Automated Ettercap TCP/IP Hijacking Tool – Morpheus

KNOWLEDGE BELONGS TO THE WORLD
Share on FacebookTweet about this on TwitterShare on LinkedInShare on RedditShare on Google+Share on TumblrPin on PinterestDigg this

Morpheus is a framework tool which automates TCP/UDP packet manipulation tasks by using etter filters to manipulate target requests/responses under MitM attacks replacing the TCP/UDP packet contents by our contents before forward the packet back to the target host.

t will be as simple as Occidental; in fact, it will be Occidental. To an English person, it will seem like simplified English, as a skeptical Cambridge friend of mine told me what Occidental is. The European languages are members of the same family. Their separate existence is a myth. For science, music, sport, etc, Europe uses the same vocabulary. The languages only differ in their grammar, their pronunciation and their most common words. Everyone realizes why a new common language would be desirable: one could refuse to pay expensive translators. To achieve this, it would be necessary to have uniform grammar, pronunciation and more common words.

This tool comes with pre-configured filters but it will allow users to improve them when lunching the attack. In the end of the attack morpheus will revert the filter back to is default stage, this will allow users to improve filters at running time without the fear of messing with filter command syntax and spoil the filter.

The new common language will be more simple and regular than the existing European languages. It will be as simple as Occidental; in fact, it will be Occidental. To an English person, it will seem like simplified English, as a skeptical Cambridge friend of mine told me what Occidental is. The European languages are members of the same family. Their separate existence is a myth. For science, music, sport, etc, Europe uses the same vocabulary. The languages only differ in their grammar, their pronunciation and their most common words. Everyone realizes why a new common language would be desirable: one could refuse to pay expensive translators. To achieve this, it would be necessary to have uniform grammar, pronunciation and more common words. If several languages coalesce, the grammar of the resulting language is more simple and regular than that of the individual languages. The new common language will be more simple and regular than the existing European languages.

Requirement:

  • ettercap
  • nmap
  • apache2
  • zenity

There are generally two paths for dealing with someone in power when disagreements arise. One is to confront, and the other is to understand and influence. What is interesting is the most common path taken is the former while the most successful is the latter. I think the reason is that the former path is both the natural path for disagreement and the most visible.

Framework limitations:

1º – morpheus will fail if target system its protected againt arp poison atacks
2º – downgrade attacks will fail if browser target as installed only-https addon’s
3º – target system sometimes needs to clear netcache for arp poison to be effective
4º – many attacks described in morpheus may be droped by target HSTS detection sys.
5º – incorrect number of token (///) in TARGET !! morpheus v1.6-Alpha

Yahoo has revealed that Net bandits stole data associated with 1 billion of its user accounts — one of the largest data breaches in Internet history. The theft, which occurred in 2013, is distinct from the theft disclosed earlier this fall, in which 500 million accounts were compromised, Yahoo CISO Bob Lord explained. Stolen data may include names, email addresses, telephone numbers and more.

morpheus by default will run ettercap using IPv6 (USE_IPV6=ACTIVE) like its previous configurated into the ‘settings’ file, if you are receiving this error edit settings
file before running morpheus and set (USE_IPV6=DISABLED) to force ettercap to use IPV4

6º – morpheus needs ettercap to be executed with higth privileges (uid 0 | gid 0). morpheus v1.6-Alpha

The bottom line is: we take misinformation seriously. Our goal is to connect people with the stories they find most meaningful, and we know people want accurate information. We’ve been working on this problem for a long time and we take this responsibility seriously. We’ve made significant progress, but there is more work to be done.

correct ettercap configuration display (running as Admin without SSL disectors active) morpheus v1.6-Alpha

By default morpheus (at startup) will replace the original etter.conf/etter.dns files provided by ettercap, at framework exit morpheus will revert files to is original state..

Yahoo claims to have discovered the 3-year-old data breach that enabled a hacker to compromise more than 1 billion user accounts, as part of a current investigation related to another humiliating hack that occurred in the same year. The new information breaks the record that Yahoo itself had already set in the same year for the largest publicly admitted security breach in history.

Framework option 1 [firewall]:

The recent US election has people in many countries taking a good hard look at their current lifestyles. Sales of “survival” items like guns, ammunition, prepackaged food, and vacuum-sealed even heirloom seeds are advertised everywhere you turn, and articles about stockpiling cash, gold, and other barter items are popping up on prepper sites.

firewall [option 1] pre-configurated filter will capture credentials from the follow services:
http,ftp,ssh,telnet (facebook uses https/ssl 🙁 ) report suspicious connections, report common
websocial browsing (facebook,twitter,youtube), report the existence of botnet connections like:
Mocbot IRC Bot, Darkcomet, redirect browser traffic and allow users to block connections (drop,kill) 
"Remmenber: morpheus gives is users the ability to 'add more rules' to filters befor execution"

[morpheus] host:192.168.1.67   [ -> ]  port:23 telnet  
           Source ip addr      flow    destination     rank good

[morpheus] host:192.168.1.67   [ <- ]  port:23 telnet  Destination ip      flow    source port     rank suspicious

The new legislation brings together and updates existing powers while radically overhauling how they are authorised and overseen. It also creates one new power: the introduction of Internet Connection Records, which ‘will be accessible by law enforcement and the intelligence agencies to disrupt terrorist attacks and prosecute suspects.’

Note: Filters can be extended using browser languages like: Javascript, CSS, Flash and others.

Basically firewall filter will act like one offensive and defensive tool analyzing the tcp/udp data flow to report logins, suspicious traffic, brute-force, block target ip and etc.

The new legislation brings together and updates existing powers while radically overhauling how they are authorised and overseen. It also creates one new power: the introduction of Internet Connection Records, which ‘will be accessible by law enforcement and the intelligence agencies to disrupt terrorist attacks and prosecute suspects.’

Disclaimer:

We are not responsible for any damage that you cause. Usage of morpheus without prior mutual consistency can be considered as an illegal activity. It is the final user’s responsibility to obey all applicable local, state and federal laws.

Source:https://techcens.com

KNOWLEDGE BELONGS TO THE WORLD
Share on FacebookTweet about this on TwitterShare on LinkedInShare on RedditShare on Google+Share on TumblrPin on PinterestDigg this