Results 1 to 7 of 7

Thread: Easy MitM+Sniffing

  1. #1
    Just burned his ISO
    Join Date
    Aug 2009
    Posts
    4

    Lightbulb Easy MitM+Sniffing

    This is a simple program I wrote, use it when you're connected to a network if you wanna sniff the packets between two machines.

    mitm (the name is not excentric ^^) will spoof the IP address of the two victims to do a man-in-the-middle and will forward the packets in order to make the network working.

    The interesting part is the "-t" options I added to it, it will create a pseudo-interface (like airtun or airbase for example) named mitm0 and all the forwarded packets will be cleaned and replayed on this. So if you wanna sniff very easily, you just got to do, for example for the victims 192.168.1.1 and 192.168.1.4:

    Code:
    root@bt:~# mitm -i wlan0 -t 192.168.1.1 192.168.1.4
    Created tap interface mitm0
    Attacker is at XX:XX:XX:XX:XX:XX
    192.168.1.1 is at XX:XX:XX:XX:XX:XX
    192.168.1.4 is at XX:XX:XX:XX:XX:XX
    Monkey is in the middle (Press escape to exit)
    Read 167 packets, 18 packets replayed
    And then, in another terminal:

    Code:
    root@bt:~# ifconfig mitm0 up
    root@bt:~# wireshark
    And choose the interface "mitm0" in the wireshark sniffing menu.

    You will only see the packets travelling between the two victims!

    Download
    studentweb.cencol.ca/aschu08/mitm.tgz (Thanks to Andrew)
    OR
    rapidshare.com/files/283147117/mitm.tgz.html

    Installation
    1) Extract the tar archive (tar zxvf mitm-0.23.tgz)
    2) Go in the mitm directory (cd mitm)
    3) Compile (make). You'll maybe get some warnings, it's not very important.
    4) Install (make install)
    5) You can now use the "mitm" command

    I'm awaiting for your questions, suggestions or remarks

    Enjoy

    Notes

    1. You'll need to type "modprobe tun" to use the -t option
    2. If you got problem with mitm send me an e-mail (g.passault@gmail.com), I'll help you.

  2. #2
    Very good friend of the forum Gitsnik's Avatar
    Join Date
    Jan 2010
    Location
    The Crystal Wind
    Posts
    851

    Default

    Ah, of the three /network/ tools you have, this one actually looks useful* (mostly because of the -t option).

    What machines have you tested this on, and how portable should it be (i.e. should it be operable on my FreeBSD systems).

    Still, this one looks good, so good job.

    *Edit: In so far as the others have more established tools available to do the same job. Not a detraction from your skills or code.
    Still not underestimating the power...

    There is no such thing as bad information - There is truth in the data, so you sift it all, even the crap stuff.

  3. #3
    Just burned his ISO
    Join Date
    Aug 2009
    Posts
    4

    Default

    It's actually difficult to me to say how this is portable. This use the Aircrack's osdep library to create the tunnel so this part should be OK.

    So far I tested it on BT4 on an EEE-PC and on Ubuntu 8.04 on a desktop computer.

    EDIT: I also tried on Fedora, i got more warnings but that's worked. I'll fix the warnings (cause that's ugly) and try with a BSD distro

    I'd better test it -i'll get some LiveCDs and try with other distros- and i'll keep you on touch

  4. #4
    Member zWiReDz's Avatar
    Join Date
    Sep 2009
    Posts
    123

    Default

    This looks pretty darn useful. Might have to give it a shot. In windoze atm on my dell 9 mini, so i'll boot up my dell 10 mini here in a quick sec and give her a go.
    "If it's stupid but works, it's not stupid." - Murphy's Laws of combat, #2

  5. #5
    Just burned his ISO
    Join Date
    Aug 2009
    Posts
    4

    Default

    I got problem with my hosting, you can download MitM here:

    rapidshare.com/files/283147117/mitm.tgz.html

  6. #6
    Just burned his ISO
    Join Date
    Apr 2008
    Posts
    3

    Default

    Its the least I could do, my college doesn't need the bandwidth anyways :-P

    P.S. that link is WAAAY faster then rapidsh*t ;-) (not that that matters since its only 70kb)

  7. #7
    Just burned his ISO
    Join Date
    Nov 2009
    Posts
    3

    Default Rapidshare link (premium account)

    hxxp://rapidshare.com/files/307417950/mitm.tgz RapidShare: 1-CLICK Web hosting - Easy Filehosting[/url]

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •