-05-23 16:23:55,910 Got server header: Server:nginx/1.2.9 
    2014-05-23 16:23:55,910 Got server header: Date:Sat, 24 May 2014 08:59:53 GMT 
    2014-05-23 16:23:55,910 Got server header: Content-Type:text/html 
    2014-05-23 16:23:55,910 Got server header: Content-Length:160 
    2014-05-23 16:23:55,910 Got server header: Connection:close 
    2014-05-23 16:23:55,910 Got server header: Location:https://connect.mail.ru/oauth/authorize?response_type=token&client_id=609966&login=1&display=mobile&sig=e4aff8a53ab6e10a29de91527c6aabd5&redirect_uri=http%3A%2F%2Fconnect.mail.ru%2Foauth%  2Fsuccess.html 
    2014-05-23 16:23:55,910 Found secure reference: https://connect.mail.ru/oauth/authorize?response_type=token&client_id=609966&login=1&display=mobile&sig=e4aff8a53ab6e10a29de91527c6aabd5&redirect_uri=http%3A%2F%2Fconnect.mail.ru%2Foauth%  2Fsuccess.html 
    2014-05-23 16:23:55,911 Got server header: P3P:policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA" 
    2014-05-23 16:23:55,911 Read from server: 
    <html> 
    <head><title>302 Found</title></head> 
    <body bgcolor="white"> 
    <center><h1>302 Found</h1></center> 
    <hr><center>nginx/1.2.9</center> 
    </body> 
    </html>  
    

    как получить /sdc?token=64b0eebb55326a9cfb942950e9a13ce3
    sslstrip не видит передачу логина и пароля на connect.mail.ru ((((
     
  3. forever123

    forever123 New Member

    Joined:
    15 Aug 2011
    Messages:
    6
    Likes Received:
    0
    Reputations:
    0
    попробуй лучше открытый код смотреть! а не готовые результаты!
     
Loading...