MITMSDR for INDIAN ARMY cybersecurity hackthon

Overview

There mainly three things here:

  1. MITMSDR

  2. spectrum

  3. Manual reverse shell

  4. MITMSDR Installation Clone the project and run the setup file:

    ./setup

    One of the MITM Plugins relies on peinjector service, this has to be installed manually following the instructions of the project.

    https://github.com/JonDoNym/peinjector

    Usage First enter the FDL Console interface as root:

    ./fdlconsole

    For now there only is a console interface that is very easy to use and has tab completion! The whole thing will work according to the fdl.conf file. You can view and change all configurations via de console, just type: config to list the modules available for configuration. While working on the console type: listargs to view the available parameters (here you can check if configurations are OK), then type:

    set to change it. If a parameter is (dict) it means it is another configurable module within.

    To start an access point make sure you have it configured correctly, type: config airhost check if everything is OK (use listargs) config aplauncher check if everything is OK (use listargs) config dnsmasqhandler

    check if everything is OK and start the access point

    start airhost You can also configure an access point by copying one that is nearby. Start scanning: config airscanner check if everything is OK (use listargs) start airscanner ... wait ...

    show sniffed_aps

    This lists the sniffed access points with their ids

    copy ap OR show sniffed_probes copy probe Then start the fake access point

    start airhost You can deauthenticate others from their network while running the acces point. To add access points or clients to be deauthenticated type: show sniffed_aps add aps <filter_string>

    The filter_string follows an easy syntax, it goes: <filter_keyword> <filter_args>

    The args can be any of the column names listed in the table. The filter keywords are 'where' for inclusive filtering or 'only' for exclusive filtering, examples: This will add the access point whose id is 5 to the deauthentication list (this is adding a single and specific AP): add aps where id = 5 This will add the access point whose ssid is 'StarbucksWifi' to the deauthentication list: add aps where ssid = StarbucksWifi This will add the access point whose encryption type has 'wpa' OR 'opn' to the deauthentication list: add aps where crypto = wpa, crypto = opn This will add the access point whose ssid id 'freewifi' AND is on channel 6 to the deauthentication list: add aps only ssid = freewifi, channel = 6 You can use the same interface for injecting packets while running the fake access point. You can check and set configurations with: config airinjector listargs

After all that run the Injector (which by default performs Deauthentication attack):

start airinjector

Same can be done when deleting from the deauth list with the 'del' command. The 'show' command can also be followed by a filter string

Contributors can program Plugins in python either for the airscanner or airhost or airdeauthor. Contributors can also code MITM scripts for mitmproxy.

  1. spectrum

    cd spectrum chmod +x ./spectrum gem install colorize

    cp ./spectrum /usr/local/bin/ # optional Usage: ./spectrum # or simply spectrum if you copied it to /usr/local/bin This will spawn an interactive shell, along with inspectrum itself. As you usually would, open your capture file. Then align the cursors, right click the signal, add amplitued plot (for OOK) or add frequency plot (for 2FSK). Right click the plot that appeared, and click extract data. The demodulated bits should appear in your terminal.

    This script has been tested with OOK & 2FSK signals with a 100% success rate (so far...). It does some sanity checking and will alert if you something doesn't feel right.

    You can also use this tool to compare 2 parts of a signal in the same file, or signals from two separate files.

  2. Manual python reverse shell #optional

Log4j exploit catcher, detect Log4Shell exploits and try to get payloads.

log4j_catcher Log4j exploit catcher, detect Log4Shell exploits and try to get payloads. This is a basic python server that listen on a port and logs i

EntropyQueen 17 Dec 20, 2021
A semi-automatic osint/recon framework.

Smog Framework A semi-automatic osint/recon framework. Requirements git Python = 3.8 How to use it

toast 22 Oct 17, 2022
Python sandbox runners for executing code in isolation aka snekbox.

Python sandbox runners for executing code in isolation aka snekbox.

