Update subterfuge v-4.3 – Automated Man-in-the-Middle Attack Framework

Beta version 4.3 comes a significant amount of work to ensure compatibility on BackTrack. It also set the scene for the release of new MITM attack vectors, three of which are currently in development and may debut as soon as version 4.4. This release fixes a plethora of several bugs, and introduces much more powerful update functions.

  • Harvesting Module is functional.
  • Code Injection Module is functional. Now with Metasploit!
  • Requires Metasploit to be installed and in PATH
  • Module Builder
  • Tunnel Block Module is functional.
  • DOS Module is functional.
  • Network View Control interface is functional. Now with Nmap!Beta 4.1 Mandatory Updates for the Release:
  • Settings Page Display Current Configuration
  • Link Controls to Settings Page
  • Make Dynamic ARP Poisoning Work
  • Update Functionality
  • Move Settings/Configuration to database

Known Defects:
Possible ARPWatch Config Error — Local IP Address Unknown

Program Structure:
Developed Network View
Integrated Nmap
Added update functionality through SVN

Move Settings/Configuration to database
Using Both Config File and Database for 4.1
Database tables/space created for settings
Ported configuration file reads to database queries

Link Controls to Settings Page

50 Defect New Medium Mtoussain›  Interface change
The settings page now properly displays current attack.

52 Defect New Medium Mtoussain›  Gatway IP Settings
The settings page now properly displays current attack (Same issue as above).

54 Defect New Medium Mtoussain›  ARPWATCH not Operable
ARPWATCH now properly configures and runs. It is now operated by the Attack Controller.

Database now stores and tracks the following
Local IP Address
Attack Interface
Router MAC Address
Gateway IP Address
Auto Config Status
Page Reload Rate
Inject Rate
ARP Cache Poison Rate
Dynamic ARP Poison Status

Dynamic ARP Retention is now operable
Dynamic ARP Retention can now be controlled from the settings page

All attacks are now rendered from the Attack Controller (attackctrl.py)
– This allows for additional MITM vectors to be used in the future

New Modules:
No new Modules in this release

Bug Fixes:
Settings page failed to display current configuration
HTTP_REFERER ERROR referenced nonexistent config.ext file in settings page
Resolved JavaScript conflicts that caused all attempted configuration from the settings page to fail
Fixed errors preventing update functionality from working properly

General Features : 
  • Credential Harvester
  • Http Injection Code
  • Session Hijacking
  • Race Condition Exploitation
  • Evilgrade update exploitation
  • Wireless attack suite
  • and more …
Subterfuge ScreenShoot GUI For Unix/Linux Tool

Download Latest :  SubterfugePublicBeta4.3.tar.gz (19.1 MB)
Find Other Version |
Read more In here : http://code.google.com/p/subterfuge/
 Our Post Before:

  • http://seclist.us/update-subterfuge-v-4-2-automated-man-in-the-middle-attack-framework.html