Skip to content
This repository has been archived by the owner on Apr 25, 2022. It is now read-only.
/ surfjack Public archive

Automatically exported from code.google.com/p/surfjack - not actively maintained

Notifications You must be signed in to change notification settings

EnableSecurity/surfjack

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
 
 
 
 
 
 
 
 

Repository files navigation

This is a demonstration tool for the Surf Jack attack.
It is able to hijack the cookie for various sites
(some of which make use of HTTPS) and allows the tester to login as the victim.

By: Sandro Gauci <sandro@enablesecurity.com>

Requirements:
Scapy - http://www.secdev.org/projects/scapy/
Scapy's requirements
Python 2.4+

Features:
	* Does Wireless injection when the nic is in monitor mode
	* Supports Ethernet
	* Support for WEP (when the nic is in monitor mode)

Known issues:
	* Sometimes the victim is not redirected correctly (particularly seen when targeting Gmail)
	* Cannot stop the tool via a simple Control^C. This is a problem with the proxy

Installation:
	1. Get scapy from http://hg.secdev.org/scapy/raw-file/tip/scapy.py
		For more on installation of scapy:
		http://www.secdev.org/projects/scapy/portability.html
	2. Extract Surf Jack files into the same directory as scapy.py

Running:
$ ./surfjack.py --help
Usage: just run surfjack.py. use --help to print out the help

Options:
  --version         show program's version number and exit
  -h, --help        show this help message and exit
  -i INTERFACE      specify an interface
  -v                increase verbosity
  -q                quiet mode
  -j INJIFACE       interface to use to inject packets with
  -W WEPKEY         WEP key
  -c CONFIG         Specify a custom configuration file
  --dontignoreself  Disable ignoring of own traffic
  
$ ./surfjack.py -i wlan0 -v

About

Automatically exported from code.google.com/p/surfjack - not actively maintained

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages