maemo.org - Talk

maemo.org - Talk (https://talk.maemo.org/index.php)
-   Applications (https://talk.maemo.org/forumdisplay.php?f=41)
-   -   [Announce] Yet another MITM attack script (Yamas-ARM) (https://talk.maemo.org/showthread.php?t=73988)

Unhuman 2011-06-30 14:56

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 
Don't abuse the script on foreign networks. If it was your network you would of known if those numbers were a password.

EDIT:

late by 3 seconds

comaX 2011-06-30 15:00

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 
Quote:

Originally Posted by Unhuman (Post 1042219)
Don't abuse the script on foreign networks. If it was your network you would have known if those numbers were a password.

EDIT:

late by 3 <i>minutes</i>

<useless post>Mouahahaha*, beat ya !</useless post>

*French evil laugh

Kabouik 2011-06-30 15:13

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 
Damn frog-eater!*

Still no success at trying Yamas there. I have no idea of what is the problem in my case, since I don't have all the error logs that Price reported, just the one I quoted above.

I can't try it again for the moment 'cause I'm at work, and attacking the wifi of the laboratory/university would be a suicide I guess. :D



* J'en suis un moi-même. :[

AgogData 2011-06-30 15:18

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 
Quote:

Originally Posted by comaX (Post 1042214)
Hmm... You sir are a bad student ! Since you're assuming it may be the password, it means you don't know it. If you don't know it, it's not yours. I'm sorry, but I won't help you for that.
Here's just a hint : we are parsing the log.

You should use the script on your own connection and then get log into a maximum of sites to know what the output should look like.

The saving location is just a variable now, so you can change it to whatever suits you ;) Saturn used this location because of some problem with MyDocs not being always available or something.

yes its not my network, its not illegal here but its rude :)
anyway i didn't mean any harm to the...victim, just using my n900's ability

teemui 2011-06-30 15:18

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 
i have this "egrep: bad regex" error too every time i try it. i have all depencies installed, no matter what website i try i allways get this error

mr_pingu 2011-06-30 15:22

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 
Runned the attack this day and worked as it should, except that the victim pc got sometimes a page with only the letters:

ht

then reload gives a page with:

hmtl layout code of that page without images

another reload gives:

The actual page, with good layout =D

On the phone side everything works. Gonna need to find my flashdrive with backtrack again, and test if I get these pages when running from backtrack also. Last time I tried a mitm-attack this wonderful script wasn't available :P Thanks for making me this easy, ComaX

teemui 2011-06-30 16:04

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 
rebooted the n900, now i get following in the password window:

BusyBox v1.18.5 (Debian 1.18.5power1) multi-call binary.

No help available.

it flashes every now and then, the grep error dissappeared but i stil get no other output than this..

comaX 2011-06-30 17:02

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 
Quote:

Originally Posted by AgogData (Post 1042231)
yes its not my network, its not illegal here but its rude :)
anyway i didn't mean any harm to the...victim, just using my n900's ability

Well, I don't know where you live, but I'd bet my *** it is pretty much illegal ^^ Anyway, you do whatever you want, it's not like we're the cops or about to call them !

Quote:

Originally Posted by teemui (Post 1042261)
rebooted the n900, now i get following in the password window:

BusyBox v1.18.5 (Debian 1.18.5power1) multi-call binary.

No help available.

it flashes every now and then, the grep error dissappeared but i stil get no other output than this..

So the problem definitively comes from some error at an installation/package level... Since I do not have the N900 I can't help much, but I'm sure others members will :)

Quote:

Originally Posted by mr_pingu (Post 1042236)
Runned the attack this day and worked as it should, except that the victim pc got sometimes a page with only the letters:

ht

then reload gives a page with:

hmtl layout code of that page without images

another reload gives:

The actual page, with good layout =D

On the phone side everything works. Gonna need to find my flashdrive with backtrack again, and test if I get these pages when running from backtrack also. Last time I tried a mitm-attack this wonderful script wasn't available :P Thanks for making me this easy, ComaX

Yeahp, not my fault ! That's sslstrip's work... I mean, sometimes it will just be fine, but most of the time you'll have to reload once. Let's hope that will be fixed in sslstrip 1.0.
About your BT drive, the original script will ony work on BT5. The BT4r2 version is still available though.

Quote:

Originally Posted by Kabouik (Post 1042228)
Damn frog-eater!*

Still no success at trying Yamas there. I have no idea of what is the problem in my case, since I don't have all the error logs that Price reported, just the one I quoted above.

I can't try it again for the moment 'cause I'm at work, and attacking the wifi of the laboratory/university would be a suicide I guess. :D



* J'en suis un moi-même. :[

Yeah, no. You can do that, but we don't want to know ! And yes, that would be suicide ! Maybe even for your phone if there is a lot of traffic going on...
Don't hesitate to send me your logs (edited if you want, but I could care less about your/their (:p) passwords) by mail and any output you have. You can even write them in French ;)
For the small-talk part, I actually wrote most of the structure of the script while at university. Never tested it there though, since you need you name and pass to connect to the network... So matching my name to some weird-*** ARPs wouldn't have been too much of a hassle.

mr_pingu 2011-06-30 17:23

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 
Quote:

Originally Posted by comaX (Post 1042299)


Yeahp, not my fault ! That's sslstrip's work... I mean, sometimes it will just be fine, but most of the time you'll have to reload once. Let's hope that will be fixed in sslstrip 1.0.
About your BT drive, the original script will ony work on BT5. The BT4r2 version is still available though.


Don't worry I have a strange mood and am installing bt5 on local drive ;)

Edit: Yeah, I f###ed up, grub rescue unknown filesystem yeah :d

teemui 2011-06-30 17:39

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 
Finally i got this to work.. if someone still have same issues i had, in this order what i did:
reinstalled yamas
reinstalled ettercap
reinstalled sslstrip
im not sure if it messed everything, but first time i installed first ettercap then sslstrip and last yamas..
Thank you all, specially comaX


All times are GMT. The time now is 08:33.

vBulletin® Version 3.8.8