中间人攻击测试框架:MITMf

jopen 10年前

中间人攻击测试框架 – MITMf。工具的作者是byt3bl33d3r,是基于代理工具sergio-proxy修改而来

MITMf不支持多系统平台,虽然是python写的,但是玩过以后才发现根本就是给linux量身做的,所以这里想玩的同学如果是win环境的话,可以考虑用虚拟机了,这里建议使用Kali/Linux。

这个工具完全基于 sergio-proxy https://code.google.com/p/sergio-proxy/ 并试图恢复和更新这个项目。

可用的插件:

  • Spoof - Redirect traffic using ARP Spoofing, ICMP Redirects or DHCP Spoofing and modify DNS queries
  • BeEFAutorun - Autoruns BeEF modules based on clients OS or browser type
  • AppCachePoison - Perform app cache poison attacks
  • BrowserProfiler - Attempts to enumerate all browser plugins of connected clients
  • CacheKill - Kills page caching by modifying headers
  • FilePwn - Backdoor executables being sent over http using bdfactory
  • Inject - Inject arbitrary content into HTML content
  • JavaPwn - Performs drive-by attacks on clients with out-of-date java browser plugins
  • jskeylogger - Injects a javascript keylogger into clients webpages
  • Replace - Replace arbitary content in HTML content
  • SMBAuth - Evoke SMB challenge-response auth attempts
  • Upsidedownternet - Flips images 180 degrees

项目主页:http://www.open-open.com/lib/view/home/1412900783077