MITMf is an all-in-one tool for performing various types of MITM attacks and techniques on a victim's internal network. The features of MITMf include the following:
- The capturing of NTLM v1/v2, POP, IMAP, SMTP, Telnet, FTP, Kerberos, and SNMP credentials. These credentials will allow you to access users' accounts, systems/devices, file shares, and other network resources.
- The use of Responder to perform LLMNR, NBT-NS, and MDNS poisoning attacks.
To get started with MITMf, follow these instructions:
- Install the dependencies packages in Kali Linux using the following command:
apt-get install python-dev python-setuptools libpcap0.8-dev libnetfilter-queue-dev libssl-dev libjpeg-dev libxml2-dev libxslt1-dev libcapstone3 libcapstone-dev libffi-dev file
- Once completed, install virtualenvwrapper:
pip install virtualenvwrapper
- Next, you'll need to update the source in the virtualenvwrapper.sh script. Firstly, execute the updatedb command to create an updated database of all the file locations in the local filesystem. Once completed, use the locate virtualenvwrapper.sh command to get the file path. Then, execute the source command followed by the file path, as shown in the following screenshot:
- Create a virtual environment using the mkvirtualenv MITMf -p /usr/bin/python2.7 command and download the MITMf repository, as shown in the following screenshot:
- Once the repository has been downloaded, change directory and clone the sub-modules:
cd MITMf && git submodule init && git submodule update -recursive
- Install the dependencies using the following command:
pip install -r requirements.txt
- To view the help menu, use the following command:
python mitmf.py --help
You have now set up MITMf on your Kali Linux machine. Next, let's take a deep dive into learning about the use cases of MITMf.