mirror of https://github.com/byt3bl33d3r/MITMf.git synced 2025-07-08 05:51:48 -07:00

Framework for Man-In-The-Middle attacks

Find a file

byt3bl33d3r 2f194628ab updated README with nfqueue instructions		2014-10-29 18:53:30 +01:00
bdfactory@815add35f7	fixed beefapi error, beefautorun now injects hook url and updated arguments, misc code style fixes	2014-10-17 21:07:28 +02:00
config_files	added HSTS bypass as demonstrated by Leonardo Nve at blackhat	2014-10-11 13:09:06 +02:00
libs	revamped beefapi, fixed BrowserProfiler output	2014-08-27 00:09:18 +02:00
plugins	fixed beefapi error, beefautorun now injects hook url and updated arguments, misc code style fixes	2014-10-17 21:07:28 +02:00
sslstrip	added HSTS bypass as demonstrated by Leonardo Nve at blackhat	2014-10-11 13:09:06 +02:00
.gitignore	code cleanup on all plugins, disabled annoying "Starting new HTTP Connection" log message, added BeefAutorun plugin and beefapi lib	2014-08-14 11:30:44 +02:00
.gitmodules	added submodule bdfactory	2014-07-12 08:31:09 +02:00
LICENSE	Initial commit	2014-07-07 13:13:51 +02:00
lock.ico	initial commit	2014-07-07 13:40:49 +02:00
mitmf.py	added HSTS bypass as demonstrated by Leonardo Nve at blackhat	2014-10-11 13:09:06 +02:00
README.md	updated README with nfqueue instructions	2014-10-29 18:53:30 +01:00
setup.sh	updated README with nfqueue instructions	2014-10-29 18:53:30 +01:00
update.sh	modified binkybears install script	2014-10-19 11:21:53 +02:00

README.md

MITMf V0.7

Framework for Man-In-The-Middle attacks

Quick tutorials, examples and dev updates at http://sign0f4.blogspot.it

This tool is completely based on sergio-proxy https://code.google.com/p/sergio-proxy/ and is an attempt to revive and update the project.

Availible plugins:

Spoof - Redirect traffic using ARP Spoofing, ICMP Redirects or DHCP Spoofing and modify DNS queries
BeEFAutorun - Autoruns BeEF modules based on clients OS or browser type
AppCachePoison - Perform app cache poison attacks
BrowserProfiler - Attempts to enumerate all browser plugins of connected clients
CacheKill - Kills page caching by modifying headers
FilePwn - Backdoor executables being sent over http using bdfactory
Inject - Inject arbitrary content into HTML content
JavaPwn - Performs drive-by attacks on clients with out-of-date java browser plugins
jskeylogger - Injects a javascript keylogger into clients webpages
Replace - Replace arbitary content in HTML content
SMBAuth - Evoke SMB challenge-response auth attempts
Upsidedownternet - Flips images 180 degrees

So far the most significant changes have been:

Integrated SSLstrip+ (https://github.com/LeonardoNve/sslstrip2) by Leonardo Nve to partially bypass HSTS as demonstrated at BlackHat Asia 2014
Spoof plugin now supports ICMP, ARP and DHCP spoofing along with DNS tampering (DNS tampering code was stolen from https://github.com/DanMcInerney/dnsspoof/)
Spoof plugin can now exploit the 'ShellShock' bug when DHCP spoofing!
Usage of third party tools has been completely removed (e.g. ettercap)
FilePwn plugin re-written to backdoor executables and zip files on the fly by using the-backdoor-factory https://github.com/secretsquirrel/the-backdoor-factory and code from BDFProxy https://github.com/secretsquirrel/BDFProxy
Added msfrpc.py for interfacing with Metasploits rpc server
Added beefapi.py for interfacing with BeEF's RESTfulAPI
Addition of the app-cache poisoning attack by Krzysztof Kotowicz

How to install on Kali

Run setup.sh as root to install all submodules and python libraries.

If you get an error similar to TypeError: nfqueue_callback() takes exactly 3 arguments (2 given) Then you need to manually compile the python bindings for nfqueue. You can download the latest version at https://www.wzdftpd.net/redmine/projects/nfqueue-bindings/wiki