[Announce] Yet another MITM attack script (Yamas-ARM) - Page 34 - maemo.org

udaychaitanya16 | # 331 | 2011-07-30, 16:59 | Report

Originally Posted by brokensmile View Post

hey wen i rouched the top menu bar line i can see only twp applets in my n900 i.e volume option and battery percentage option... i cant see the all applets like fm transmetter,shortuts,internet,clock,bluetooth etc... how to get it back

i recently posted that why we should not help him.My apologies to all the people.disgusting post in all the threads.moderator please throw him out of TMO.

sr00t | # 332 | 2011-07-31, 21:23 | Report

Hi guys!
Everytime I open X-Term and is loading, I see a Yamas screen executing before the prompt loads (then it disappears).
I even uninstalled and purged YAMAS without results.

I uploaded a screencast to youtube so you can see it.

Please help me!

http://youtu.be/VdIG-Pkwj94

colin.stephane | # 333 | 2011-08-02, 14:11 | Report

Originally Posted by Unhuman View Post

After a discussion with a member of the backtrack forums - comaX he agreed to create this script for the N900.

Current main features are :
- Real-time output of creds without definition files : any credential, from any website whould show up
- Log parsing for user-friendly output.
- Network mapping for host discovery.
- Can save dumped passwords to file as well as the whole log file.
- Support for multiple targets on the network, as well as adding targets after attack is launched.
- Checks for missing dependencies when run with “-d” option and auto installs them.

It is by far the best available for the N900.

To install - apt-get install yamas

More info - http://pcsci3nce.info/?p=291

Video of the script thanks to torpedo48 - http://www.youtube.com/watch?v=9bSq7tXSGAo

If you don't know what sslstrip or ettercap is, don't bother downloading it.

REQUIREMENTS:

iptables
xterm
busybox-power
nmap
python-twisted-web
python-pyopenssl
libpcap0.8
libpcre3
busybox-power
which the script will automatically get when installed from apt-get

+

sslstrip(read how to install below)
ettercap(read how to install below)

Installation guide for ettercap, sslstrip and many other tools can be found at:
http://pcsci3nce.info/?p=9

To run the script - type "yamas" in terminal.AS ROOT.

If you get any errors (beside font warnings) do yamas -d to check for missing dependencies.

Current maintainers are comaX and Christos Saturn - http://maemo.org/packages/view/yamas/

UPDATED June 18 2011 - Now saves all files to /home/user/MyDocs/Yamas
UPDATED June 21 - now automatically creates Yamas directory.
UPDATED June 25 - added dependency check in the begining.
UPDATED June 26 - bash no longer required.
UPDATED June 29 - Now available from repositories thanks to Saturn

Hi,

I have just packaged properly sslstrip, it can be found in extra-devel ...

Installation is trivial, as root, type :

Code:

-bash-2.05b# apt-get install sslstrip && sslstrip --help
Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following NEW packages will be installed:
  sslstrip
0 upgraded, 1 newly installed, 0 to remove and 12 not upgraded.
Need to get 0B/24,6kB of archives.
After this operation, 188kB of additional disk space will be used.
Selecting previously deselected package sslstrip.
(Reading database ... 38855 files and directories currently installed.)
Unpacking sslstrip (from .../sslstrip_0.9-0maemo1_all.deb) ...
Setting up sslstrip (0.9-0maemo1) ...

sslstrip 0.9 by Moxie Marlinspike
Usage: sslstrip <options>

Options:
-w <filename>, --write=<filename> Specify file to log to (optional).
-p , --post                       Log only SSL POSTs. (default)
-s , --ssl                        Log all SSL traffic to and from server.
-a , --all                        Log all SSL and HTTP traffic to and from server.
-l <port>, --listen=<port>        Port to listen on (default 10000).
-f , --favicon                    Substitute a lock favicon on secure requests.
-k , --killsessions               Kill sessions in progress.
-h                                Print this help message.

-bash-2.05b#

Hope it help.

A++

The Following 7 Users Say Thank You to colin.stephane For This Useful Post:
anapospastos, carbonjha, comaX, Estel, Saturn, szopin, te37v

comaX | # 334 | 2011-08-02, 19:56 | Report

Nice ! I'll ask Saturn to add it to the dependencies, so it is installed at the same time as the other ones.

Thanks !

The Following 2 Users Say Thank You to comaX For This Useful Post:
Estel, Saturn

Saturn | # 335 | 2011-08-02, 22:00 | Report

Originally Posted by comaX View Post

Nice ! I'll ask Saturn to add it to the dependencies, so it is installed at the same time as the other ones.

Thanks !

No problem, it just have to wait for next week when I'm back to my PC.

hope someone picks up ettercap too.

The Following User Says Thank You to Saturn For This Useful Post:
Estel

colin.stephane | # 336 | 2011-08-03, 01:12 | Report

Originally Posted by Saturn View Post

No problem, it just have to wait for next week when I'm back to my PC.

hope someone picks up ettercap too.

You asked ?

Ok, I give it a try to ettercap also.

Look like I'm able to do the thing properly ...

