From c3e4a90130f6310840917cee67382022ebb8ec52 Mon Sep 17 00:00:00 2001 From: byt3bl33d3r Date: Tue, 30 Sep 2014 14:22:05 +0200 Subject: [PATCH] updated README --- README.md | 20 ++++++-------------- 1 file changed, 6 insertions(+), 14 deletions(-) diff --git a/README.md b/README.md index 4f1b140..0d8e14b 100644 --- a/README.md +++ b/README.md @@ -8,7 +8,7 @@ Quick tutorials, examples and dev updates at http://sign0f4.blogspot.it This tool is completely based on sergio-proxy https://code.google.com/p/sergio-proxy/ and is an attempt to revive and update the project. Availible plugins: -- Spoof - Redirect traffic using ARP Spoofing, DNS Spoofing or ICMP Redirects +- Spoof - Redirect traffic using ARP Spoofing, ICMP Redirects or DHCP Spoofing and modify DNS queries - BeEFAutorun - Autoruns BeEF modules based on clients OS or browser type - AppCachePoison - Perform app cache poison attacks - BrowserProfiler - Attempts to enumerate all browser plugins of connected clients @@ -23,17 +23,13 @@ Availible plugins: So far the most significant changes have been: -- Spoof plugin now supports ICMP, ARP and DNS spoofing - (DNS Spoofing code was stolen from https://github.com/DanMcInerney/dnsspoof/) +- Spoof plugin now supports ICMP, ARP and DHCP spoofing along with DNS tampering + (DNS tampering code was stolen from https://github.com/DanMcInerney/dnsspoof/) + +- Spoof plugin can now exploit the 'ShellShock' bug when DHCP spoofing! - Usage of third party tools has been completely removed (e.g. ettercap) -- Addition of the BrowserProfiler plugin - -- Addition of the JsKeylogger plugin - -- Addition of the BeefAutorun plugin - - FilePwn plugin re-written to backdoor executables and zip files on the fly by using the-backdoor-factory https://github.com/secretsquirrel/the-backdoor-factory and code from BDFProxy https://github.com/secretsquirrel/BDFProxy @@ -41,8 +37,4 @@ https://github.com/secretsquirrel/the-backdoor-factory and code from BDFProxy ht - Added beefapi.py for interfacing with BeEF's RESTfulAPI -- Added Replace plugin - -- Addition of the app-cache poisoning attack by Krzysztof Kotowicz - -- JavaPwn plugin auto-detects and exploits clients with out-of-date java plugins using the Metasploit Frameworks rpc interface!! +- Addition of the app-cache poisoning attack by Krzysztof Kotowicz