Framework for Man-In-The-Middle attacks
(Another) Dependency change!
As of v0.9.6, the fork of the python-netfilterqueue library is no longer required.
If MITMf is not in your distros repo or you just want the latest version:
– clone this repository
– run the setup.sh script
– run the command pip install -r requirements.txt to install all python dependencies
– Addition of DNSChef, the framework is now a IPv4/IPv6 (TCP & UDP) DNS server ! Supported queries are: ‘A’, ‘AAAA’, ‘MX’, ‘PTR’, ‘NS’, ‘CNAME’, ‘TXT’, ‘SOA’, ‘NAPTR’, ‘SRV’, ‘DNSKEY’ and ‘RRSIG’
– Addition of the Sniffer plugin which integrates Net-Creds currently supported protocols are: FTP, IRC, POP, IMAP, Telnet, SMTP, SNMP (community strings), NTLMv1/v2 (all supported protocols like HTTP, SMB, LDAP etc..) and Kerberos
– Integrated Responder to poison LLMNR, NBT-NS and MDNS, and act as a WPAD rogue server.
– Integrated SSLstrip+ by Leonardo Nve to partially bypass HSTS as demonstrated at BlackHat Asia 2014
– Addition of the SessionHijacking plugin, which uses code from FireLamb to store cookies in a Firefox profile
– Spoof plugin can now exploit the ‘ShellShock’ bug when DHCP spoofing!
– Spoof plugin now supports ICMP, ARP and DHCP spoofing
– Usage of third party tools has been completely removed (e.g. ettercap)
– FilePwn plugin re-written to backdoor executables and zip files on the fly by using the-backdoor-factory and code from BDFProxy
– Added msfrpc.py for interfacing with Metasploits rpc server
– Added beefapi.py for interfacing with BeEF’s RESTfulAPI
– Addition of the app-cache poisoning attack by Krzysztof Kotowicz (blogpost explaining the attack here http://blog.kotowicz.net/2010/12/squid-imposter-phishing-websites.html)
How to install on Kali
MITMf is now in tha kali linux repositories!
apt-get install mitmf
Download : Master.zip | Clone Url | 0.9.6.zip | 0.9.6.tar.gz
Source : http://sign0f4.blogspot.it/ | Github
Our Post before: http://seclist.us/updates-mitmf-v-0-9-5-framework-for-man-in-the-middle-attacks.html