search

Binject / backdoorfactory

A from-scratch rewrite of The Backdoor Factory - a MitM tool for inserting shellcode into all types of binaries on the wire.
https://binject.github.io/backdoorfactory
GNU General Public License v3.0
365 stars 64 forks source link

RAR Support #3

Closed ampf27 closed 4 years ago

ampf27 commented 4 years ago

Will this work on wireless or just on lan?

More arp posoning options would be great and not only when a download is made

Addition of rar format would be useful too

awgh commented 4 years ago

Thanks for your issue!

I have plans for limited RAR support, and I'll use this issue to track those (so I changed the title).

It already works on wireless now, and it will support anything that bettercap can do, including DNS and ARP, but also other MitM methods now and in the future.

You can customize all of that by editing the "binject.js" and "binject.cap" files that backdoorfactory generates for you. By default, it just automatically starts ARP spoofing, but you may not want to do this in all cases.

We're using the "http_proxy" module from bettercap, but there are other proxy modules to intercept things other than http already... check this out: https://www.bettercap.org/modules/ethernet/proxies/

You can adapt our default generated caplet to whatever you want to do - it's just a simplified version of the standard bettercap download-autopwn caplet anyway. Check out these for some examples of other stuff you can do with bettercap: https://github.com/bettercap/caplets

ampf27 commented 4 years ago

Thank you for your reply. I will keep following this project there are few (I must say this is the only besides intecepter-ng and one of hacking team) that I know to do this kind of stuff. Keep the good work

awgh commented 4 years ago

Added a new ticket for adding RAR/CPIO support, closing this one.