|
|
Post by antani on Sept 18, 2015 14:48:21 GMT
I tried installing them manually, but still fails to get enalbed Fruityproxy. btw... usually I am installing all modules in once with your python script... and I have noticed that some tools might conflict with the one already installed by default in /usr/sbin in KALI (e.g. ettercap). As soon I have more time... I will try to debug the problem. In the meanwhile, time permitting, could you upload on youtube a video about TAPPER + FRUITYPROXY?  To be sure I am not missing some steps. |
|
|
|
Post by xtr4nge on Sept 18, 2015 15:39:34 GMT
Hi antani,
I always try to make the modules the most general as possible, to cover debian (as base) and any kind-of/based debian. (but sometimes it requires some manual setup...)
FruityProxy is a standalone module, if all the dependencies are installed, FuityProxy can be started without any extra setup.
FruityProxy requires a newest MITMPROXY version, the version installed by default on Kali Linux I think is old ( so you need to do an upgrade ), you can upgrade MITMPROXY using pip:
pip install --upgrade mitmproxy
regards,
|
|
|
|
Post by antani on Sept 18, 2015 15:51:15 GMT
I will try as well thanks! Right now, I am thinking that would be wise for me to skip Kali and install a fresh debiab wheezy. At least we reduce the likelihood of compatibility issues.  And then, for RPI2 for example, we can release a debian based distro 100% compatible FruityWifi. At least will be a clean distro dedicated for FruityWifi. Out of curiosity... Usually which OS u use for developing/testing? Kali? Debian? Ubuntu? |
|
|
|
Post by voxhel on Sept 18, 2015 15:51:25 GMT
Hi voxhel, The setup for BDF could be tricky. First try with something that you know that will work like sysinternals (not over HTTPS): http://live.sysinternals.com + Procmon.exeafter check the properties of the file, you will see that the Digital Signature is not there anymore. (you can compare the downloaded Procmon.exe with BDFproxy activated and without [you need to clean the cache or you need to use different browsers]) Please note that BDF will not work the 100% of the times, but the rate is very high. regards, Hi xtr4nge some questions about the same modules, i updated all the toolset and individual modules "es/bdfproxy/includes/ and run install.sh", etc but using my same configs and using fruityproxy -> bdfproxy it doesnt show in the logs injecting but the "downloaded" file the digital certificate is removed. If i use tapper with bdfproxy in the logs it shows injecting but the downloaded file still keeps the digital certificate. Another thing is, even changing the LHOST ip to the 10.0.20.1 and setup multi handler for the same payload port ... on the vict after procmon.exe gets execute nothing comes back. One last thing this update introduced in Tapper module the option "ROUTE" i do not have it selected, what is it for? Please consider "opening" a IRC channel for this conversations.... thks V |
|
|
|
Post by xtr4nge on Sept 18, 2015 17:51:19 GMT
Hi guys, sorry that I moved some of the posts related to IRC into a new thread, I want to keep the threads on topic.
voxhel, the Route option is important, it is the interface/route that the "victim" will use to get internet. (If the victim gets internet without assigning the Route, probably that machine is getting internet from another interface and it is not passing through Tapper)
antani, I uploaded a video with an example: Tapper + FruityProxy + BDFproxy. I usually use Debian to develop the core and modules, but I always test them on Kali and Raspbian (RPi) before release them.
regards,
|
|
