SSL stripping incident

Download and install MITM proxy

Long press wifi icon>Click settings on the currently connected wifi>Advanced>Chanage proxy to manual>Add the IP address and port number of the testing PC on the test device.
Wait for the test device to appear on the PC.

ssl-strip-bundel.rar
2KB
Binary

Open a browser on the test device and search the SLL Stripping demo site.
The 'https' links have been stripped down to 'http'.

Follow the steps below to disable the proxy on the test device.
Long press wifi icon>Click settings on the currently connected wifi>Advanced>Chanage proxy to 'None'
Copy link
On this page
Requirement
How to trigger incident
Step 1: Run the mitmdump on the testing PC
Step 2: Insert the IP address and the port number on the test device
Step 3: Run the scripts
Step 4: Search on your device
How to remediate the incident
Disable the proxy