Linux command
sslstrip 命令
网络
复制后可按需替换文件名、目录或参数。
常用示例
Example
sslstrip
Example
sslstrip --listen=8080
Example
sslstrip --ssl --listen=8080
Example
sslstrip --listen=8080 --all
Example
sslstrip --listen=8080 --write=output.log
Example
sslstrip --help
说明
sslstrip is a security testing tool that performs SSL stripping attacks by acting as a proxy between the victim and the server. It converts HTTPS links to HTTP, allowing interception of traffic that would otherwise be encrypted. This tool is used for authorized penetration testing and security research.
参数
- -l, --listen PORT
- Port to listen on (default: 10000)
- -a, --all
- Log all SSL and HTTP traffic
- -s, --ssl
- Log all SSL traffic to and from server
- -w, --write FILE
- Specify log file path
- -p, --post
- Log only HTTP POST requests (default)
- -f, --favicon
- Substitute a lock favicon on secure requests
- -k, --killsessions
- Kill sessions in progress
- -h, --help
- Display help information
FAQ
What is the sslstrip command used for?
sslstrip is a security testing tool that performs SSL stripping attacks by acting as a proxy between the victim and the server. It converts HTTPS links to HTTP, allowing interception of traffic that would otherwise be encrypted. This tool is used for authorized penetration testing and security research.
How do I run a basic sslstrip example?
Run `sslstrip` in a terminal, then adjust file names, paths, flags, or remote targets for your system.
What does -l, --listen PORT do in sslstrip?
Port to listen on (default: 10000)