[Announce] Yet another MITM attack script (Yamas-ARM) - Page 41 - maemo.org

g0r | # 401 | 2011-11-13, 01:15 | Report

Originally Posted by one1002 View Post

thank you sir for your feedback..i'm not quite sure..sometimes, it's working..sometimes it doesnt..closing n restarting yamas occasionally fix the problem..

basically im trying gmail,yahoo,facebook,forums and so on..sometimes the websites,login and password showed up, sometimes didn't..as such,restarting yamas several times seems to fix it though..

however, there is one thing that i'm quite confuse about..

i've added a screenshot attachment for it..

Attachment 23482

what are those numbers after "login="

yes i have 3 hosts connected to the same wifi (ipad,imac,windows pc and my N900)..sorry if i sound dumb..but im still learning.. =)

thanks and regards

those are id no. from facebook, ex: after you login facebook you migrate to one of your friends wall clicking on pictures etc those no are the id no of what you click on, happens as far as I know on facebook only

The Following User Says Thank You to g0r For This Useful Post:
one1002

one1002 | # 402 | 2011-11-13, 17:20 | Report

Originally Posted by g0r View Post

those are id no. from facebook, ex: after you login facebook you migrate to one of your friends wall clicking on pictures etc those no are the id no of what you click on, happens as far as I know on facebook only

thank you sir for your kind feedback!

appreciate it..cheers

The Following User Says Thank You to one1002 For This Useful Post:
g0r

Mr Wolf | # 403 | 2012-01-26, 22:19 | Report

Hi to all!
I tried Yamas against a computer in my network: a couple of times worked, but most of the times the computer just cannot surf anymore, and I have to reboot it.
Is there a solution?

comaX | # 404 | 2012-02-05, 16:30 | Report

Sorry for the time. It's something common with mitm attacks, so, nope, nothing much you could do, if not just wait for the next version that might help with that.

Oh, and guys... Congrats, for Thehackernews talks about it : http://thehackernews.com/2012/02/mob...work-mitm.html

So, big thanks to all of you who helped, and particularly Unhuman, for having the original idea of the port, Saturn for the repos, and Torpedo48 for the help and the vids

Cheers friends !

Last edited by comaX; 2012-02-06 at 10:40.

The Following 5 Users Say Thank You to comaX For This Useful Post:
bipinbn, Estel, jberezhnoy, q6600, Saturn

q6600 | # 405 | 2012-02-05, 21:03 | Report

Hi
I try today the Qt Mobile Hotspot and the Yamas, but no luck when i lunch Yamas the Ettercap window close after one second.
Is there a conflict between gprs0 and wlan0?

nvm i fix it
need to put manual the ip for wlan0
and yes comaX all the new victims will be added automatic no need to rescan.

Attached Images

Last edited by q6600; 2012-02-05 at 21:12.

Saturn | # 406 | 2012-02-06, 23:28 | Report

The version you have been using for some time now (i.e. 0.9.9-1) has been promoted to extras-testing (for the only reason of allowing a new development version to be uploaded).

Version 1.0.0-1 has just been released in extras-devel

In short, arpspoof is now the default method and if you'd like to use ettercap you need to start the script with option -e

changelog:

NEW: Added dsniff in the dependencies.
NEW: Added support for arpspoof.
CHANGE: For the "final" menu, case is used instead of nested ifs.
CHANGE: All ettercap reference is now used only optionally; arpspoof is default.
CHANGE: Deleted function for tailgreping for hosts; was useless and cpu consuming.

Finally, blame ComaX for the changes, Unhuman for pushing everyone to make the changes and me for packaging..

EDIT: Apparently there is a problem with the autobuilder atm and all packages to be build are stuck in a queue.. so there will be some delay to reach to you.

Last edited by Saturn; 2012-02-07 at 00:05.

The Following 13 Users Say Thank You to Saturn For This Useful Post:
-Tyler-, bipinbn, comaX, Estel, g0r, ivgalvez, jberezhnoy, karam, mr_pingu, q6600, Seker_94, stevomanu, udaychaitanya16

Mohammed Muid | # 407 | 2012-02-07, 10:01 | Report

with the new yamas can we do anythning more than the previous version?(other than just seeing which website visited and the login and password information?) i mean can i redirect a single host to some other website than he/she dint go to. for ex: X went to www.facebook.com, instead of facebook.com i ridirect him to hotmail or any other site? so what else can i do with this arspoof?

q6600 | # 408 | 2012-02-07, 17:01 | Report

Hi
I test the new improve formula for YAMAS and i can say that is much faster comparing with Yamas with Ettercap.
Still from some pages i will get only the user name and the password in a MD5 format for example Maemo Talk, any ideas?
Many thx to all the people making this project working.

Seker_94 | # 409 | 2012-02-07, 23:25 | Report

tested new yamas
much faster thanks to the new arpspoof

is it the same one from Karam ?
do i have to uninstall and install dsniff again ?
sorry for my noob questions

comaX | # 410 | 2012-02-08, 09:17 | Report

Originally Posted by Mohammed Muid View Post

with the new yamas can we do anythning more than the previous version?(other than just seeing which website visited and the login and password information?) i mean can i redirect a single host to some other website than he/she dint go to. for ex: X went to www.facebook.com, instead of facebook.com i ridirect him to hotmail or any other site? so what else can i do with this arspoof?

What's new is ARPspoof, as Saturn just said above you. No, there is no DNS spoofing ; not that it couldn't be done, but I don't think it's fit for a mobile phone... The RealTime Parsing is already quite CPU consuming. Since the dsniff package is installed, nothing stops you from doing it yourself while running Yamas though.

Originally Posted by q6600 View Post

Hi
I test the new improve formula for YAMAS and i can say that is much faster comparing with Yamas with Ettercap.
Still from some pages i will get only the user name and the password in a MD5 format for example Maemo Talk, any ideas?
Many thx to all the people making this project working.

Yeahp, it's a very intelligent thing to do : instead of transmitting the pass, it asks for it to be transmitted as an MD5 hash. I guess the server then check the hashes. For the other pages where you think it doesn't work, make sure you're not on a secure connection.

Originally Posted by Seker_94 View Post

tested new yamas
much faster thanks to the new arpspoof

is it the same one from Karam ?
do i have to uninstall and install dsniff again ?
sorry for my noob questions

I don't know, but my best guess is yes, it is the same. So nothing to change

The Following 4 Users Say Thank You to comaX For This Useful Post:
mr_pingu, q6600, Saturn, udaychaitanya16