Python Discord 164 Dec 20, 2022
This program is a WiFi cracker, you can test many passwords for a desired wifi to find the wifi password!

WiFi_Cracker About the Program: This program is a WiFi cracker! Just run code and select a desired wifi to start cracking 💣 Note: you can use this pa

Sina.f 13 Dec 08, 2022
NFC Implant-base RSA Encrypted Messagging application

Encrypted messaging application with the use of MIFARE DESfire chip to store the private/public keys needed for the application authentication

4 Nov 06, 2021
Security-TXT is a python package for retrieving, parsing and manipulating security.txt files.

Security-TXT is a python package for retrieving, parsing and manipulating security.txt files.

Frank 3 Feb 07, 2022
Delta Sharing: An Open Protocol for Secure Data Sharing

Delta Sharing: An Open Protocol for Secure Data Sharing Delta Sharing is an open protocol for secure real-time exchange of large datasets, which enabl

Delta Lake 497 Jan 02, 2023
Simple script for looping a Denial Of Service (DoS) attack over one single mac address in range

Bluetooth Simple Denial Of Service (DoS) Legal Note This project is made only for educational purposes and for helping in Proofs of Concept. The autho

1 Jan 09, 2022
Bandit is a tool designed to find common security issues in Python code.

A security linter from PyCQA Free software: Apache license Documentation: https://bandit.readthedocs.io/en/latest/ Source: https://github.com/PyCQA/ba

Python Code Quality Authority 4.8k Dec 31, 2022
Click-Jack - Automatic tool to find Clickjacking Vulnerability in various Web applications

CLICK-Jack It is a automatic tool to find Clickjacking Vulnerability in various

Prince Prafull 4 Jan 10, 2022
A script to search, scrape and scan for Apache Log4j CVE-2021-44228 affected files using Google dorks

Log4j dork scanner This is an auto script to search, scrape and scan for Apache Log4j CVE-2021-44228 affected files using Google dorks. Installation:

Jagar 5 Dec 27, 2022
Python script to tamper with pages to test for Log4J Shell vulnerability.

log4jShell Scanner This shell script scans a vulnerable web application that is using a version of apache-log4j 2.15.0. This application is a static

GoVanguard 8 Oct 20, 2022
Transparent proxy server that works as a poor man's VPN. Forwards over ssh. Doesn't require admin. Works with Linux and MacOS. Supports DNS tunneling.

sshuttle: where transparent proxy meets VPN meets ssh As far as I know, sshuttle is the only program that solves the following common case: Your clien

9.4k Jan 04, 2023
DoSer.py - Simple DoSer in Python

DoSer.py - Simple DoSer in Python What is DoSer? DoSer is basically an HTTP Denial of Service attack that affects threaded servers. It works like this

1 Oct 12, 2021
Universal Radio Hacker: Investigate Wireless Protocols Like A Boss

The Universal Radio Hacker (URH) is a complete suite for wireless protocol investigation with native support for many common Software Defined Radios.

Dr. Johannes Pohl 9k Jan 03, 2023
Blinder is a tool that will help you simplify the exploitation of blind SQL injection

Blinder Have you found a blind SQL injection? Great! Now you need to export it, but are you too lazy to sort through the values? Most likely,

10 Dec 06, 2022
Attack SQL Server through gopher protocol

Attack SQL Server through gopher protocol

hack2fun 17 Nov 30, 2022
A proxy for asyncio.AbstractEventLoop for testing purposes

aioloop-proxy A proxy for asyncio.AbstractEventLoop for testing purposes. When tests writing for asyncio based code, there are controversial requireme

aio-libs 12 Dec 12, 2022
About Hive Burp Suite Extension

Hive Burp Suite Extension Description Hive extension for Burp Suite. This extension allows you to send data from Burp to Hive in one click. Create iss

7 Dec 07, 2022
CloudFlare reconnaissance, tries to uncover the IP behind CF.

CloudFlare reconnaissance, tries to uncover the IP behind CF.

Neospace 8 Dec 03, 2021