Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

Screenshots as requested:

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

Some screenies of Saturn version

Edit: Too late, but i'll keep them anyway :)

http://img7.imageshack.us/img7/2092/...1062619310.png

http://img687.imageshack.us/img687/1...1062619311.png

http://img3.imageshack.us/img3/7537/...1062619313.png

http://img405.imageshack.us/img405/3...1062619315.png

http://img98.imageshack.us/img98/351...1062619315.png

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

Well it seems Saturn's version is just perfect ! What did you change ?
How do you launch the script ?
ash script.sh ? (I'd guess this one since you use #! /bin/sh ...)
or script.sh ?

Have you tried after apt-get purge bash ?

I know, I'm asking too much :p

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

script.sh works fine.

Purged bash and it's still working.

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

Awesome ! I still want to know what changed ! By a quick look at it, I couldn't find !

Well, I think Saturn just won a nice and cozy place in the credits section !
So, I'll have to modify bits here and there so that it sticks to what I last wrote concerning dependency check (it's not really pretty the way it is now... But not much really !).

Thank you guys for working on that, giving feedback and all !

[PS : just to make clear : you chmod'ed +x the script and then just launched it with /path/to/script.sh ?]

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

No problem, I learn a lot reading your code. It's quite nice.

on your questions:
- didn't change much, just "protected" some variables. really check with a diff.
- made it first executable, and then ./script.sh is enough.
- yes, I have removed bash and still works.

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

Very, very nice ! I'll save it, and upload it to Unhuman's website, ASAP !

Next step : osso-xterm. Then finish ! Only need to add features, if possible at the same time as the BT5 version !

What about calling it "yamas-ME" (for Maemo Edition) ? Not that I don't like pcsci3nce, but I guess on a handled device it's not very handy. Since Pcsci3nce is in the banner right after the script title, Unhuman wouldn't loose any credit ;)

Cheers !

Edit : could you tell me what are the different possible paths for ettercap ?

Edit2 : if it weren't for some different paths, it would work on BT5 too. That's pretty damn great ! The new version is uploaded, you can now download it ! Cf. 1st post ;)

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

"yamas-me" seems to be great name. Or just "yamas-m" ;)

Anyway, feel free to correct me guys if i missed something, but AFAIK vi_ version work essentially in osso-xterm, but he screwed some parts of it (not related to working in osso-xterm). So, can't "his" method of using it in xterm be checked through diff, and incorporated into "non-screwed" version?

Disclaimer:

Keep in mind that anything i wrote about this may be wrong and possibly is, cause this is pure guessworking based on user experiences.

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

Cool. thanks for the mention.

@all: One more tip to make it easier for launching.

after you make the script executable then you can make a symbolic link. e.g.

replace the path (/home/user/myscripts) with the one you are using and then you can execute only with mitm

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

Hey everyone, great job! I managed to get everything working (i.e no errors) through saturns script and was just wondering, on the n900, how long does it take before i get any results for the passwords and stuff? also whats the traffic meant to look like when running this? im getting 0up 0down :S

edit: maybe its just my rubbish router

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

i have bleeding edge installed and some custom drivers for wl11251

as soon as the password window opens the up and down hit Zero.

any ideas?

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

i have bleeding edge installed and some custom drivers for wl11251

as soon as the password window opens the up and down hit Zero.

any ideas?

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

what is the last screenshot please ..

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

Tail-grep hosts, option 4 in the script.

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

Yeahp, by the way, I should maybe do it only for secure references or POST data... And correct the title ><

EDIT : started working on DNS spoofing ;)

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

i have all the dependencies and i chmod-ed +x the script in /usr/bin but i get alot of 'not found' and 'permission denied' also i want to scan the whole network but it keep saying 0 network
here is the otput :

- there must be a password captured in order to save it in Yamas the older, right ? or it may leave an empty password.txt ?

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

sounds to me like your missing some dependencies

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

at the startup checking it says success to all the dependencies so i don't think its the case

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

Don't follow that check just yet ! I put some in to make a test, but it's not thorough !

It's seems like you are missing "ip" and "xterm" dependencies.
I'll ask Unhuman about the correct paths for those, and will add them to the check.

Sorry for the confusion !

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

what command did you use to run this ??

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

the ettercap check worked yesterday so i reinstalled it an all worked mint .

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

so i should run apt-get install xterm & apt-get install ip ?

root
/usr/bin/mitm.sh

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

i guess thi script is gunna end up something like easy-creds that i use on backtrack5 , have tryed easycreds on n900 some things work but no others ...

thanks for all your work an comitment to this project ...

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

Try this:

apt-get install iproute xterm

It will install those two commands you were missing, xterm and ip.

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

Hmm, yes and no ! I created this script precisely because I wasn't satisfied by easy-creds ! The parsing method is very different for one thing, and it doesn't do all the stuff that easy-creds offers, and that I find not useless but... Not fitting for my script. By the way, if you use BT5, you should check out the BT5 version of this script :
http://comax.pagesperso-orange.fr/info/#yamas
The current version is 0.9.1.

if you were saying it will become like EC because I keep adding stuff EC also has, it's only half true, because after dns spoofing, I think I'll be very close to some final version !
And if you say so because some things work and others doesn't, you're plain wrong, cause I'll correct it until it's (almost) perfectly fitting ! =D

Cheers :)

See edit below ;)

Edit : I added ip and xterm to the dependency check, and a second path for ettercap, since it seems it could be installed in two different places according to what install method you used.

