Update 0x4553-Intercepter

0x4553-Intercepter 0.8.1

A few nice updates:

• 1. Analysis of pcap dumps from the console, ./intercepter -t dump.cap
  the output will be dump.cap.txt with all the robbed information.
• Autostart sniffing when you start the application. In the configuration file
  You must specify the serial number of the interface in the autorun column.
• MiTM via ICMP redirect. Not a very common technique, especially under Windows.
  Allows you to conduct targeted attacks on target addresses. Perhaps on its base will be created
  a more universal method that allows you to intercept almost all traffic.

MiTM Videos:

0x4553-Intercepter 0.8.2

Less than a week later, a “more universal method” was implemented.
Its essence is as follows. Through ICMP redirect, we redirect the victim's DNS server
to myself. Thus, all requests / answers are clear.
Suppose the victim wants to visit rambler.ru, the request with the help of 0x4553-NAT is redirected
to the DNS server. Next, we get a response that contains one or more allowed
IP addresses. The whole point is that before redirecting the answer back to the victim, we send
a series of new ICMP redirect messages, redirecting all the resolved addresses to themselves.
That's all.
')
For those who are not familiar with ICMP technology Redirect will clarify. Snuff everything that moves does not work,
There is one important limitation - you can redirect hosts only from other subnets.
Example:
192.168.1.1 - GW
192.168.1.10 - the victim
192.168.1.100 - DNS
in this scenario, this attack will not work.

DNS must be either 192.168.2.x or from any other subnet.

Video demo:

Official site - sniff.su

Questions can be asked on the forum: intercepter.maxforum.org
or by mail: intercepter.mail@gmail.com