Advanced Man-in-the-Middle Attacks with Xerosploit

" "

Advanced Man-in-the-Middle Attacks with Xerosploit

A man-in-the-middle attack, or MitM attack, is when a hacker gets on a network and forces all nearby devices to connect to their machine directly. This lets them spy on traffic and even modify certain things. Bettercap is one tool that can be used for these types of MitM attacks, but Xerosploit can automate high-level functions that would normally take more configuration work in Bettercap.

Xerosploit rides on top of a few other tools, namely, Bettercap and Nmap, automating them to the extent that you can accomplish these higher-level concepts in just a couple of commands.

However, Xerosploit can be hit or miss, so don't be surprised if some webpages can't be spoofed because the target is using HTTPS or funneling traffic through a VPN. Considering 73% of all websites use HTTPS, you'll only have success manipulating webpages on the remaining 27%, and only if no VPN is being used.Some sites can still be accessed via HTTP because they aren't redirecting insecure requests to HTTPS, and some don't even have secure versions yet. Here is a small sample, but there are many more in that 27%:

What's Needed

We've only tested Xerosploit out on Ubuntu and Kali Linux, but it may work on macOS. However, you can only select between "Ubuntu / Kali Linux / Others" and "Parrot OS" during the installation process.

You'll also need the latest version of Python installed on your computer.


Step 1 Install Xerosploit

First, install Xerosploit off GitHub using git clone.

~$ git clone https://github.com/LionSec/xerosploit

Cloning into 'xerosploit' ...
remote: Enumerating objects: 306, done.
remote: Total 306 (delta 0), reused 0 (delta 0), pack-reused 306
Receiving objects: 100% (306/306), 793.28 KiB | 2.38 MiB/s, done.
Resolving deltas: 100% (68/68), done.

Then, change into its directory (cd) and start the installer using Python. It will ask you to select your operating system; if using Kali Linux, choose 1 and hit enter.

~$ cd xerosploit && sudo python install.py

┌══════════════════════════════════════════════════════════════┐
█                                                              █
█                     Xerosploit Installer                     █
█                                                              █
└══════════════════════════════════════════════════════════════┘

[++] Please choose your operating system.

1) Ubuntu / Kali Linux / Others
2) Parrot OS

>>> 1

[++] Insatlling Xerosploit ...
Get:1 http://kali.download/kali kali-rolling inRelease [30.5 kB]
Get:2 http://kali.download/kali kali-rolling/main Sources [14.0 kB]

...

Xerosploit has been successfully installed. Execute 'xerosploit' in your termninal.

Step 2

Step 2 Install the Dependencies

For Xerosploit to do its job correctly, you'll need all of the tools that it built its service on top of, including Nmap, hping3, build-essential, ruby-dev, libpcap-dev, and libgmp3-dev. If you're using Kali, you probably already have all of these.

~/xerosploit$ sudo apt install nmap hping3 build-essential ruby-dev libpcap-dev libgmp3-dev

Reading package lists ... Done
Building dependency try ... Done
Reading state information ... Done
build-essential is already the newest version (12.9).
build-essential set to manually installed.
hping3 is already the newest version (3.a2.ds2-10).
hping3 set to manually installed.
nmap is already the newest version (7.91+dfsg1-1kali1).
nmap set to manually installed.
ruby-dev is already the newest version (1:2.7+2).
ruby-dev set to manually installed.
libpcap-dev is already the newest version (1.9.1-r0).
libpcap-dev set to manually installed.
libgmp3-dev is already the newest version (2:6.0.0+dfsg-6).
libgmp3-dev set to manually installed.

And use Python to install tabulate and terminaltables, which will let Xerosploit display information to you in an easy-to-read way. You likely already have these tools too.

~/xerosploit$ sudo pip3 tabulate terminaltables

Requirement already satisfied: tabulate in /usr/lib/python3/dist-packages (0.8.7)
Requirement already satisfied: terminaltables in /usr/lib/python3/dist-packages (3.1.0)

Step 3

Step 3 View Xerosploit's Commands

Start Xerosploit with the xerosploit command. Right away, it will show you information on your network configuration.

~/xerosploit$ sudo xerosploit

        ▄  ▄███▄   █▄▄▄▄ ████▄    ▄▄▄▄▄   █ ▄▄  █     ████▄ ▄█    ▄▄▄▄▀
    ▀▄   █ █▀   ▀  █  ▄▀ █   █   █     ▀▄ █   █ █     █   █ ██ ▀▀▀ █
      █ ▀  ██▄▄    █▀▀▌  █   █ ▄  ▀▀▀▀▄   █▀▀▀  █     █   █ ██     █
     ▄ █   █▄   ▄▀ █  █  ▀████  ▀▄▄▄▄▀    █     ███▄  ▀████ ▐█    █
    █   ▀▄ ▀███▀     █                     █        ▀        ▐   ▀
     ▀              ▀                       ▀

[+]═══════════[ Author : @LionSec1 _-\|/-_ Website: www.neodrix.com ]═══════════[+]

                      [ Powered by Bettercap and Nmap ]

┌═════════════════════════════════════════════════════════════════════════════┐
█                                                                             █
█                         Your Network Configuration                          █
█                                                                             █
└═════════════════════════════════════════════════════════════════════════════┘

╒════════════════════════════════════════════════════════════════════════════╤═══════════════════╤═════════════╤═════════╤═════════════╕
│                                 IP Address                                 │    MAC Address    │   Gateway   │  Iface  │  Hostname   │
╞════════════════════════════════════════════════════════════════════════════╪═══════════════════╪═════════════╪═════════╪═════════════╡
├────────────────────────────────────────────────────────────────────────────┼───────────────────┼─────────────┼─────────┼─────────────┤
│ 192.168.8.172 fd0b:ed07:cb03:10::3fa fd0b:ed07:cb03:10:dcf1:e71a:2dc3:299f │ 28:D2:44:23:54:2B │ 192.168.8.1 │  eth0   │ Macbook-Pro │
╘════════════════════════════════════════════════════════════════════════════╧═══════════════════╧═════════════╧═════════╧═════════════╛

╔═════════════╦════════════════════════════════════════════════════════════════════╗
║             ║ Xerosploit is a penetration testing toolkit whose goal is to       ║
║ Information ║ perform man in the middle attacks for testing purposes.            ║
║             ║ It brings various modules that allow to realise efficient attacks. ║
║             ║ This tool is Powered by Bettercap and Nmap.                        ║
╚═════════════╩════════════════════════════════════════════════════════════════════╝

[+] Please type 'help' to view commands.

Xero ➮

Type help to see all of the commands available in Xerosploit.

Xero ➮ help

╔══════════╦════════════════════════════════════════════════════════════════╗
║          ║                                                                ║
║          ║ scan : Map your network.                                       ║
║          ║                                                                ║
║          ║ iface : Manually set your network interface.                   ║
║ COMMANDS ║                                                                ║
║          ║ gateway : Manually set your gateway.                           ║
║          ║                                                                ║
║          ║ start : Skip scan and directly set your target IP address.     ║
║          ║                                                                ║
║          ║ rmlog : Delete all xerosploit logs.                            ║
║          ║                                                                ║
║          ║ help : Display this help message.                              ║
║          ║                                                                ║
║          ║ exit : Close Xerosploit.                                       ║
║          ║                                                                ║
╚══════════╩════════════════════════════════════════════════════════════════╝

[+] Please type 'help' to view commands.

Xero ➮

Comments