ba14ed8687
DHCP poisoning now works on Windows, additionaly it's been optimized for performance improvements ARP poisoning has been optimized with and internal cache and some algo improvements cve-details-parser.py has been added to the utils/ directory to help adding exploits to the BrowserSniper config file I'm currently working on adding to the filepwn plugin all of the missing options that bdfproxy stand-alone has |
||
|---|---|---|
| config | ||
| core | ||
| libs | ||
| logs | ||
| plugins | ||
| tools | ||
| .gitignore | ||
| .gitmodules | ||
| CONTRIBUTING.md | ||
| kali_setup.sh | ||
| LICENSE | ||
| lock.ico | ||
| mitmf.py | ||
| other_setup.sh | ||
| README.md | ||
#MITMf V0.9.8 - 'The Dark Side'
Framework for Man-In-The-Middle attacks
Quick tutorials, examples and developer updates at: https://byt3bl33d3r.github.io
This tool is based on sergio-proxy and is an attempt to revive and update the project.
Twitter: @byt3bl33d3r IRC on Freenode: #MITMf Email: byt3bl33d3r@gmail.com
Before submitting issues, please read the FAQ and CONTRIBIUTING.md.
Available plugins
HTA Drive-By- Injects a fake update notification and prompts clients to download an HTA applicationSMBtrap- Exploits the 'SMB Trap' vulnerability on connected clientsScreenshotter- Uses HTML5 Canvas to render an accurate screenshot of a clients browserResponder- LLMNR, NBT-NS, WPAD and MDNS poisonerSSLstrip+- Partially bypass HSTSSpoof- Redirect traffic using ARP spoofing, ICMP redirects or DHCP spoofingBeEFAutorun- Autoruns BeEF modules based on a client's OS or browser typeAppCachePoison- Perform app cache poisoning attacksFerret-NG- Transperently hijacks sessionsBrowserProfiler- Attempts to enumerate all browser plugins of connected clientsCacheKill- Kills page caching by modifying headersFilePwn- Backdoor executables sent over HTTP using the Backdoor Factory and BDFProxyInject- Inject arbitrary content into HTML contentBrowserSniper- Performs drive-by attacks on clients with out-of-date browser pluginsjskeylogger- Injects a Javascript keylogger into a client's webpagesReplace- Replace arbitary content in HTML contentSMBAuth- Evoke SMB challenge-response authentication attemptsUpsidedownternet- Flips images 180 degrees
Changelog
-
Added the
SMBTrapplugin -
Config file now updates on the fly!
-
SessionHijackeris replaced withFerret-NG, captures cookies and starts a proxy that will feed them to connected clients -
JavaPwnplugin replced withBrowserSniper, now supports Java, Flash and browser exploits -
Addition of the
Screenshotterplugin, able to render screenshots of a client's browser at regular intervals -
Addition of a fully functional SMB server using the Impacket library
-
Addition of DNSChef, the framework is now a IPv4/IPv6 (TCP & UDP) DNS server! Supported queries are: 'A', 'AAAA', 'MX', 'PTR', 'NS', 'CNAME', 'TXT', 'SOA', 'NAPTR', 'SRV', 'DNSKEY' and 'RRSIG'
-
Integrated Net-Creds currently supported protocols are: FTP, IRC, POP, IMAP, Telnet, SMTP, SNMP (community strings), NTLMv1/v2 (all supported protocols like HTTP, SMB, LDAP etc.) and Kerberos
-
Integrated Responder to poison LLMNR, NBT-NS and MDNS and act as a rogue WPAD server
-
Integrated SSLstrip+ by Leonardo Nve to partially bypass HSTS as demonstrated at BlackHat Asia 2014
-
Spoofplugin can now exploit the 'ShellShock' bug when DHCP spoofing -
Spoofplugin now supports ICMP, ARP and DHCP spoofing -
Usage of third party tools has been completely removed (e.g. Ettercap)
-
FilePwnplugin re-written to backdoor executables zip and tar files on the fly by using the-backdoor-factory and code from BDFProxy -
Added msfrpc.py for interfacing with Metasploit's RPC server
-
Added beefapi.py for interfacing with BeEF's RESTfulAPI
-
Addition of the app-cache poisoning attack by Krzysztof Kotowicz (blogpost explaining the attack here: http://blog.kotowicz.net/2010/12/squid-imposter-phishing-websites.html)
How to install on Kali
apt-get install mitmf
Currently Kali has a very old version of MITMf in its repos, read the Installation section to get the latest version
Installation
If you're rocking Kali and want the latest version:
- Clone this repository
- Run the
kali_setup.shscript Note: you can ignore any errors whenpiptries to install dependencies, MITMf should be able to run anyway
If you're rocking any other Linux distro:
- Clone this repository
- Run the
other_setup.shscript - Run the command
pip install --upgrade mitmflibto install all Python dependencies
FAQ
-
Is Windows supported?
-
No, it will never be supported
-
Is OSX supported?
-
Yes! Initial compatibility has been introduced in 0.9.8! Find anything broken submit a PR or open an issue ticket!
-
I can't install package X because of an error!
-
Try installing the package via
pipor your distro's package manager. This isn't a problem with MITMf. -
How do I install package X?
-
Please read the installation guide.
-
I get an ImportError when launching MITMf!
-
Please read the installation guide.
-
Dude, no documentation?
-
The docs are a work in progress at the moment, once the framework hits 1.0 I will push them to the wiki