• Home
  • Become a Hacker
    • Get Started
    • Hacker Mindset
    • Roadmap
    • Simple Setup – Hacker 101
    • Types of Hackers
    • Recommended Courses
  • Boot People Offline
  • Courses
    • All Hacking Courses
    • Cyber Security School
  • CTF
    • Beginners to Advanced Guide
    • Create your own CTF box
    • Field and Resources Guide
    • Platforms & Wargames
    • Tools Used for Solving CTF
    • Writeups
  • Dark Web
    • Beginners Guide
    • Darknet Markets
    • Darkweb 101 (Anonymity Guide)
    • Dark Web OSINT Tools
    • Hacking Forums
    • Latest News
    • Onion Links
  • Hacker Gadgets
  • Hacking Books
  • Tools Directory
Menu
  • Home
  • Become a Hacker
    • Get Started
    • Hacker Mindset
    • Roadmap
    • Simple Setup – Hacker 101
    • Types of Hackers
    • Recommended Courses
  • Boot People Offline
  • Courses
    • All Hacking Courses
    • Cyber Security School
  • CTF
    • Beginners to Advanced Guide
    • Create your own CTF box
    • Field and Resources Guide
    • Platforms & Wargames
    • Tools Used for Solving CTF
    • Writeups
  • Dark Web
    • Beginners Guide
    • Darknet Markets
    • Darkweb 101 (Anonymity Guide)
    • Dark Web OSINT Tools
    • Hacking Forums
    • Latest News
    • Onion Links
  • Hacker Gadgets
  • Hacking Books
  • Tools Directory
Search
Close
  • Home
  • 2017
  • December
  • 6
  • MITM Router – Man in the middle Router

MITM Router – Man in the middle Router

December 6, 2017July 27, 2019 Comments Off on MITM Router – Man in the middle Router
mitm attack MITM Router - Man in the middle Router turn computer into mitm server

Turns any linux computer into a public Wi-Fi network that silently mitms all http traffic. Runs inside a Docker container using hostapd, dnsmasq, and mitmproxy to create an open honeypot wireless network named “Public”.

For added fun, change the network name to “xfinitywifi” to autoconnect anyone who has ever connected to those networks… they are everywhere.

MAC Randomization

By default, mitm-router randomizes the MAC address of your AP_IFACE to anonymize your network device. This can be disabled with the MAC="unchanged" environment variable. You can also explicitly set the AP_IFACE MAC address with MAC="XX:XX:XX:XX:XX:XX".

 

Configuring

Supported environment variables are listed below with their default values:

# wireless device name that will be used for the Access Point
AP_IFACE="wlan0"

# device name that is used for the router's internal internet connection
# packets from AP_IFACE will be forwarded to this device
INTERNET_IFACE="eth0"

# wireless network name
SSID="Public"

# optional WPA2 password; if left empty network will be public
PASSWORD=""

# optional randomization of AP_IFACE MAC address
# can be set to a specific value like "XX:XX:XX:XX:XX:XX"
# or "unchanged" to leave the device MAC alone
MAC="random"

# tcpdump output file location inside the container
CAPTURE_FILE="/root/data/http-traffic.cap"

# optional mitmproxy filter
# see http://docs.mitmproxy.org/en/stable/features/filters.html
FILTER=""

 

Security

This access point runs inside of Docker for isolation, ensuring that any vulnerabilities that may be exploitable in the access point will not allow an adversary access to your computer or home network. That said, there are a few caveats to be aware of:

  • --net host shares all of the network interfaces and iptables entries from the host machine with the docker container. Assume that a vulnerable docker container would have root access to these devices.
  • Running in --privileged mode gives extended permissions to the docker container
  • Your host machine (the one running docker) will be accessible on the “Public” network as a connected client. For this reason, please use a firewall (ufw on linux) to block incoming traffic on all ports so that computers on the “Public” network do not have access to exposed services your machine.
  • All traffic on the honeypot network will be outbound from you home network’s gateway. If someone on the “Public” network is torrenting or conducting illegal activity you will be held accountable and your ISP may cancel your service.

For added security, I prefer to run this docker container on a dedicated computer, like a Raspberry Pi.

 

Running

# clone the repo
git clone https://github.com/brannondorsey/mitm-router
cd mitm-router

# build the image this step can be omitted if you prefer to pull 
# the image from the docker hub repository
docker build . -t brannondorsey/mitm-router

Run the following, replacing AP_IFACE and INTERNET_IFACE with your wireless device and internet-connected ethernet/wireless devices respectively. You can can get see the name of your network devices by running ifconfig.

# run the container
docker run -it --net host --privileged \
-e AP_IFACE="wlan0" \
-e INTERNET_IFACE="eth0" \
-e SSID="Public" \
-v "$(pwd)/data:/root/data" \
brannondorsey/mitm-router

If all went well, you should see something like this:

Current MAC:   a5:ae:f9:a4:b7:e3 (TP-LINK TECHNOLOGIES CO.,LTD.)
Permanent MAC: a5:ae:f9:a4:b7:e3 (TP-LINK TECHNOLOGIES CO.,LTD.)
New MAC:       00:d2:6b:d5:fe:bd (PHOTRON USA)
[ ok ] Starting system message bus: dbus.
[ ok ] Starting DNS forwarder and DHCP server: dnsmasq.
[ ok ] Starting advanced IEEE 802.11 management: hostapd.
Proxy server listening at http://0.0.0.0:1337

mitm-router transparently captures all HTTP traffic sent to the router at 10.0.0.1:80. It does not intercept HTTPS traffic (port 443) as doing so would alert a user that a possible man-in-the-middle attack was taking place. Traffic between URLs that begin with https:// will not be captured.

