Jump to content

Recommended Posts

Posted

After using MITMf for a while on my Kali Linux machine, I'm wondering whether it would be feasible to use it on a Bash Bunny.

You'd have to be able to pull things like the gateway and DNS server automatically, but beyond that the only problem I can think of is the complex dependencies for MITMf.

Thoughts?

Posted

apt install bettercap on Kali and give it a try.  I have MiTMf too and used it forever, recently tried Better and it works awesome.  It is missing some of the cool modules like filep0wn, HTA attack and a few others but still awesome.

You may...I say may, can pull this off by doing mitm manually.  dnsspoof, some firewall rules, ipv4 forward enabled, sslstrip+ and some kind of proxy llike mitmproxy or something.  Question is will the machine use the BB first and will it tunnel through it or will it default to the onboard NIC.  We know responder works because the machine tries the BB first.

Mitmf maybe too much for the BB since the new version needs to be install with virtualenvwrapper.  You could try bettercap.

Create payload with just the ECM_ETHERNET for linux or RNDIS_ETHERNET for windows in the payload file, and maybe some leds to let you know it is ready.

ssh to the BB and create a test folder under root.  (this is how I test tools).

scp the folder with the program you clones to that folder on the BB and then try and run it (no install, you want to avoid extra stuff being dumped on the BB where you will have to find it and remove it).  I would look on Bettercap's site for their dependencies too which can help.  With any mitm program, you should not have to spoof icmp or arp since you are directly connected.  Will not do any good since the BB will be on a different subnet than your network.

This is all speculation.  The bug to try and do this has not hit me yet.  Rather build a payload to add a ca cert and change their gateway to my mitm machine or change their proxy and point it to a burp proxy.  Using the BB for a mitm would require me leaving the bunny.  Rather run and go.

Posted

I have had no luck with bettercap because i have not found a version of ruby for arm devices over 2.1.5 and for bettercap to be installed some dependencies need ruby 2.2 or greater.  

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...