Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

Don't abuse the script on foreign networks. If it was your network you would of known if those numbers were a password.

EDIT:

late by 3 seconds

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

<useless post>Mouahahaha*, beat ya !</useless post>

*French evil laugh

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

Damn frog-eater!*

Still no success at trying Yamas there. I have no idea of what is the problem in my case, since I don't have all the error logs that Price reported, just the one I quoted above.

I can't try it again for the moment 'cause I'm at work, and attacking the wifi of the laboratory/university would be a suicide I guess. :D



* J'en suis un moi-même. :[

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

yes its not my network, its not illegal here but its rude :)
anyway i didn't mean any harm to the...victim, just using my n900's ability

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

i have this "egrep: bad regex" error too every time i try it. i have all depencies installed, no matter what website i try i allways get this error

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

Runned the attack this day and worked as it should, except that the victim pc got sometimes a page with only the letters:

ht

then reload gives a page with:

hmtl layout code of that page without images

another reload gives:

The actual page, with good layout =D

On the phone side everything works. Gonna need to find my flashdrive with backtrack again, and test if I get these pages when running from backtrack also. Last time I tried a mitm-attack this wonderful script wasn't available :P Thanks for making me this easy, ComaX

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

rebooted the n900, now i get following in the password window:

BusyBox v1.18.5 (Debian 1.18.5power1) multi-call binary.

No help available.

it flashes every now and then, the grep error dissappeared but i stil get no other output than this..

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

Well, I don't know where you live, but I'd bet my *** it is pretty much illegal ^^ Anyway, you do whatever you want, it's not like we're the cops or about to call them !

So the problem definitively comes from some error at an installation/package level... Since I do not have the N900 I can't help much, but I'm sure others members will :)

Yeahp, not my fault ! That's sslstrip's work... I mean, sometimes it will just be fine, but most of the time you'll have to reload once. Let's hope that will be fixed in sslstrip 1.0.
About your BT drive, the original script will ony work on BT5. The BT4r2 version is still available though.

Yeah, no. You can do that, but we don't want to know ! And yes, that would be suicide ! Maybe even for your phone if there is a lot of traffic going on...
Don't hesitate to send me your logs (edited if you want, but I could care less about your/their (:p) passwords) by mail and any output you have. You can even write them in French ;)
For the small-talk part, I actually wrote most of the structure of the script while at university. Never tested it there though, since you need you name and pass to connect to the network... So matching my name to some weird-*** ARPs wouldn't have been too much of a hassle.

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

Don't worry I have a strange mood and am installing bt5 on local drive ;)

Edit: Yeah, I f###ed up, grub rescue unknown filesystem yeah :d

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

Finally i got this to work.. if someone still have same issues i had, in this order what i did:
reinstalled yamas
reinstalled ettercap
reinstalled sslstrip
im not sure if it messed everything, but first time i installed first ettercap then sslstrip and last yamas..
Thank you all, specially comaX

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

Oh boy ! Why not just boot on the DVD/USB ?
Don't worry though, I fuc*ed up my grub and MBR so many times... I'm still standing ;) You just have to make friends with google !

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

No way, I'm not going to try that. I only tried to attack my own network and nothing worked. Perhaps I'll try again tonight, when back home.

It's there!

Yeah, and because of you I'm trying to install it instead of writting my Ph.D. thesis. Only a few months left. :[ You are guilty.


Edit: Oh, by logs you meant the /home/user/.yamas/yamas.txt I guess, sorry for misunderstanding. I'll send it to you later, alright! Thanks in advance.

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

how can we go about adding an icon to start the script anybody have any ideas ??

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

Version 0.9.5 is out.

Changes:
* Added the ascii and grepcred.txt files in the package.
* Changed the code to not wget anything.
* Removed wget from the dependencies.
* Send error output of xterm to /dev/null to avoid font errors.

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

This version solved my problem, thank you very much! :]

However, as someone mentioned above (Stevomanu I think), some webpages display "location: ht" at the first load. Reloading them solves the problem, but it could be even better!

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

see this .. what's wrong ? I did everything !!

but

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

you didn't do everything :p
download sslstrip from here(http://www.thoughtcrime.org/software...rip-0.9.tar.gz)
then put it in MyDocs

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

Problem solved with the installation of new script :) it works great !
thank you for the help ;)

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

Good! we accept thanks also with the button on the right ;)

@all: we are looking for an icon (48x48 , png) to put in the desktop button and application description. Obviously, needs to be royalty/licence free. comaX will choose the best one.

cheers.

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

Just uploaded version 0.9.6.

codename: lazy people version. :)

In short, adds a button which allows to start it from the desktop - no typing!

Changes:
* Added a .desktop file.
* Added a .sudoers file.
* Modified the postinstall file.
* Added a simple icon (to be replaced in future).

This kinda marks the completion of my packaging effort.. Thanks

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

Everything works fine champ

but it show no PASS !!




