sábado, 18 de julho de 2015

MITMf inject hook BeEF

MITMf v0.9.7

Estrutura para a ataques man-in-the-middle

usage: mitmf.py [-h] [--log-level {debug,info}] [-i interface] [-c configfile]
[-d] [-p | -s | -a] [-l port] [-f] [-k] [--hsts] [--cachekill]
[--preserve-cookies] [--inject] [--js-url JS_URL]
[--html-url HTML_URL] [--html-payload HTML_PAYLOAD]
[--html-file HTML_FILE] [--match-str MATCH_STR]
[--preserve-cache]
[--per-domain | --rate-limit RATE_LIMIT | --count-limit COUNT_LIMIT | --white-ips WHITE_IPS | --black-ips BLACK_IPS]
[--browserprofiler] [--smbauth] [--host HOST] [--filepwn]
[--replace] [--search-str SEARCH_STR]
[--replace-str REPLACE_STR] [--regex-file REGEX_FILE]
[--keep-cache] [--upsidedownternet] [--responder] [--analyze]
[--basic] [--wredir] [--nbtns] [--fingerprint] [--wpad]
[--forcewpadauth] [--lm] [--verbose] [--jskeylogger]
[--appoison] [--spoof] [--arp | --icmp | --dhcp] [--dns]
[--shellshock PAYLOAD] [--gateway GATEWAY] [--target TARGET]
[--arpmode ARPMODE] [--manual-iptables] [--beefauto]
[--hijack] [--firefox] [--mallory] [--javapwn]

MITMf v0.9 - Framework for MITM attacks

optional arguments:
-h, --help show this help message and exit

MITMf:
Options for MITMf

--log-level {debug,info}
Specify a log level [default: info]
-i interface, --interface interface
Interface to listen on
-c configfile, --config-file configfile
Specify config file to use
-d, --disable-proxy Only run plugins, disable all proxies

SSLstrip:
Options for SSLstrip library

-p, --post Log only SSL POSTs. (default)
-s, --ssl Log all SSL traffic to and from server.
-a, --all Log all SSL and HTTP traffic to and from server.
-l port, --listen port
Port to listen on (default 10000)
-f, --favicon Substitute a lock favicon on secure requests.
-k, --killsessions Kill sessions in progress.

SSLstrip+:
Enables SSLstrip+ for partial HSTS bypass

--hsts Load plugin SSLstrip+

CacheKill:
Kills page caching by modifying headers

--cachekill Load plugin CacheKill
--preserve-cookies Preserve cookies (will allow caching in some
situations).

Inject:
Inject arbitrary content into HTML content

--inject Load plugin Inject
--js-url JS_URL Location of your (presumably) malicious Javascript.
--html-url HTML_URL Location of your (presumably) malicious HTML. Injected
via hidden iframe.
--html-payload HTML_PAYLOAD


Postado por às

Nenhum comentário:

Postar um comentário

Assinar: Postar comentários (Atom)