maemo.org - Talk

maemo.org - Talk (https://talk.maemo.org/index.php)
-   Applications (https://talk.maemo.org/forumdisplay.php?f=41)
-   -   [Announce] Yet another MITM attack script (Yamas-ARM) (https://talk.maemo.org/showthread.php?t=73988)

udaychaitanya16 2011-07-30 16:59

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 
Quote:

Originally Posted by brokensmile (Post 1054784)
hey wen i rouched the top menu bar line i can see only twp applets in my n900 i.e volume option and battery percentage option... i cant see the all applets like fm transmetter,shortuts,internet,clock,bluetooth etc... how to get it back

i recently posted that why we should not help him.My apologies to all the people.disgusting post in all the threads.moderator please throw him out of TMO.

sr00t 2011-07-31 21:23

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 
Hi guys!
Everytime I open X-Term and is loading, I see a Yamas screen executing before the prompt loads (then it disappears).
I even uninstalled and purged YAMAS without results.

I uploaded a screencast to youtube so you can see it.

Please help me!

http://youtu.be/VdIG-Pkwj94

colin.stephane 2011-08-02 14:11

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 
Quote:

Originally Posted by Unhuman (Post 1028850)
After a discussion with a member of the backtrack forums - comaX he agreed to create this script for the N900.
http://pcsci3nce.info/comax/yamas-arm.png
Current main features are :
- Real-time output of creds without definition files : any credential, from any website whould show up
- Log parsing for user-friendly output.
- Network mapping for host discovery.
- Can save dumped passwords to file as well as the whole log file.
- Support for multiple targets on the network, as well as adding targets after attack is launched.
- Checks for missing dependencies when run with “-d” option and auto installs them.

It is by far the best available for the N900.

To install - apt-get install yamas

More info - http://pcsci3nce.info/?p=291

Video of the script thanks to torpedo48 - http://www.youtube.com/watch?v=9bSq7tXSGAo

If you don't know what sslstrip or ettercap is, don't bother downloading it.

REQUIREMENTS:


iptables
xterm
busybox-power
nmap
python-twisted-web
python-pyopenssl
libpcap0.8
libpcre3
busybox-power

which the script will automatically get when installed from apt-get

+

sslstrip(read how to install below)
ettercap(read how to install below)

Installation guide for ettercap, sslstrip and many other tools can be found at:
http://pcsci3nce.info/?p=9

To run the script - type "yamas" in terminal.AS ROOT.

If you get any errors (beside font warnings) do yamas -d to check for missing dependencies.

Current maintainers are comaX and Christos Saturn - http://maemo.org/packages/view/yamas/


UPDATED June 18 2011 - Now saves all files to /home/user/MyDocs/Yamas
UPDATED June 21 - now automatically creates Yamas directory.
UPDATED June 25 - added dependency check in the begining.
UPDATED June 26 - bash no longer required.
UPDATED June 29 - Now available from repositories thanks to Saturn

Hi,

I have just packaged properly sslstrip, it can be found in extra-devel ...

Installation is trivial, as root, type :

Code:

-bash-2.05b# apt-get install sslstrip && sslstrip --help
Reading package lists... Done
Building dependency tree     
Reading state information... Done
The following NEW packages will be installed:
  sslstrip
0 upgraded, 1 newly installed, 0 to remove and 12 not upgraded.
Need to get 0B/24,6kB of archives.
After this operation, 188kB of additional disk space will be used.
Selecting previously deselected package sslstrip.
(Reading database ... 38855 files and directories currently installed.)
Unpacking sslstrip (from .../sslstrip_0.9-0maemo1_all.deb) ...
Setting up sslstrip (0.9-0maemo1) ...

sslstrip 0.9 by Moxie Marlinspike
Usage: sslstrip <options>

Options:
-w <filename>, --write=<filename> Specify file to log to (optional).
-p , --post                      Log only SSL POSTs. (default)
-s , --ssl                        Log all SSL traffic to and from server.
-a , --all                        Log all SSL and HTTP traffic to and from server.
-l <port>, --listen=<port>        Port to listen on (default 10000).
-f , --favicon                    Substitute a lock favicon on secure requests.
-k , --killsessions              Kill sessions in progress.
-h                                Print this help message.

-bash-2.05b#

Hope it help.

A++

comaX 2011-08-02 19:56

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 
Nice ! I'll ask Saturn to add it to the dependencies, so it is installed at the same time as the other ones.

Thanks !

Saturn 2011-08-02 22:00

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 
Quote:

Originally Posted by comaX (Post 1062960)
Nice ! I'll ask Saturn to add it to the dependencies, so it is installed at the same time as the other ones.

Thanks !

No problem, it just have to wait for next week when I'm back to my PC.

hope someone picks up ettercap too.

colin.stephane 2011-08-03 01:12

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 
Quote:

Originally Posted by Saturn (Post 1063008)
No problem, it just have to wait for next week when I'm back to my PC.

hope someone picks up ettercap too.

You asked ?

Ok, I give it a try to ettercap also.

