Update subterfuge v-4.1 – Automated Man-in-the-Middle Attack Framework

Beta release 4.1comes with some much needed bug fixes. While 4.0 was content heavy; issues existed in the release ranging from annoying to severely detrimental. 4.1 Fixes many of these issues, and brings other dormant features online to include ARPWATCH and UPDATE functionalities! Further changes to Subterfuge such as the new attack controller make the Framework significantly more modular.Unpack and run “python install.py -i” for full installation. Requires Linux kernel  2.6 or greater and Python .7.Note: Configuration file is now DEPRECATED! Expect removal in Version 5.0 Modules:
Harvesting Module is functional.
Code Injection Module is functional. Now with Metasploit!
Requires Metasploit to be installed and in PATH
Module Builder
Tunnel Block Module is functional.
DOS Module is functional.
Network View Control interface is functional. Now with Nmap!

Beta 4.1 Mandatory Updates for the Release:
Settings Page Display Current Configuration
Link Controls to Settings Page
Make Dynamic ARP Poisoning Work
Update Functionality
Move Settings/Configuration to database

Known Defects:
Possible ARPWatch Config Error — Local IP Address Unknown

Program Structure:
Developed Network View
Integrated Nmap
Added update functionality through SVN

Move Settings/Configuration to database
Using Both Config File and Database for 4.1
Database tables/space created for settings
Ported configuration file reads to database queries

Link Controls to Settings Page

50 Defect New Medium Mtoussain›  Interface change
The settings page now properly displays current attack.

52DefectNewMediumMtoussain›  Gatway IP Settings
The settings page now properly displays current attack (Same issue as above).

54DefectNewMediumMtoussain›  ARPWATCH not Operable
ARPWATCH now properly configures and runs. It is now operated by the Attack Controller.

Database now stores and tracks the following
Local IP Address
Attack Interface
Router MAC Address
Gateway IP Address
Auto Config Status
Page Reload Rate
Inject Rate
ARP Cache Poison Rate
Dynamic ARP Poison Status

Dynamic ARP Retention is now operable
Dynamic ARP Retention can now be controlled from the settings page

All attacks are now rendered from the Attack Controller (attackctrl.py)
– This allows for additional MITM vectors to be used in the future

New Modules:
No new Modules in this release

Bug Fixes:
Settings page failed to display current configuration
HTTP_REFERER ERROR referenced nonexistent config.ext file in settings page
Resolved JavaScript conflicts that caused all attempted configuration from the settings page to fail
Fixed errors preventing update functionality from working properly

General Features : 
  • Credential Harvester
  • Http Injection Code
  • Session Hijacking
  • Race Condition Exploitation
  • Evilgrade update exploitation
  • Wireless attack suite
  • and more …
Subterfuge ScreenShoot GUI For Unix/Linux Tool

Download Latest :  SubterfugePublicBeta4.1.tar.gz (18.7 MB)
Find Other Version |
Read more In here : http://code.google.com/p/subterfuge/

 Our Post Before:

  • http://seclist.us/update.html