The security of local networks currently leaves much to be desired. Normally the user protects himself against the dangers that exist outside but forgets that, in the event that a user manages to exploit the key of his WiFi (or in the same way, is connected to a public WiFi network) he will be able, in a Very easily, obtain data such as usernames and passwords of the websites visited by the victim.
These attacks are called MITM (Man In The Middle) attacks and try, in a brief explanation, to impersonate the router or gateway so that all packets will be filtered by the system in a completely transparent way to the victim.
A new MITM attack tool is becoming very popular in recent days, called Subterfuge. Despite being still in beta, the results returned by this tool are excellent.
We can download the tool from the Author’s Google Code page.
Once downloaded we can see that we have a .tar.gz file. These files are special compressed files for Linux so we are going to unzip them from a terminal of any Linux distribution. To do this we open a terminal (or a TTY), go to the directory where we have downloaded the file and type the following command:
- tar xfvz SubterfugePublicBeta5.0.tar.gz
The name of the file may vary depending on the version that we have downloaded. In this case beta 5 is the newest.
We already have the program unzipped. Next we are going to install it. Being a .py file we must have installed on our computer the Python libraries. If they are already installed, we continue with the installation by typing the following in the terminal.
- cd subtefurge /
With this, we will go to the new folder that we created in the previous step and execute the installation script. An installation wizard will appear.
We select that we want to install the program with the dependencies included and we click on Install. We wait a few seconds and the installation will finish.
Once installed we must execute the following command to start the program’s daemon.
- subterfuge -s 127.0.0.1:8080
The program will start showing a window similar to the following.
Once the daemon is started we can start using the program. For this we must write in our web browser:
And the main window of the program will appear.
We have everything ready to begin the attack to test the security of our network. We first click on the modules section to access the different modules available.
In future articles we will explain how we can use each of the different modules that this audit suite offers us. You will find all the manuals in the dedicated page in RedesZone.