Framework for Man-In-The-Middle attacks

MITMf - Framework for Man-In-The-Middle attacks

Wednesday, June 10, 2015 Sensei Fedon 0 Comments


Framework for Man-In-The-Middle attacks

Available plugins
  • SMBtrap - Exploits the 'SMB Trap' vulnerability on connected clients
  • Screenshotter - Uses HTML5 Canvas to render an accurate screenshot of a clients browser
  • Responder - LLMNR, NBT-NS, WPAD and MDNS poisoner
  • SSLstrip+ - Partially bypass HSTS
  • Spoof - Redirect traffic using ARP spoofing, ICMP redirects or DHCP spoofing
  • BeEFAutorun - Autoruns BeEF modules based on a client's OS or browser type
  • AppCachePoison - Perform app cache poisoning attacks
  • Ferret-NG - Transperently hijacks sessions
  • BrowserProfiler - Attempts to enumerate all browser plugins of connected clients
  • CacheKill - Kills page caching by modifying headers
  • FilePwn - Backdoor executables sent over HTTP using the Backdoor Factory and BDFProxy
  • Inject - Inject arbitrary content into HTML content
  • BrowserSniper - Performs drive-by attacks on clients with out-of-date browser plugins
  • jskeylogger - Injects a Javascript keylogger into a client's webpages
  • Replace - Replace arbitary content in HTML content
  • SMBAuth - Evoke SMB challenge-response authentication attempts
  • Upsidedownternet - Flips images 180 degrees

How to install on Kali
apt-get install mitmf


Installation
If MITMf is not in your distro's repo or you just want the latest version:
  • Run the command git clone https://github.com/byt3bl33d3r/MITMf.git to clone this directory
  • Run the setup.sh script
  • Run the command pip install --upgrade -r requirements.txt to install all Python dependencies

On Kali Linux, if you get an error while installing the pypcap package or when starting MITMf you see: ImportError: no module named pcap, run apt-get install python-pypcap to fix it


0 comments: