During the last months I published some tools which are … well not really of great use when used allone but using them combined can be quite entertaining. I developed them in the context of AyCarrumba, a tool that is supposed to be the GUI component to operate all these tools to intercept and modify network packets from other people who are connected to the same LAN. The goal was to have a tool like a combination of Cain & Abel, dSniff and Firesheep. A tool to analyse and modify data packets on one side, and on the oder side to sniff usernames and passwords.
To my surprise these tools work quite good. Some of them are still under development and there are one or two bugs to fix but password interception works quite fine (with Facebook, Twitter, LinkedIn, …).
| APE | ARP Poisoning Engine is a tool to poison the ARP cache of computers that are connected to the same LAN segment. |
| ARPGun | ARPGun is a tool to poison the ARP cache of a target computer that is connected to the same LAN segment. You define the network interface, the target system’s IP address and ARPGun sends the poisoned ARP packets to it to cut its way to the Internet. |
| DNSHijack | DNSHijack is a simple and straightforward tool to send faked DNS replies back to client system. If DNSHijack is answering the request faster than the DNS server the requesting client will keep the spoofed IP address in its DNS cache. |
| HTTPReverseProxy | HTTPReverseProxy is a simple and strightforward HTTP reverse proxy server written in C#. When it is started it listens on the regular HTTP port, waits for incoming requests and forwards these to the server that is defined in the HTTP request headers Host directive. But instead of just forwarding requests it is also possible to modify the request itself or the responses sent back by the real web server. This is quite handy if you want to sniff data (like user names or passwords) that is protected by HTTPS. |
| HTTPSReverseProxy | HTTPSReverseProxy (will be published 18th August 2012) is a HTTPS reverse proxy server written in C#. When it is started it listens on the regular HTTPS port (443), waits for incoming requests and forwards these to the server that is defined in the HTTP request headers Host directive. But instead of just forwarding requests it is also possible to modify the request itself or the responses sent back by the real web server. |
| IPAccounting | IPAccounting is a tool to analyze and monitor incoming/outgoing IP traffic. |
| TCPForward | TCPForward is a tool that, as its name already says, allows to forward TCP connections on a specific port. |
| TCPGun | TCPGun is a tool to attack known weaknesses inside the TCP protocol. Currently supported attacks are TCP SYN flooding and TCP RST injection. |
| HTTPGun | (Under development) … |
Play around with them. Use them in your lab network to see how they work or use them as a part of your toolset in penetration tests. They are free of charge. You can donwload the binaries for free, bugs get fixed as soon as possible. The only thing I ask you is to send me feedback where you used them (privately, pentests, …), how successful you were, reporting bugs you’ve found … feedback to improve them.
Thanks in advance and have fun!
Thank you this stuff works great
ahm… i hanv’t tried that yet. but feel free and let other people know if its working :)
A little off-topic question: Is it possible to run theese tools with the help of wine or mono under Linux?