MITMf/README.md

MITMf
=====

Framework for Man-In-The-Middle attacks

Quick tutorials, examples and dev updates at http://sign0f4.blogspot.it

This tool is completely based on sergio-proxy https://code.google.com/p/sergio-proxy/ and is an attempt to revive and update the project.

Availible plugins:
- Spoof - Redirect traffic using ARP Spoofing, DNS Spoofing or ICMP Redirects
- AppCachePoison - Perform app cache poison attacks 
- BrowserProfiler - Attempts to enumerate all browser plugins of connected clients
- CacheKill - Kills page caching by modifying headers
- FilePwn - Backdoor executables being sent over http using bdfactory
- Inject - Inject arbitrary content into HTML content
- JavaPwn - Performs drive-by attacks on clients with out-of-date java browser plugins
- jskeylogger - Injects a javascript keylogger into clients webpages
- Replace - Replace arbitary content in HTML content
- SMBAuth - Evoke SMB challenge-response auth attempts
- Upsidedownternet - Flips images 180 degrees

So far the most significant changes have been:

- Spoof plugin is live !! Supports ICMP, ARP and DNS spoofing
  (DNS Spoofing code was stolen from https://github.com/DanMcInerney/dnsspoof/) 

- Usage of third party tools has been completely removed (e.g. ettercap)

- Addition of the BrowserProfiler plugin

- Addition of the JsKeylogger plugin

- FilePwn plugin re-written to backdoor executables and zip files on the fly by using the-backdoor-factory
https://github.com/secretsquirrel/the-backdoor-factory and code from BDFProxy https://github.com/secretsquirrel/BDFProxy

- Added msfrpc.py for interfacing with Metasploits rpc server

- Added Replace plugin

- Addition of the app-cache poisoning attack by Krzysztof Kotowicz 

- JavaPwn plugin now live! Auto-detect and exploit clients with out-of-date java plugins using the Metasploit Frameworks rpc interface!!