Saturday 17 August 2013

Getting meterpreter session over MITM Attack [Study Only]


Hello , I wanna share an interesting technique By which we would get a meterpreter Session Over a MITM in a very easy way.


Tools:
1. Ubuntu [Recommended Kali]
2. Subterfuge [Download Here]
3. Armitage/Metasploit

Now We are familiar with armitage and ubuntu.

What is Subterfuge?

Subterfuge is an automated Man In The Middle Attack Framework. Subterfuge is a web based tools that can run smoothly using ur localhost system without installing webserver (it is included in the installation software). It is a simple but devastatingly effective credential-harvesting program, which exploits vulnerabilities in the inherently trusting Address Resolution Protocol.


Host Machine = windows 7 
Victim Machine = Windows xp 
Exploit Machine = Kali