Today we're going to talk about utilizing sslstrip together to steal passwords. For this i'm going to be using my WiFi Pineapple Mark IV, which is a very handy little box and I highly recommend having one for your wireless pentesting.
First we need to install sslstrip on the pineapple. For this we will use a USB thumb drive to give it the additional space needed for the installation. Fortunately for us, with the most recent firmware installing sslstrip is quite simple and can be done simply through the web interface.
Click on the Pineapple Bar and select "list available infusions (aka modules)".
Go through all the modules until you find the sslstrip module and click on the "Install" link. This will prompt you to select whether to install it on internal storage or on the USB storage.
Once sslstrip is installed it will put a new line in the pineapple bar labled "sslstrip", go ahead and navigate to it and start up sslstrip by clicking the start button.
Now that we have sslstrip running we just need to grab some passwords. I used my laptop and connected to my pineapple's wireless network. Let's use Facebook for our example.
By default Facebook defaults to HTTPS connections, but because we have sslstrip doing its magic it sends the connection from the pineapple to the victim's computer as HTTP.
Once the victim logs in they still get access and can go on with their day, but moving back to sslstrip we notice that we've grabbed the e-mail address and password.
Combining sslstrip and karma gets even more alluring as karma can advertise itself as any access point that a computer sends a request for. Taking it a step farther and adding a de-auth script in that disconnects everyone that's not connected to you and you've got a recipe for harvesting passwords from every wireless user around you. No cracking necessary.