Framework for Man-In-The-Middle attacks
Quick tutorials, examples and developer updates at: http://sign0f4.blogspot.it
This tool is based on sergio-proxy and is an attempt to revive and update the project.
Contact me at:
- Twitter: @byt3bl33d3r
- IRC on Freenode: #MITMf
- Email: [email protected]
Before submitting issues, please read the FAQ and the appropriate section.
SMBtrap- Exploits the 'SMB Trap' vulnerability on connected clientsScreenshotter- Uses HTML5 Canvas to render an accurate screenshot of a clients browserResponder- LLMNR, NBT-NS, WPAD and MDNS poisonerSSLstrip+- Partially bypass HSTSSpoof- Redirect traffic using ARP spoofing, ICMP redirects or DHCP spoofingBeEFAutorun- Autoruns BeEF modules based on a client's OS or browser typeAppCachePoison- Perform app cache poisoning attacksFerret-NG- Transperently hijacks sessionsBrowserProfiler- Attempts to enumerate all browser plugins of connected clientsCacheKill- Kills page caching by modifying headersFilePwn- Backdoor executables sent over HTTP using the Backdoor Factory and BDFProxyInject- Inject arbitrary content into HTML contentBrowserSniper- Performs drive-by attacks on clients with out-of-date browser pluginsjskeylogger- Injects a Javascript keylogger into a client's webpagesReplace- Replace arbitary content in HTML contentSMBAuth- Evoke SMB challenge-response authentication attemptsUpsidedownternet- Flips images 180 degrees
-
Added the
SMBTrapplugin -
Config file now updates on the fly!
-
SessionHijackeris replaced withFerret-NG, captures cookies and starts a proxy that will feed them to connected clients -
JavaPwnplugin replced withBrowserSniper, now supports Java, Flash and browser exploits -
Addition of the
Screenshotterplugin, able to render screenshots of a client's browser at regular intervals -
Addition of a fully functional SMB server using the Impacket library
-
Addition of DNSChef, the framework is now a IPv4/IPv6 (TCP & UDP) DNS server! Supported queries are: 'A', 'AAAA', 'MX', 'PTR', 'NS', 'CNAME', 'TXT', 'SOA', 'NAPTR', 'SRV', 'DNSKEY' and 'RRSIG'
-
Integrated Net-Creds currently supported protocols are: FTP, IRC, POP, IMAP, Telnet, SMTP, SNMP (community strings), NTLMv1/v2 (all supported protocols like HTTP, SMB, LDAP etc.) and Kerberos
-
Integrated Responder to poison LLMNR, NBT-NS and MDNS and act as a rogue WPAD server
-
Integrated SSLstrip+ by Leonardo Nve to partially bypass HSTS as demonstrated at BlackHat Asia 2014
-
Spoofplugin can now exploit the 'ShellShock' bug when DHCP spoofing -
Spoofplugin now supports ICMP, ARP and DHCP spoofing -
Usage of third party tools has been completely removed (e.g. Ettercap)
-
FilePwnplugin re-written to backdoor executables zip and tar files on the fly by using the-backdoor-factory and code from BDFProxy -
Added msfrpc.py for interfacing with Metasploit's RPC server
-
Added beefapi.py for interfacing with BeEF's RESTfulAPI
-
Addition of the app-cache poisoning attack by Krzysztof Kotowicz (blogpost explaining the attack here: http://blog.kotowicz.net/2010/12/squid-imposter-phishing-websites.html)
apt-get install mitmf
Currently Kali has a very old version of MITMf in its repos, read the Installation section to get the latest version
If MITMf is not in your distro's repo or you just want the latest version:
- Run the command
git clone https://github.com/byt3bl33d3r/MITMf.gitto clone this directory - Run the
setup.shscript - Run the command
pip install --upgrade -r requirements.txtto install all Python dependencies
On Kali Linux, if you get an error while installing the pypcap package or when starting MITMf you see: ImportError: no module named pcap, run apt-get install python-pypcap to fix it
If you have questions regarding the framework please email me at [email protected]
Only submit issues if you find a bug in the latest version of the framework.
When inevitably you do come across said bug, please open an issue and include at least the following in the description:
- Full command string you used
- OS you're using
- Full error traceback, if any
Also, remember that Github markdown is your friend!
-
Is Windows supported?
-
No
-
Is OSX supported?
-
Currently no, although with some tweaking (which I'll probably get around to in the near future), it should be able to run perfectly on OSX.
-
I can't install package X because of an error!
-
Try installing the package via
pipor your distro's package manager. This isn't a problem with MITMf. -
How do I install package X?
-
Please read the installation guide.
-
I get an ImportError when launching MITMf!
-
Please read the installation guide.
-
Dude, no documentation/video tutorials?
-
Currently no but once the framework hits 1.0, I'll probably start writing/making some.