0x1 Posted August 31, 2015 Share Posted August 31, 2015 Framework for Man-In-The-Middle attacks This is the hidden content, please Sign In or Sign Up * The framework contains a built-in SMB, HTTP and DNS server that can be controlled and used by the various plugins, it also contains a modified version of the SSLStrip proxy that allows for HTTP modification and a partial HSTS bypass. * As of version 0.9.8, MITMf supports active packet filtering and manipulation (basically what etterfilters did, only better), allowing users to modify any type of traffic or protocol. * The configuration file can be edited on-the-fly while MITMf is running, the changes will be passed down through the framework: this allows you to tweak settings of plugins and servers while performing an attack. * MITMf will capture FTP, IRC, POP, IMAP, Telnet, SMTP, SNMP (community strings), NTLMv1/v2 (all supported protocols like HTTP, SMB, LDAP etc.) and Kerberos credentials by using Net-Creds, which is run on startup. * Responder integration allows for LLMNR, NBT-NS and MDNS poisoning and WPAD rogue server support. MITMf was accepted in the Black Hat Asia 2015 Arsenal Panel : [HIDE-THANKS] This is the hidden content, please Sign In or Sign Up [/HIDE-THANKS] Available plugins * SMBtrap - Exploits the 'SMB Trap' vulnerability on connected clients * Screenshotter - Uses HTML5 Canvas to render an accurate screenshot of a clients browser * Responder - LLMNR, NBT-NS, WPAD and MDNS poisoner * SSLstrip+ - Partially bypass HSTS * Spoof - Redirect traffic using ARP spoofing, ICMP redirects or DHCP spoofing * BeEFAutorun - Autoruns BeEF modules based on a client's OS or browser type * AppCachePoison - Perform app cache poisoning attacks * Ferret-NG - Transperently hijacks sessions * BrowserProfiler - Attempts to enumerate all browser plugins of connected clients * CacheKill - Kills page caching by modifying headers * FilePwn - Backdoor executables sent over HTTP using the Backdoor Factory and BDFProxy * Inject - Inject arbitrary content into HTML content * BrowserSniper - Performs drive-by attacks on clients with out-of-date browser plugins * jskeylogger - Injects a Javascript keylogger into a client's webpages * Replace - Replace arbitary content in HTML content * SMBAuth - Evoke SMB challenge-response authentication attempts * Upsidedownternet - Flips images 180 degrees Source & code : [HIDE-THANKS] This is the hidden content, please Sign In or Sign Up [/HIDE-THANKS] Link to comment Share on other sites More sharing options...
.webp.8407a83ac96563f75e1c428a1f0d4c3e.webp)
.webp.9a04cec050a656fab081ac190f971c3f.webp)
Hack Tools Resurrection
Recommended Posts