
Lans.py: capture usernames, passwords, messages and inject arbitrary HTML - flingtriangle
https://github.com/DanMcInerney/LANs.py
======
MrOrelliOReilly
Could anyone point me to a resource that offers a high level explanation of
how stuff like this 'works'? I'm happy to spend time parsing the source code
but that won't tell me how/why you're able to intercept HTTP requests or w/e
is happening. I just want to understand :'((

EDIT Looking for something more complete than a wiki article on ARP spoofing

~~~
est
> how/why you're able to intercept HTTP requests or w/e is happening.

Basically, in a typical LAN, you _think_ the server is communicating directly
with you alone, but in fact it's broadcasting to everyone. Your NIC and OS
just happen try not to receive it.

------
gcb1
doesnt all switches protect you from arp poisoning? or am i missing something
on the attack vector? i understand the proxy part is cool... but the vector
appears to be a non issue. i just skimmed the readme...

~~~
e12e
Most certainly not. Many _enterprise_ switches can be/should be/are configured
to protect against it -- but most consumer grade (home) switches I've seen
don't.

Not sure what the status of various wireless routers/aps (eg: software ap on
*bsd/linux).

~~~
gcb1
i think what you call home switches are hubs. they operate on different
network layers, hence the different name.

~~~
akx
I don't think hubs (ie. the sort of switch that indiscriminately transmits
every packet to every port) have been in widespread use for ages anymore.

------
oftenwrong
Can't wait to see what they call the GTK version

~~~
vanni
The name would be appropriate, anyway, because it can be used for penetration
testing :D

------
bbayer
Please use 2 or 4 spaces while writing python code. It becomes impossible to
read.

~~~
nilliams
I agree with you for code samples in READMEs, but for actual code allow people
to respectfully disagree [1].

The benefit of tabs is that you can open it in your editor and set you editor
to view tabs at whatever your spacing preference (2 or 4 spaces).

That github doesn't let you specify the tab-sizing you wish to view the code
at is no fault of the author's (it would be a nice feature for github to add).

Please don't throw PEP8 at me :)

[1] [http://lea.verou.me/2012/01/why-tabs-are-clearly-
superior/](http://lea.verou.me/2012/01/why-tabs-are-clearly-superior/)

~~~
smnrchrds
Why not? It's a convention almost everyone has agreed upon. More than 95% of
python code out there uses spaces[1]. The new PEP-8 prefers spaces over tabs.
I have configured my text editor to put 4 spaces when I press the tab key and
auto-indent with 4 spaces as well. Now, if I want to contribute to a project
which uses tabs instead of spaces or use such a project in my own code, I have
to change my text editor preferences every time I open those files or fork the
project and convert tabs to spaces.

Tabs may have some advantages over spaces, but uniformity is far more
important.

[1]
[http://sideeffect.kr/popularconvention/#python](http://sideeffect.kr/popularconvention/#python)

------
ilaksh
Does this defeat SSL or SSH?

~~~
posnet
There is a tool, SSL strip that removes SSL from the target machines https
request dynamically. While not breaking SSL it is effective on a non observant
user. [https://github.com/moxie0/sslstrip](https://github.com/moxie0/sslstrip)

------
NicoJuicy
inject a javascript that intercepts the form submit action. Send it to another
server, don't stop the event.

You have all passwords now ^^

------
lifeonedge99
any penetration testing companies after you yet? you have some amazing
potential! fantastic work.

~~~
flingtriangle
I wish! That's the dream job.

------
zoltar92
hahaha aawesome! :P

