Skip to content
dansanduleac edited this page May 24, 2011 · 2 revisions

Copy redir.sh.example to redir.sh and modify the parameters to get started. After starting that, the victim's traffic should be redirected through your computer, and in addition his/her http requests will get redirected to your localhost:8081 where the proxy will listen by default.

The next step is to run python start_proxy.py in order to start the proxy that modifies the victim's HTTP requests (and the replies as well). Modify UserMITM.py according to the MITM attacks you want to use. By default it converts any https link into a regular http link, in pages that are sent insecurely. This effectively disables security on sites that only supply a https link as the action of the login form (such as facebook.com, haha). Thus, the victim won't even KNOW that they're connecting insecurely, because they weren't expecting that (and also cannot normally tell if) their login details are sent securely or not.

The comments in redir.sh should explain more

Clone this wiki locally