[Subterfuge v1.0] Automated Man-in-the-Middle Attack Framework

Subterfuge, a Framework to take the arcane art of Man-in-the-Middle Attacks and make it as simple as point and shoot. Subterfuge demonstrates vulnerabilities in the ARP Protocol by harvesting credentials that go across the network and even exploiting machines by injecting malicious code directly into their browsing sessions.

The first step in any Subterfuge attack is gaining a Man-in-the-Middle position. Currently, Subterfuge only ships with one method of establishing itself as MITM, ARP Cache Poisoning. Nevertheless, as a framework, its modular design allows it to support multiple methods.

Some used attacks

• ARP Cache Poisoning
• Dynamic Poison Retention & ARPBLock

Subterfuge comes with modules that give the ability to leverage the position quickly and easily. Moreover, if your needs are particularly specific, you can create a module for Subterfuge without the need to launch your own attack from scratch. Subterfuge comes packaged with several default modules that you can use to great effect.

List of some integrated modules

• Credential Harvester
• Session Hijacking
• HTTP Code Injection
• Denial of Service
• Tunnel Block
• Network View
• Evilgrade

Version 1.0 is the first release of Subterfuge to have come out of Beta! It includes significant package upgrades, compatibility fixes, a modified interface, and a whole new packaging system.

The tool comes with a rich documentation and examples. Take care to go through the website.

Download Subterfuge v1.0

Read More

[Wi-fEye] Automated Network Testing Tool

Wi-fEye is an automated wirelress penetration testing tool written in python , its designed to simplify common attacks that can be performed on wifi networks so that they can be executed quickly and easily.

Wifi has three main menus :

1. Cracking menu: contains attacks that could allow us to crack wifi passwords weather is WEP , WPA or WPA2:
• Enable monitor mode
• View avalale Wireless Networks
• Launch Airodump-ng on a specific AP
• WEP cracking: here you can perform a number of attacks to crack WEP passwords :
  • Interactive packet replay.
  • Fake Authentication Attack.
  • Korek Chopchop Attack.
  • Fragmentation Attack.
  • Hirte Attack (cfrag attack).
  • Wesside-ng.
2. WPA Cracking: here you can perform a number of attacks to crack WPA passwords , this menu is devided into two sections:
   • launch a brute force attack against a WPS-enabled network to crack WPA/WPA2 without a dictionary.
   • Obtain handshake: This will automatically attempt to obtain the handshake
   • Cracking: After obtaining the handshake or if you have the handshake ready then you can attempt to crack it in this section , you can choose to use you wordlist straight away with aircrack-ng or you can add to a table and then crack the password.
3. MITM: this menu will allow you to do the following Automatically:
   • Enable IP forwarding.
   • ARP Spoof.
   • Launch ettercap (Text mode).
   • Sniff SSL/HTTPS traffic.
   • Sniff URLs and send them to browser.
   • Sniff images.
     
   • DNS Spoof.
   • HTTP Session Hijacking (using Hamster).
4. Others: this menu will allow you to o the following automatically:
   • Change MAC Address.
   • Create a fake access point.
   • Hijack software updates (using Evilgrade).
     

Platforms supported:

Wi-fEye is written in Python and should run on any UNIX based platform with a Python interpreter, as long as all needed modules and programs have been installed. So far it has been successfully tested on:

• Linux
• FreeBSD

Download Wi-fEye

Read More