The mitm-router/data/ folder is shared with the docker container so that we can view the capture files that it places there on our host machine. By default, you will find the mitmdump capture file in mitm-router/data/http-traffic.cap.

You can also connect your INTERNET_IFACE to a hostpot running on your phone for mitm pwnage on the go 😉

 

Man-in-the-middle Router Download

Post navigation

DAMM – An Open Source Memory Analysis Tool
TeamViewer Vulnerability Lets Attackers Take Full Control of PCs

Related Articles

Pentesting Reporting Tool (1)

BlackStone – Pentesting Reporting Tool

- Hack Tools
August 7, 2022
Pict - Post-Infection Collection Toolkit

Pict – Post-Infection Collection Toolkit

- Hack Tools
August 6, 2022
CVE-2022-35924: Nextauth.js Authentication Bypass Vulnerability

CVE-2022-35924: Nextauth.js Authentication Bypass Vulnerability

- Hack Tools
August 6, 2022
hacker gadgets
hacker phone covers

Recent Posts

Pentesting Reporting Tool (1)

BlackStone – Pentesting Reporting Tool

August 7, 2022
Pict - Post-Infection Collection Toolkit

Pict – Post-Infection Collection Toolkit

August 6, 2022
CVE-2022-35924: Nextauth.js Authentication Bypass Vulnerability

CVE-2022-35924: Nextauth.js Authentication Bypass Vulnerability

August 6, 2022
jsubfinder: earch webpages & javascript for hidden subdomains and secrets in the given URL

jsubfinder: earch webpages & javascript for hidden subdomains and secrets in the given URL

August 6, 2022
Peetch - An eBPF Playground

Peetch – An eBPF Playground

August 5, 2022
CVE-2022-25168: Apache Hadoop Command Injection Vulnerability

CVE-2022-25168: Apache Hadoop Command Injection Vulnerability

August 5, 2022

Social Media Hacking

SocialPath – Track users across Social Media Platforms

SocialPath – Track users across Social Media Platforms

- Social Media Hacking
October 16, 2019October 16, 2019

SocialPath is a django application for gathering social media intelligence on specific username. It checks for Twitter, Instagram, Facebook, Reddit...

SocialScan – Check Email Address and Username Availability on Online Platforms

SocialScan – Check Email Address and Username Availability on Online Platforms

June 17, 2019
Shellphish – Phishing Tool For 18 Social Media Apps

Shellphish – Phishing Tool For 18 Social Media Apps

June 10, 2019July 27, 2019
WhatsApp Hacking using QRLJacking

WhatsApp Hacking using QRLJacking

May 2, 2019May 19, 2019
How to Hack any Facebook Account with Z-Shadow

How to Hack any Facebook Account with Z-Shadow

April 26, 2019June 29, 2020
hacker buffs

About Us

Haxf4rall is a collective, a good starting point and provides a variety of quality material for cyber security professionals.

Join Our Community!

Please wait...
Get the latest News and Hacking Tools delivered to your inbox.
Don't Worry ! You will not be spammed

Active Members

Submit a Tool

Hackers Handbook 2018


Grab your copy here

ABOUT US

Haxf4rall is a collective, a good starting point and provides a variety of quality material for cyber security professionals.

Our primary focus revolves around the latest tools released in the Infosec community and provide a platform for developers to showcase their skillset and current projects.

COMPANY
  • Contact Us
  • Disclaimer
  • Hacker Gadgets
  • LANC Remastered
  • PCPS IP Puller
  • Privacy Policy
  • Sitemap
  • Submit your Tool
Menu
  • Contact Us
  • Disclaimer
  • Hacker Gadgets
  • LANC Remastered
  • PCPS IP Puller
  • Privacy Policy
  • Sitemap
  • Submit your Tool
Live Chat
RESOURCES
  • Attack Process
  • Become a Hacker
  • Career Pathways
  • Dark Web
  • Hacking Books
  • Practice Your Skills
  • Recommended Courses
  • Simple Setup – Hacker 101
Menu
  • Attack Process
  • Become a Hacker
  • Career Pathways
  • Dark Web
  • Hacking Books
  • Practice Your Skills
  • Recommended Courses
  • Simple Setup – Hacker 101
Get Started
TOOLBOX
  • Anonymity
  • Bruteforce
  • DoS – Denial of Service
  • Information Gathering
  • Phishing
  • SQL Injection
  • Vulnerability Scanners
  • Wifi Hacking
Menu
  • Anonymity
  • Bruteforce
  • DoS – Denial of Service
  • Information Gathering
  • Phishing
  • SQL Injection
  • Vulnerability Scanners
  • Wifi Hacking
Tools Directory

2014 – 2020 | Haxf4rall.com               Stay Connected:

Facebook Twitter Google-plus Wordpress
Please wait...

Join Our Community

Subscribe now and get your free HACKERS HANDBOOK

Don't Worry ! You will not be spammed
SIGN UP FOR NEWSLETTER NOW