Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

@Mohammed Muid

dns spoof is possible with dnsspoof inside dsniff

@seker_94
yes it is

@comaX

i have seen the latest Yamas script (PC) version
it has driftnet and dnsspoof and will have urlsnaf

Dsniff has dnsspoof and urlsnarf

and i will upload Driftnet to the repository soon

so is it possible to update Yamas to include thosel both?

thank you

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

i guess comax have to add dns spoof in the yamas script. in the new yamas there wasnt any option. even if there is..would be kind enough to point it out sir?

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

hello! I've got problem.

Yamas working with routers only?
Can i use it with shared internet connection from my pc?
I have bridged connection in my pc, acces point (ad-hoc) provides internet to n900.
But when i start yamas with default options it didn't work :( (a haven't got any passwords). Maybe I need to set other options than the standard?
Yamas work great with sharing internet from n900 (via qt mobile hotspot).

please help :)

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

Hey all, I've been really busy lately, so sorry for slacking. I've seen that Comax and Saturn have already introduced pretty much everything.

A few more things -

Arpspoof should only introduce more stability and speed to the process.

Arpspoof is indeed Karam's port and he gets full credits for that.

If you have any problems with this latest version, please P.M. me as it is still in developement sort of speak. Any suggestions are also more than welcome.

Once again, thanks a lot to Comax and Saturn for the hard work.

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

So, no I don't *have to* add or do anything. Now, I can have a talk with Unhuman and Saturn to see if we think it's appropriate. I don't own the phone, but I don't think it is. If you want to dns spoof, learn the man, it's really easy.
"man dnsspoof".

I don't mean to be an as*s guys, but if you want to play hackers, you gotta act like one. And that means learning what is going on, why, and doing a lot of research. I didn't write this script out of nowhere, I spent sleepless nights trying to figure out how this sh*it works. The parsing was a real pain in the as**s too.

So, I'll never refuse to help anyone, as long as they show they've done some work too. Otherwise, I get suspisious and I start thinking you only want to play 3v17 HaXX0rs. I can't stress this enough, this IS intended for learning purposes.
Now, what you do with it is your sole business, but I won't help you do illegal stuff. Mind that I myself never used it in an illegal way. Ok, I snooped on my sister's connection, got her FB pass and all. Big deal. But I never used it in a public place whatsoever.

In a nutshell, I'm very -and I mean it- grateful for all the feedback, the appreciation, the suggestions and mostly for the support you guys provide. I feel I didn't do this for nothing. But on the other hand, I'm no security expert, and I'm not entitled to do anything for anyone.

Ah, I really sound like an as*s. Sorry :s

@Karam : same goes for driftnet and urlsnarf (fitting-wise only). Moreover, it's -imo-fu*cking useless. I added driftnet on the PC version because it's kind of fun, and people over at BT forums asked for it. But, it is useless... Unless you're trying to monitor some employee that likes saucy websites, that is. But you won't do that with your mobile phone, will you ? See, the thing I fear is that it will be easier to snoop on someone's FB pass AND FB photos. Because that really is the only use I can fathom from using it on a handled device. By the way, there is better than driftnet, check the BT version of Yamas ;) Urlsnarf, I've been asked only one time, and after testing it... My conclusions are that it's pure horse sh*it. If you want the browsed websites, read through the complete log, or launch in a new console : "cat yamas.log | grep HOST", and that should do it.
Thanks for dsniff, it sounds like it's much efficient with arpspoof on the mobile phone.

Now if you people, REALLY want that (driftnet, dns spoofing, urlsnarf, etc.)... We can make that happen, but keep in mind that it's just a mobile phone.

@knypek3 : Yeahp, normal. You should try to learn how ARP works ;) If you do but fail to understand, send a PM or mail, and I'll try to explain ;)

Edit : wow, I got censored as fu*ck. Sorry for being French :p

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

i visited this website to learn about dns spoofing.

https://calomel.org/dns_spoof.html

but dint understand how to do that. understood abt it. what it does. but need a help from anyone who is willing to help. or suggest me some page where i can understand fully.

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

okay. now i have spent a day learning about dnsspoof. where is the the dnsspoof.conf file located? should i creat it in /etc/dnsspoof.conf.

what should be the format. i kno that first i hav to find the ip address of the website where i want to redirect. i hav seen few videos and got this knowledge. but how to write in the dnsspoof.conf file. and how to start the daemon. do i need to run yamas first then dnsspoof.

usr/sbin/dnsspoof -f /etc/dnsspoof.conf in xterminal to run dnspoof gives an error.

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

Please move this conversation to a more relevant topic. If you cannot find one then please start a new thread. Thanks.

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

@comaX
you are totally correct

it's useless but kinda funny

but this mobile phone can rock a whole university network

Re: [Announce] Yet another MITM attack script (Yamas-ARM)
 

how the command to run the yamas....