I have been playing around with man in the middle attacks recently and different programs for doing so. I found the one that works the best is arpspoof. However, unlike mitmf it does not have features like javascript injection and HTTPS bypassing. I tried running SSLstrip, but this did not work ether.
So I wanted to see what other people like to use for performing man in the middle attacks and how you might go about injecting javascript code and bypassing https? Whether you write your own MITM software in python or if you use MITMF, ettercap or arpspoof? And overall, what would your advice be for conducting reliable MITM attacks.
I was once recommended to use Bettercap since is has almost since it is one tool from combined others, but about SSLstrip it won’t work if the site is using HSTS there are online sites that you can check if they use, Microsoft Bing is using for sure using this. MITMProxy which is a better version of mitm basic.
How to bypass HSTS is another thing, there was software that manages to do it but it was instantly requested to taken down by FBI, there are only a few people that will know it and its not being said because it would be fixed instantly.
I would recommend using newer tools that it helps lots of making MITM attack, old are good aswell though, but I personally like to use MITMproxy and ettercap.
Hi Monster can you elaborate on how you use Ettercap and BeeF and leads to shell?
I mean are you able to capture web page logins and see what a user is doing on the same network without the other person knowing (ie: stealth mode?)
@justhere2learn You can capture traffic and recover credentials. You can also create malicious pages with payloads embedded and redirect them to it. You can create a java drive-bye or fake windows update pages or fake java and flash update pages. I may do a tutorial on it in the future. Showing many different possibilities once hooked. It depends on how creative you are for the stealthiness.
@MoNsTeR thanks for those tips and I understand the basics behind all this but I’m looking more for guidance on step by step approach. I’m not a season’d whitehat but I know my around per say. When it comes to social engineering and trying to get someone to “click” on something, its a 50/50 toss. I’m looking for something more reliable that i can test on my network without being noticed. any sources or pages you can direct me too? I like Ettercap for its use of simplicity however trying to capture HTTP traffic is still not working. I’ve even tried wireshark but its like the packets never show up. Yes this is all on my own network using a HTTP service that has clear text account.
maybe you can write up a quick/dirty steps on Ettercap + Beef to uncover HTTP packets, provided the packets are wifi?
