leg3nd Posted October 2, 2013 Share Posted October 2, 2013 (edited) Description: This is a basic implementation of a ruby HTTP proxy with the ability to inject arbitrary code into a web pages response. This allows for a multitude of attack vectors which will soon be released in my JasagerPwn script, but you can use your imagination and create your own vectors with this. Some basic attack vectors you can play with (they will also be automated in my script): beef hook injection, java applet injection, browser/plugin exploit injection. Feature Set: Installer - Install the dependencies in order to run the ruby script. Proxy Log Output - Displays the log standard output that is generated by Digininja's proxy script. Attacker (single address) filter - Pretty self explanitory, this adds a '! -s attacker_ip' in the iptables rule so you do not inject code into your own browsing sessions. Injection Code EDitor - Allows you to enter in any arbitrary code into the text editor. Note, if you have an attack running and modify this code - you need to restart the attack. Auto Refresh Enable/Disable and Logging in Small Tile Screenshot (Interface): Screenshot (Basic Alert Pop-up): Edited October 25, 2013 by leg3nd Quote Link to comment Share on other sites More sharing options...
Sebkinne Posted October 2, 2013 Share Posted October 2, 2013 Note: This is not an official infusion and has not been reviewed. Please keep that in mind if you do try it out! The author can submit this infusion to http://wifipineapple.com at any point in time to get it approved and added to the pineapple bar. Best Regards, Sebkinne Quote Link to comment Share on other sites More sharing options...
newbi3 Posted October 3, 2013 Share Posted October 3, 2013 Release an infusion in the pineapple bar! I'd love to see this. Quote Link to comment Share on other sites More sharing options...
leg3nd Posted October 3, 2013 Author Share Posted October 3, 2013 I submitted both this and my basic wireless script manager to the bar 2 days ago - should be available soon. Quote Link to comment Share on other sites More sharing options...
Whistle Master Posted October 5, 2013 Share Posted October 5, 2013 I just reviewed and approved it ;) Quote Link to comment Share on other sites More sharing options...
newbi3 Posted October 5, 2013 Share Posted October 5, 2013 I was able to get it to start but then my pages would not load so i stopped it and restarted it and now it wont even start Quote Link to comment Share on other sites More sharing options...
leg3nd Posted October 5, 2013 Author Share Posted October 5, 2013 start it, post the results of "iptables -S -t nat ; ps aux | grep ruby ; netstat -antp" It should have a rule that redirects traffic from br-lan to port 8888. Note that I've only tested this with using an attached wireless card for ICS, but it should work for other configurations. Quote Link to comment Share on other sites More sharing options...
secret4all Posted November 6, 2013 Share Posted November 6, 2013 I checked my pineapple bar, it does not show there. What happen? How to check? Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.