Script for sniffing traffic.

[comaX]

There are a lot of those scripts, hence the name : Yet Another Mitm Automation Script.
It was originally made for BT4r2 but I "ported" it to BT5, corrected a few bugs and added a few features.

I can't post the script here without raising some kind of warning due to massive use of certain words for parsing, but please review the source at http://yamas.comax.fr
You will be able to view the source, download the script and view a demo video.

It works just great for me, so I hope it will for you too.

Current main features are :
- Real-time output of creds without definition files : any credential, from any website should show up, as well as the site it was used on !
- Log parsing for user-friendly output.
- DNS spoofing once attack is launched
- Network mapping for host discovery.
- Can save dumped passwords to file as well as the whole log file.
- Support for multiple targets on the network, as well as adding targets after attack is launched.
- Sslstrip checking (existence, executable, directory, check version, update...)
- Standalone script, updatable, interactive (new !).

Please don't hesitate to give me your feedback, I'm always looking for new ideas, and ways to improve it !

Check http://comax.fr/yamas.php for more infos, video, other platform versions and an article about how to protect you from it !

[Current version as of 02/02/2012 : 20120202 ]

[Ubuntu4life]

Thanks.
Have used this before, thanks for porting/updating.

Is it possible that a modem is immune for ARP poisoning? Since I have this new modem I keep failing at doing a successful attack.
Do you want to contact me?
Thanks.

[sickness]

Try arp poisoning only one way

[sostentado]

oops..... link error.... please review your link.. thank you.

[comaX]

oops..... link error.... please review your link.. thank you.

Oops, corrected now, thank you !

EDIT : disregard text in brackets ; I found a way to do that. It's home-made workaround, but it works !
[Script-wise, I found a way to loop the parsing process every x seconds (wasn't that hard after all...) and it works just the way I wanted it to, but when I try to pass the function to xterm, it closes immediately. Maybe functions can't be executed in xterm ? That would be logical if xterm doesn't have access to the script*, hence it would not know the function. Any idea ?

*I mean that xterm is like launching a new console, so the function is not defined for the xterm window. ]

Bottom line : as attack is running, credentials are displayed as they are sniffed !

Again, please give your feedback so I can improve it ! Anything really, even grammar.

[Ubuntu4life]

Try arp poisoning only one way

Alright thanks, worked.

[michelinok]

hey man...why should we "arp poison" ? doesn't the script do this job already? (please,explain...) many thanks!

[comaX]

Yes, it does the arp poisoning, with arpspoof. I'll let someone else explain since I don't have much time, or I'll come back to edit

Editing time it is ! So, I believe that when sickness speaks about one-way poisoning, he tells you to poison only the victims, and not the whole network, in which case you can also poison the router, and the router might detect the poisoning (please, anyone, correct me if I'm wrong !).

Script-wise, this means you'd better use the feature to target only a few hosts rather than the whole network.

Anyway, yes, the script "does" the arp poisoning !

[oxycodine]

great little script

I don't really know how you could make it better, maybe os detection?

[comaX]

great little script

I don't really know how you could make it better, maybe os detection?

Thanks
Since I made it for BT4, and ported it to BT5, and both are still accessible, I don't feel it's very necessary... Maybe you are talking about different linux distros ?
Could be something, provided I also include ways to download the needed applications. But that would be a little bit out of the "script thing".

Maybe some bugs found ? More comments should be added ?
Since I updated it a little bit, I didn't really paid attention to "UI"... Something to change on that ?

Thanks again for you message, I'll keep the OS detection somewhere in my head, probably for when I will have succeeded porting it to python !