:confused:

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

All right. Is it your network ? If yes (well, even if not...), send me your logs so that I can know if this is because you didn't capture any, because something's wronf, or because the parser couldn't find it. contact.comax@gmail.com ;) Or just upload it here if you feel like it.

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

Happend me also once, I don't know if it's my problem, but when the script says IP1, IP2

Do I have to type "IP1, IP2" or do I have to type the actual IP? Not sure here, when I typed the actual IP it worked but when I used IP1 it didn't gave me anything. I didn't do any test yet, so I wanted to know if it was my fault :P

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

logs ammm

well .. I will attach everything :D

if there anything missing .. tell me =)

ps.yes , it's my network

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

atleast that one shows something, my password screen is always blank! the only line is the first line about ascii!

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

Since I updated Yamas to the version with a .desktop file, I'm back to my problem of no password nor login retrieved. :D

The previous version worked great. On my side, I did not change anything on my N900. :|

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

Not a fault of new code; the code in the script has not changed.
If you start it from the command line, i.e. with "yamas" (it's still there as before) should be exactly the same as in the previous version.

Check if a resume or kill and restart option give you soma better results. it has worked for me in a couple of instances.

Also reboot the device and try again. Sometimes it is needed in my case for faster transmissions, like if the wifi power mode is stuck.

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

my problem is that every time I launch the yamas, my pc goes offline ......... poisoning is a problem?

can anyone help?

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

same here logs r empty this time. but time before i tryed computer didnt load page but i did get logs. xxx

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

Sorry, double checked the code for changes and there is nothing changed.

Actually I have even forgot to increment the version number..

while everything is working go to the the original terminal and press on the top bar and you will get the option "New". Press that; it will open a new xterm.
there type
you should get something like that:
if you see those running and with your configuration then the problem is elsewhere.

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

@Del
Have you changed your ettercap config.It seems your dropping user priviledges. Check
/etc/etter.conf
Under the [privs] section,
Should be.
EC_uid =65534
EC_gid = 65534

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

Hello guys i don't know what are your problems
with the script

But i followed this guide

http://talk.maemo.org/showpost.php?p...50&postcount=1

and had no problems
ettercap config is modified there too
you should try it

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

Nokia-N900:~# /etc/etter.conf
-sh: /etc/etter.conf: Permission denied

i dont know if it's right or not .. im so noob man

=\

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

You need to open it with a txt editor. Leafpad is quite user friendly so

Let it install then exit down to user and open etter.conf with leafpad.

Leafpad is just like the text editors you use in windows. You can use the arrow keys to navigate and there is a dropdown menu to copy/paste/save ect.
Open it and check the details from my last post. Be sure not to change anything else in there or else ettercap might not work the way its intended. If you are feeling adventurus Google etter.conf and you should find guides to tweeking ettercap such as delays and disections.

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

MAN .. lol

it's empty !! .. I mean there is nothing

blank black screen

..

so the problem is ettercap !!

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

It should not be empty if ettercap is running at all. Make sure you typed the dir right.

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

sorry man :p

ya ..

it's just like what u said


EC_uid =65534 # nobody is the default
EC_gid = 65534 # nobody is the default

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

Just uploaded version 0.9.7

There is no changes apart a beautiful new icon courtesy of Unhuman.

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

HI everyone, and sorry for not being so much present those last days ! Even if I didn't respond too much, I read it all.

So, you guys saying there is no password : if the log is not empty, my script did everything right. Then the problem can come from the client (victim) which can be protected, or using https, or anything else that would jeopardize the operation. The only thing you have to do to make sure it works is do that on your own connection, targeting another computer you have access to. Then go to private browsing (so that there is no cookie for sure) and enter some creds. If there is none displayed, something is wrong; send me the logs and as much info as you can about what and how you did it. Then I'll try to diagnose the problem. If it worked, but the parser fcuked something up, your pass might be in the file. Don't worry, I don't give a sh|t about it, I'll just tell you what I found, etc. then delete it all.

#####
You - of course - must enter 192.168.1.1 192.168.1.2 192.168.1.3, etc.

#####
Yep, read about ARP cache poisonning. Basically, you force the client to reconnect through you, so downloads will stop (and be freaking slow) and the rest will stop and reconnect. If it doesn't reconnect, something's wrong, probably ip forwarding that messed... That shouldn't happen though.

#####

Ps : even though the icon has been chosen, if someone comes up with something that Saturn, Unhuman and myself find to be better than the actual one (that rocks btw), we'll use it ;) So send it to me !

Ps2 : If the script generally works for you (shows pass and all) but for a precise website didn't, send me the logs (or only needed part if you can do that) and I'll try to understand why it didn't. That might mean that the parser needs updating, so it's important that you do that. With that said, I never encountered a website that couldn't be parsed =D
Only maemo.org is tricky : it is sniffed, and pass shows, but it is sent md5-encrypted ! Nothing you can do about that !

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

@comaX
Yeah I noticed maemo.org did not work because its sent in md5. It should be possible to crack with John the Ripper. Or even a MD5 cypher online. I will have a go.