mitm-router: Man-in-the-middle wireless access point

haxxmap

Man-in-the-middle Router

Turn any linux computer into a public Wi-Fi network that silently mitms all http traffic. Runs inside a Docker container using hostapddnsmasq, and mitmproxy to create a open honeypot wireless network named “Public”. For added fun, change the network name to “xfinitywifi” to autoconnect anyone who has ever connected to those networks… they are everywhere.

DISCLAIMER: This software is for educational purposes only. It should not be used for illegal activity. The author is not responsible for its use. Don’t be a dick.

# clone the repo

git clone https://github.com/brannondorsey/mitm-router
cd mitm-router

# build the image this step can be omitted if you prefer to pull
# the image from the docker hub repository
docker build . -t brannondorsey/mitm-router

Run the following, replacing AP_IFACE and INTERNET_IFACE with your wireless device and internet-connected ethernet/wireless devices respectively. You can can get see the name of your network devices by running ifconfig.

 

If all went well, you should see something like this:

Current MAC:   a5:ae:f9:a4:b7:e3 (TP-LINK TECHNOLOGIES CO.,LTD.)

Permanent MAC: a5:ae:f9:a4:b7:e3 (TP-LINK TECHNOLOGIES CO.,LTD.)
New MAC: 00:d2:6b:d5:fe:bd (PHOTRON USA)
[ ok ] Starting system message bus: dbus.
[ ok ] Starting DNS forwarder and DHCP server: dnsmasq.
[ ok ] Starting advanced IEEE 802.11 management: hostapd.
Proxy server listening at http://0.0.0.0:1337

mitm-router transparently captures all HTTP traffic sent to the router at 10.0.0.1:80. It does not intercept HTTPS traffic (port 443) as doing so would alert a user that a possible man-in-the-middle attack was taking place. Traffic between URLs that begin with https:// will not be captured.

The mitm-router/data/ folder is shared with the docker container so that we can view the capture files that it places there on our host machine. By default, you will find the mitmdump capture file in mitm-router/data/http-traffic.cap.

You can also connect your INTERNET_IFACE to a hostpot running on your phone your for mitm pwnage on the go 😉

Download & Tutorial