If ever you notice e dependency I forgot, or another path to it, don't hesitate to submit it !

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

@AgogData check first post for dependencies. You are missing busybox-power and xterm.

EDIT:

comaX - ip is part of busybox-power. The script should check for ip, but point out that busybox-power isn't installed :)

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

Hi comaX and Unhuman,

One more edit for you to consider.

- The dependencies are checked by dpkg (in my opinion agnostic and more resilient to custom installations).
- the dependency check is done not every time but on request using the -d option. That is,
- made the two "wget" to happen only when needed.
- the home folder is a variable - easier to change
- one small correction: if the root privileges check failed you were stuck with red font - the echo command color was not terminated.

I think that's all. Thanks again.

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

Everything seems to work alright for me(no dependency problems, no iptables error etc), but I get this message on my computer so I thought I were protected:

http://i.imgur.com/296gX.png

However, I shut down all protection and still no passwords, neither for HTTP or HTTPS. I run with all default settings. When I do submit a password, there's a brief flicker on the password terminal window, but nothing shows up. Any advice?

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

what is your browser ? It seems you are just protected against this kind of attack !

Satun, I'm not home right now, so I can't check the version you posted. Did you do all the modifications you suggested ?
It seems to me those are good ideas (especially -d, but we should also add a warning message so that people do check for the dependencies before running the script, and coming complain about it not working :p - I'll add a message for that below the banner. Also Unhuman should write it in the 1st post. I'll mail him about that), so I'll have a look but I'll probably just uplaod it as is. And some more credits for you ;)
Thanks !

Edit : finally I found a way to read the text file on the crappy mac i'm on... So everything seems fine, but I'm just not sure using dpkg and grep is more efficient than just a simple existence check.
Why not though...

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

I'm using Firefox 5, maybe I should try internet explorer and see if I'm still protected..

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

ye i already use that in its ace many thanks , what about a fakeAP with login screen or something simular that maybe easyist way to get WPA2 key on ya phone ...

As for easy-creds its not to bad offers some good features a little buggy for me thou to be fair

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

This actually worked by opening ettercap and password windows and start poisoning, but after finishing and choosing Y for "do you wanna save the passwords" it says
sh:missing ]]
/usr/bin/mitm.sh: line 484: y: not found
password saving skipped

also i get this after pressing enter for targeting the whole network

i'm using ad-hoc wireless connection hence the 192.168.0.1 IP

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

I think you need to write a big Y to save the passwords. Also, it looks like you might not run the script as root(hence the "/usr/bin/mitm_pcsci3nce.sh: line 458: : Permission denied").

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

It seems either like scripting errors, so I'll have a look at that, but also of permission error ! Make sure to be root before launching the script, not launching the script as root :
su
script

and not
sudo script

;)

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

Yup, and keep us posted ;)

(sorry for double post, little tab mistake...)

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

Ok ! I reviewed your version :
- Using dpkg and grep is indeed slower than -e, but it's smarter, and (see next)
- -d option is good ! Since it won't be done everytime, it can be slower ;)
- Home folder to var : I must have missed something since I don't know why you would do that... I left it there though ;)
- No more red color : check.

I modified the way the -d option is used though : deleted exit 0 after calling dep() but introduced it after failing the check. When the test is a success, the script will just continue.

Now, I have another idea for that check : it could be run automatically everytime, unless a certain file exists. That file would be created when the check is successful. It'd be something like this :
That way, even if the user didn't use the -d option, the test would be done if it never successed in a first place. We would leave the -d option in case after some changes the script fails again. -d would be a force-check option !
A failed test would delete .ok of course.

What do you think about that ? Waiting on your feedback ;)

Also, I saw you wrote comment, so I suggest that in order to find them easily we write our nicks after them like this : -comaX. When we have read the comment, we delete it. We only do that for comments that do not explain what is going on.
That should help us keep up with what's changes, and why !

Thank you very much for your work on that, cheers !

(damn, sorry for triple posting... If some mod can merge the posts, please do !)

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

Agree with all you comments and find your idea nice, something like first run check.

On another subject: if you find it useful, i could package it and even upload it to the repos.

Cheers.

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

about the Y, i tried it both y and Y..also n and N
and i'm always root before running mitm

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

If you feel it's ready for it, please be my guest ! Maybe we should just implement osso-xterm before that. Even though as I stated before, I don't think installing xterm requires too much too do, nor too much capacity consumed so I'm fine with it. I'dont have an N900 though !

###

Well then... That's weird ! Both Y and y should work. What version are you using ? What is your maemo version ?
(I think I saw 4.1 being out, and maybe 5 beta ? So there might be differences between different versions...)

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

i'm using maemo pr1.3 and i don't know which mitm version i have but the the guy who made the video has the first release without this problem