maemo.org - Talk - [Announce] Yet another MITM attack script (Yamas-ARM)

maemo.org - Talk (https://talk.maemo.org/index.php)

- Applications (https://talk.maemo.org/forumdisplay.php?f=41)

- - [Announce] Yet another MITM attack script (Yamas-ARM) (https://talk.maemo.org/showthread.php?t=73988)

Re: [Announce] Yet another MITM attack script (Yamas-ARM)

Quote:

Originally Posted by one1002 (Post 1122590)

thank you sir for your feedback..i'm not quite sure..sometimes, it's working..sometimes it doesnt..closing n restarting yamas occasionally fix the problem..

basically im trying gmail,yahoo,facebook,forums and so on..sometimes the websites,login and password showed up, sometimes didn't..as such,restarting yamas several times seems to fix it though..

however, there is one thing that i'm quite confuse about..

i've added a screenshot attachment for it..

Attachment 23482

what are those numbers after "login="

yes i have 3 hosts connected to the same wifi (ipad,imac,windows pc and my N900)..sorry if i sound dumb..but im still learning.. =)

thanks and regards

those are id no. from facebook, ex: after you login facebook you migrate to one of your friends wall clicking on pictures etc those no are the id no of what you click on, happens as far as I know on facebook only

Re: [Announce] Yet another MITM attack script (Yamas-ARM)

Quote:

Originally Posted by g0r (Post 1122680)

thank you sir for your kind feedback!

appreciate it..cheers

Re: [Announce] Yet another MITM attack script (Yamas-ARM)

Hi to all!
I tried Yamas against a computer in my network: a couple of times worked, but most of the times the computer just cannot surf anymore, and I have to reboot it.
Is there a solution?

Re: [Announce] Yet another MITM attack script (Yamas-ARM)

Sorry for the time. It's something common with mitm attacks, so, nope, nothing much you could do, if not just wait for the next version that might help with that.

Oh, and guys... Congrats, for Thehackernews talks about it : http://thehackernews.com/2012/02/mob...work-mitm.html

So, big thanks to all of you who helped, and particularly Unhuman, for having the original idea of the port, Saturn for the repos, and Torpedo48 for the help and the vids :)

Cheers friends !

Re: [Announce] Yet another MITM attack script (Yamas-ARM)

Hi
I try today the Qt Mobile Hotspot and the Yamas, but no luck when i lunch Yamas the Ettercap window close after one second.
Is there a conflict between gprs0 and wlan0?

nvm i fix it
need to put manual the ip for wlan0
and yes comaX all the new victims will be added automatic no need to rescan.

Re: [Announce] Yet another MITM attack script (Yamas-ARM)

The version you have been using for some time now (i.e. 0.9.9-1) has been promoted to extras-testing (for the only reason of allowing a new development version to be uploaded).

Version 1.0.0-1 has just been released in extras-devel

In short, arpspoof is now the default method and if you'd like to use ettercap you need to start the script with option -e

changelog:

NEW: Added dsniff in the dependencies.
NEW: Added support for arpspoof.
CHANGE: For the "final" menu, case is used instead of nested ifs.
CHANGE: All ettercap reference is now used only optionally; arpspoof is default.
CHANGE: Deleted function for tailgreping for hosts; was useless and cpu consuming.

Finally, blame ComaX for the changes, Unhuman for pushing everyone to make the changes and me for packaging.. :)

EDIT: Apparently there is a problem with the autobuilder atm and all packages to be build are stuck in a queue.. so there will be some delay to reach to you.

Re: [Announce] Yet another MITM attack script (Yamas-ARM)

with the new yamas can we do anythning more than the previous version?(other than just seeing which website visited and the login and password information?) i mean can i redirect a single host to some other website than he/she dint go to. for ex: X went to www.facebook.com, instead of facebook.com i ridirect him to hotmail or any other site? so what else can i do with this arspoof?

Re: [Announce] Yet another MITM attack script (Yamas-ARM)

Hi
I test the new improve formula for YAMAS and i can say that is much faster comparing with Yamas with Ettercap.
Still from some pages i will get only the user name and the password in a MD5 format for example Maemo Talk, any ideas?
Many thx to all the people making this project working.

Re: [Announce] Yet another MITM attack script (Yamas-ARM)

tested new yamas
much faster thanks to the new arpspoof :) is it the same one from Karam ?
do i have to uninstall and install dsniff again ?
sorry for my noob questions

Re: [Announce] Yet another MITM attack script (Yamas-ARM)

Quote:

Originally Posted by Mohammed Muid (Post 1161588)

What's new is ARPspoof, as Saturn just said above you. No, there is no DNS spoofing ; not that it couldn't be done, but I don't think it's fit for a mobile phone... The RealTime Parsing is already quite CPU consuming. Since the dsniff package is installed, nothing stops you from doing it yourself while running Yamas though.

Quote:

Originally Posted by q6600 (Post 1161763)

Yeahp, it's a very intelligent thing to do : instead of transmitting the pass, it asks for it to be transmitted as an MD5 hash. I guess the server then check the hashes. For the other pages where you think it doesn't work, make sure you're not on a secure connection.

Quote:

Originally Posted by Seker_94 (Post 1161911)

tested new yamas
much faster thanks to the new arpspoof :) is it the same one from Karam ?
do i have to uninstall and install dsniff again ?
sorry for my noob questions

I don't know, but my best guess is yes, it is the same. So nothing to change ;)