MITM工具和框架:bettercap
bettercap 是一个完整的,模块化的,便于携带和易于扩展的MITM工具和框架。拥有各种诊断和攻击功能,可以执行中间人攻击。
MOTIVATIONS
Yet another MITM tool? C'mon, really?!!?
This is exactly what you are thinking right now, isn't it? :D But allow yourself to think about it for 5 more minutes ... what you should be really asking is:
Does a complete, modular, portable and easy to extend MITM tool actually exist?
If your answer is "ettercap", let me tell you something:
- ettercap was a great tool, but it made its time.
- ettercap filters do not work most of the times, are outdated and hard to implement due to the specific language they're implemented in.
- ettercap is freaking unstable on big networks ... try to launch the host discovery on a bigger network rather than the usual /24 ;)
- yeah you can see connections and raw pcap stuff, nice toy, but as a professional researcher I want to see only relevant stuff.
- unless you're a C/C++ developer, you can't easily extend ettercap or make your own module.
Indeed you could use more than just one tool ... maybe arpspoof to perform the actual poisoning, mitmproxy to intercept HTTP stuff and inject your payloads and so forth ... I don't know about you, but I hate when I need to use a dozen of tools just to perform one single attack, especially when I need to do some black magic in order to make all of them work on my distro or on OSX ... what about the KISS principle?