在线时间:8:00-16:00
迪恩网络APP
随时随地掌握行业动态
扫描二维码
关注迪恩网络微信公众号
开源软件名称:byt3bl33d3r/MITMf开源软件地址:https://github.com/byt3bl33d3r/MITMf开源编程语言:Python 83.1%开源软件介绍:MITMfFramework for Man-In-The-Middle attacks This project is no longer being updated. MITMf was written to address the need, at the time, of a modern tool for performing Man-In-The-Middle attacks. Since then many other tools have been created to fill this space, you should probably be using Bettercap as it is far more feature complete and better maintained. Quick tutorials, examples and developer updates at: https://byt3bl33d3r.github.io This tool is based on sergio-proxy and is an attempt to revive and update the project. Contact me at:
Before submitting issues, please read the relevant section in the wiki . InstallationPlease refer to the wiki for installation instructions DescriptionMITMf aims to provide a one-stop-shop for Man-In-The-Middle and network attacks while updating and improving existing attacks and techniques. Originally built to address the significant shortcomings of other tools (e.g Ettercap, Mallory), it's been almost completely re-written from scratch to provide a modular and easily extendible framework that anyone can use to implement their own MITM attack. Features
Active packet filtering/modificationYou can now modify any packet/protocol that gets intercepted by MITMf using Scapy! (no more etterfilters! yay!) For example, here's a stupid little filter that just changes the destination IP address of ICMP packets: if packet.haslayer(ICMP):
log.info('Got an ICMP packet!')
packet.dst = '192.168.1.0'
Now to use the filter all we need to do is: You will probably want to combine that with the Spoof plugin to actually intercept packets from someone else ;) Note: you can modify filters on-the-fly without restarting MITMf! ExamplesThe most basic usage, starts the HTTP proxy SMB,DNS,HTTP servers and Net-Creds on interface enp3s0:
ARP poison the whole subnet with the gateway at 192.168.1.1 using the Spoof plugin:
Same as above + a WPAD rogue proxy server using the Responder plugin:
ARP poison 192.168.1.16-45 and 192.168.0.1/24 with the gateway at 192.168.1.1:
Enable DNS spoofing while ARP poisoning (Domains to spoof are pulled from the config file):
Enable LLMNR/NBTNS/MDNS spoofing:
Enable DHCP spoofing (the ip pool and subnet are pulled from the config file):
Same as above with a ShellShock payload that will be executed if any client is vulnerable:
Inject an HTML IFrame using the Inject plugin:
Inject a JS script:
Start a captive portal that redirects everything to http://SERVER/PATH:
Start captive portal at http://your-ip/portal.html using default page /portal.html (thx responder) and /CaptiveClient.exe (not included) from the config/captive folder:
Same as above but with hostname captive.portal instead of IP (requires captive.portal to resolve to your IP, e.g. via DNS spoof):
Serve a captive portal with an additional SimpleHTTPServer instance serving the LOCALDIR at http://IP:8080 (change port in mitmf.config):
Same as above but with hostname:
And much much more! Of course you can mix and match almost any plugin together (e.g. ARP spoof + inject + Responder etc..) For a complete list of available options, just run Currently available plugins
How to fund my tea & sushi reserveBTC: 1ER8rRE6NTZ7RHN88zc6JY87LvtyuRUJGU ETH: 0x91d9aDCf8B91f55BCBF0841616A01BeE551E90ee LTC: LLMa2bsvXbgBGnnBwiXYazsj7Uz6zRe4fr |
2023-10-27
2022-08-15
2022-08-17
2022-09-23
2022-08-13
请发表评论