Installation is trivial, as root, type :

Code:

-bash-2.05b# apt-get install ettercap && ettercap --help
Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following extra packages will be installed:
  ettercap-common
The following NEW packages will be installed:
  ettercap ettercap-common
0 upgraded, 2 newly installed, 0 to remove and 12 not upgraded.
Need to get 0B/497kB of archives.
After this operation, 1544kB of additional disk space will be used.
Do you want to continue [Y/n]? y
WARNING: The following packages cannot be authenticated!
  ettercap-common ettercap
Install these packages without verification [y/N]? y
Selecting previously deselected package ettercap-common.
(Reading database ... 38749 files and directories currently installed.)
Unpacking ettercap-common (from .../ettercap-common_1%3a0.7.3-2maemo1_armel.deb) ...
Selecting previously deselected package ettercap.
Unpacking ettercap (from .../ettercap_1%3a0.7.3-2maemo1_armel.deb) ...
Setting up ettercap-common (1:0.7.3-2maemo1) ...
Setting up ettercap (1:0.7.3-2maemo1) ...

ettercap NG-0.7.3 copyright 2001-2004 ALoR & NaGA


Usage: ettercap [OPTIONS] [TARGET1] [TARGET2]

TARGET is in the format MAC/IPs/PORTs (see the man for further detail)

Sniffing and Attack options:
  -M, --mitm <METHOD:ARGS>    perform a mitm attack
  -o, --only-mitm             don't sniff, only perform the mitm attack
  -B, --bridge <IFACE>        use bridged sniff (needs 2 ifaces)
  -p, --nopromisc             do not put the iface in promisc mode
  -u, --unoffensive           do not forward packets
  -r, --read <file>           read data from pcapfile <file>
  -f, --pcapfilter <string>   set the pcap filter <string>
  -R, --reversed              use reversed TARGET matching
  -t, --proto <proto>         sniff only this proto (default is all)

User Interface Type:
  -T, --text                  use text only GUI
       -q, --quiet                 do not display packet contents
       -s, --script <CMD>          issue these commands to the GUI
  -C, --curses                use curses GUI
  -G, --gtk                   use GTK+ GUI
  -D, --daemon                daemonize ettercap (no GUI)

Logging options:
  -w, --write <file>          write sniffed data to pcapfile <file>
  -L, --log <logfile>         log all the traffic to this <logfile>
  -l, --log-info <logfile>    log only passive infos to this <logfile>
  -m, --log-msg <logfile>     log all the messages to this <logfile>
  -c, --compress              use gzip compression on log files

Visualization options:
  -d, --dns                   resolves ip addresses into hostnames
  -V, --visual <format>       set the visualization format
  -e, --regex <regex>         visualize only packets matching this regex
  -E, --ext-headers           print extended header for every pck
  -Q, --superquiet            do not display user and password

General options:
  -i, --iface <iface>         use this network interface
  -I, --iflist                show all the network interfaces
  -n, --netmask <netmask>     force this <netmask> on iface
  -P, --plugin <plugin>       launch this <plugin>
  -F, --filter <file>         load the filter <file> (content filter)
  -z, --silent                do not perform the initial ARP scan
  -j, --load-hosts <file>     load the hosts list from <file>
  -k, --save-hosts <file>     save the hosts list to <file>
  -W, --wep-key <wkey>        use this wep key to decrypt wifi packets
  -a, --config <config>       use the alterative config file <config>

Standard options:
  -U, --update                updates the databases from ettercap website
  -v, --version               prints the version and exit
  -h, --help                  this help screen


-bash-2.05b#

Hope it help.

A++

The Following 4 Users Say Thank You to colin.stephane For This Useful Post:
carbonjha, Estel, shawwawa, te37v

n900shamie | # 337 | 2011-08-03, 01:59 | Report

hii,

i have installed Yamas via ''faster app manager'' but i dont have Yamas directory(folder) in MyDocs,,,so i cant access saved results,,and i also dont get any info about any visited sites e.g facebook,yet i installed everything succesfully,,,any ideas thx

haffid | # 338 | 2011-08-03, 04:05 | Report

the route is /home/user/yamas/ not in MyDocs

Originally Posted by n900shamie View Post

hii,

i have installed Yamas via ''faster app manager'' but i dont have Yamas directory(folder) in MyDocs,,,so i cant access saved results,,and i also dont get any info about any visited sites e.g facebook,yet i installed everything succesfully,,,any ideas thx

The Following User Says Thank You to haffid For This Useful Post:
n900shamie

g0r | # 339 | 2011-08-03, 10:03 | Report

Originally Posted by n900shamie View Post

hii,

i also dont get any info about any visited sites e.g facebook,yet i installed everything succesfully,,,any ideas thx

If you get any errors (beside font warnings) do yamas -d to check for missing dependencies. (taken from the first post)

EDIT: also read the first post

Last edited by g0r; 2011-08-03 at 10:08.

The Following 2 Users Say Thank You to g0r For This Useful Post:
n900shamie, te37v

carbonjha | # 340 | 2011-08-08, 11:29 | Report

after fixing all the dependencies of ettercap then reinstalling sslstrip now the YAMAS working nicely. Thanks everyone working in this project.

The Following User Says Thank You to carbonjha For This Useful Post:
comaX