The Wind: Man In The Middle (MITM) Attack Tool

Posted on 09 January 2016 at 11:44

The Wind: Man In The Middle (MITM) Attack Tool.
To do man in the middle attacks on multiple application layer protocols.

What is MITM Attack?
A man-in-the-middle (MITM) attack is a form of eavesdropping where communication between two users is monitored and modified by an unauthorized party. Its intercepts a communication between two systems.

For now, it only supports SSL protocol.

Utilize Scapy to parse packets.
Utilize Scapy-SSL/TLS to support for parsing/building SSL/TLS in Scapy.

Feature

SSL Freak Attack

Installation

1) mv ssl_tls.py to ./scapy/layers

2) modify ./scapy/config.py to autoload ssl_tls layer

config.py::Conf::load_layers

375,376c375
< "sebek", "skinny", "smb", "snmp", "tftp", "x509", "bluetooth", "dhcp6", "llmnr", "sctp", "vrrp",
< "ssl_tls", ]
---
> "sebek", "skinny", "smb", "snmp", "tftp", "x509", "bluetooth", "dhcp6", "llmnr", "sctp", "vrrp"]

Usage

redirect traffic to port 8888: iptables -t nat -A PREROUTING -p tcp --dport 443 -j REDIRECT --to-port 8888 Or rdr on xxiface inet proto tcp from xxx.xxx.xxx.xxx/xx to any port = 443 -> 127.0.0.1 port 8888
edit wind.py to import the right file, for example, add import freak to launch the SSL FREAK attack
you can write your own module to implement a specific ssl attack, the compulsory funtions you need to supply are those in forward.py
if man in the middle wants to connect to another server, set use OrinAddr = False, then set ip, port
set doProcess = True to make the process functions take effect.

Download

The Wind: Man In The Middle (MITM) Attack Tool

TAGS:

About the author

user-root

bitLanders is a new kind of social, start and claim your rewards!