View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0002431Kali LinuxNew Tool Requestspublic2015-07-18 21:452020-02-11 12:08
ReporterMister_X Assigned To 
PrioritynormalSeverityfeatureReproducibilityN/A
Status closedResolutionwon't fix 
Summary0002431: middler
Description

The Middler is a Man in the Middle tool to demonstrate protocol middling attacks. Led by Jay Beale, the project involves a team of authors including InGuardians agents Justin Searle and Matt Carpenter. The Middler is intended to man in the middle, or "middle" for short, every protocol for which we can create code.

In our first alpha release, we released a core built by Matt and Jay, with introductory plug-ins by Justin and InGuardians agent Tom Liston. It runs on Linux and Mac OS X, with most of the code functional on Windows.

The current codebase is in the beta state, with a full release coming soon, with better documentation (see the wiki), easier installation, and even more plug-ins, at least if Justin has his way!
Plug-Ins

Justin and Tom's first plug-ins were very cool:

plugin-beef.py - inject the Browser Exploitation Framework (BeEF) into any HTTP requests originating on the local LAN 

plugin-metasploit.py - inject an IFRAME into cleartext (HTTP) requests that loads Metasploit browser exploits 

plugin-keylogger.py - inject a JavaScript onKeyPress event handler to cleartext forms that get submitted via HTTPS, forcing the browser to send the password character-by-character to the attacker's server, before the form is submitted.

Justin has refinements to these on the way, as well as a batch of so-far unreleased modules.

The author team has done a tremendous amount of research, design and pseudo-code work, fleshing out attacks on web-based e-mail systems and social networking sites. We'll be standing up an external Wiki soon to share more of these ideas, but you can get early details from our slides from Jay and Justin's talks at Def Con and ShmooCon.
Dependencies:

The Middler depends on the following Python modules:

scapy
libpcap
readline
libdnet
Additional Information

URL: https://code.google.com/p/middler/

Activities

g0tmi1k

g0tmi1k

2018-01-29 15:05

administrator   ~0008425

To help speed up the process of evaluating the tool, please make sure to include the following information (the more information you include, the more beneficial it will for us):

  • [Name] - The name of the tool
  • [Version] - What version of the tool should be added?
    --- If it uses source control (such as git), please make sure there is a release to match (e.g. git tag)
  • [Homepage] - Where can the tool be found online? Where to go to get more information?
  • [Download] - Where to go to get the tool?
  • [Author] - Who made the tool?
  • [Licence] - How is the software distributed? What conditions does it come with?
  • [Description] - What is the tool about? What does it do?
  • [Dependencies] - What is needed for the tool to work?
  • [Similar tools] - What other tools are out there?
  • [How to install] - How do you compile it?
  • [How to use] - What are some basic commands/functions to demonstrate it?
Mister_X

Mister_X

2018-02-01 02:17

reporter   ~0008599

Cannot find it anymore.

https://www.youtube.com/watch?v=E2p9a2tceNo

https://www.defcon.org/images/defcon-17/dc-17-presentations/defcon-17-beale-searle-middler2.0.pdf
g0tmi1k

g0tmi1k

2020-02-11 12:08

administrator   ~0012222

Project now 404s

Issue History

Date Modified Username Field Change
2015-07-18 21:45 Mister_X New Issue
2018-01-29 10:23 g0tmi1k Summary Add middler => middler
2018-01-29 15:05 g0tmi1k Note Added: 0008425
2018-02-01 02:17 Mister_X Note Added: 0008599
2018-02-21 09:35 g0tmi1k Product Version 1.1.0 =>
2019-12-09 13:30 g0tmi1k Severity minor => feature
2020-02-11 12:08 g0tmi1k Note Added: 0012222
2020-02-11 12:08 g0tmi1k Status new => closed
2020-02-11 12:08 g0tmi1k Resolution open => won't fix