Script for sniffing traffic.
There are a lot of those scripts, hence the name : Yet Another Mitm Automation Script.
It was originally made for BT4r2 but I "ported" it to BT5, corrected a few bugs and added a few features.
I can't post the script here without raising some kind of warning due to massive use of certain words for parsing, but please review the source at http://yamas.comax.fr
You will be able to view the source, download the script and view a demo video.
It works just great for me, so I hope it will for you too.
Current main features are :
- Real-time output of creds without definition files : any credential, from any website should show up, as well as the site it was used on !
- Log parsing for user-friendly output.
- DNS spoofing once attack is launched
- Network mapping for host discovery.
- Can save dumped passwords to file as well as the whole log file.
- Support for multiple targets on the network, as well as adding targets after attack is launched.
- Sslstrip checking (existence, executable, directory, check version, update...)
- Standalone script, updatable, interactive (new !).
Please don't hesitate to give me your feedback, I'm always looking for new ideas, and ways to improve it !
Check http://comax.fr/yamas.php for more infos, video, other platform versions and an article about how to protect you from it !
[Current version as of 02/02/2012 : 20120202 ]