Look like I'm able to do the thing properly ...

Installation is trivial, as root, type :

Code:

-bash-2.05b# apt-get install ettercap && ettercap --help
Reading package lists... Done
Building dependency tree     
Reading state information... Done
The following extra packages will be installed:
  ettercap-common
The following NEW packages will be installed:
  ettercap ettercap-common
0 upgraded, 2 newly installed, 0 to remove and 12 not upgraded.
Need to get 0B/497kB of archives.
After this operation, 1544kB of additional disk space will be used.
Do you want to continue [Y/n]? y
WARNING: The following packages cannot be authenticated!
  ettercap-common ettercap
Install these packages without verification [y/N]? y
Selecting previously deselected package ettercap-common.
(Reading database ... 38749 files and directories currently installed.)
Unpacking ettercap-common (from .../ettercap-common_1%3a0.7.3-2maemo1_armel.deb) ...
Selecting previously deselected package ettercap.
Unpacking ettercap (from .../ettercap_1%3a0.7.3-2maemo1_armel.deb) ...
Setting up ettercap-common (1:0.7.3-2maemo1) ...
Setting up ettercap (1:0.7.3-2maemo1) ...

ettercap NG-0.7.3 copyright 2001-2004 ALoR & NaGA


Usage: ettercap [OPTIONS] [TARGET1] [TARGET2]

TARGET is in the format MAC/IPs/PORTs (see the man for further detail)

Sniffing and Attack options:
  -M, --mitm <METHOD:ARGS>    perform a mitm attack
  -o, --only-mitm            don't sniff, only perform the mitm attack
  -B, --bridge <IFACE>        use bridged sniff (needs 2 ifaces)
  -p, --nopromisc            do not put the iface in promisc mode
  -u, --unoffensive          do not forward packets
  -r, --read <file>          read data from pcapfile <file>
  -f, --pcapfilter <string>  set the pcap filter <string>
  -R, --reversed              use reversed TARGET matching
  -t, --proto <proto>        sniff only this proto (default is all)

User Interface Type:
  -T, --text                  use text only GUI
      -q, --quiet                do not display packet contents
      -s, --script <CMD>          issue these commands to the GUI
  -C, --curses                use curses GUI
  -G, --gtk                  use GTK+ GUI
  -D, --daemon                daemonize ettercap (no GUI)

Logging options:
  -w, --write <file>          write sniffed data to pcapfile <file>
  -L, --log <logfile>        log all the traffic to this <logfile>
  -l, --log-info <logfile>    log only passive infos to this <logfile>
  -m, --log-msg <logfile>    log all the messages to this <logfile>
  -c, --compress              use gzip compression on log files

Visualization options:
  -d, --dns                  resolves ip addresses into hostnames
  -V, --visual <format>      set the visualization format
  -e, --regex <regex>        visualize only packets matching this regex
  -E, --ext-headers          print extended header for every pck
  -Q, --superquiet            do not display user and password

General options:
  -i, --iface <iface>        use this network interface
  -I, --iflist                show all the network interfaces
  -n, --netmask <netmask>    force this <netmask> on iface
  -P, --plugin <plugin>      launch this <plugin>
  -F, --filter <file>        load the filter <file> (content filter)
  -z, --silent                do not perform the initial ARP scan
  -j, --load-hosts <file>    load the hosts list from <file>
  -k, --save-hosts <file>    save the hosts list to <file>
  -W, --wep-key <wkey>        use this wep key to decrypt wifi packets
  -a, --config <config>      use the alterative config file <config>

Standard options:
  -U, --update                updates the databases from ettercap website
  -v, --version              prints the version and exit
  -h, --help                  this help screen


-bash-2.05b#

Hope it help.

A++

n900shamie 2011-08-03 01:59

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 
hii,

i have installed Yamas via ''faster app manager'' but i dont have Yamas directory(folder) in MyDocs,,,so i cant access saved results,,and i also dont get any info about any visited sites e.g facebook,yet i installed everything succesfully,,,any ideas thx

haffid 2011-08-03 04:05

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 
the route is /home/user/yamas/ not in MyDocs
Quote:

Originally Posted by n900shamie (Post 1063071)
hii,

i have installed Yamas via ''faster app manager'' but i dont have Yamas directory(folder) in MyDocs,,,so i cant access saved results,,and i also dont get any info about any visited sites e.g facebook,yet i installed everything succesfully,,,any ideas thx


g0r 2011-08-03 10:03

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 
Quote:

Originally Posted by n900shamie (Post 1063071)
hii,

i also dont get any info about any visited sites e.g facebook,yet i installed everything succesfully,,,any ideas thx

If you get any errors (beside font warnings) do yamas -d to check for missing dependencies. (taken from the first post)

EDIT: also read the first post

carbonjha 2011-08-08 11:29

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 
after fixing all the dependencies of ettercap then reinstalling sslstrip now the YAMAS working nicely. Thanks everyone working in this project.


All times are GMT. The time now is 08:33.

vBulletin® Version 3.8.8