Hello,
A rough demonstration on how to set up subterfuge for those who couldnt figure it out. It cannot get any more automated then this, i love the idea but i think the tool made it too easy. Its probably going to give birth to the largest undeserving bunch of sniffers. I dont like that idea. You may download the PDF version of this guide here.
sub·ter·fuge
/ˈsəbtərˌfyo͞oj/
Deceit used in order to achieve one’s goal.
A statement or action resorted to in order to deceive.
Lets Begin :
1) Download subterfuge here.
2) Direct yourselves to your download directory and type ls to locate subterfugepublicbeta4.3.tar.gz.
3) To unzip, type : tar -zxvf (file name)
4) Once unzipping is done, locate your subterfuge folder. Next type : cd subterfuge.
5) Lets see what they have to say, type : nano README.
6) Lets do what the README says and type : python setup.py install.
7) To do a graphical install, in subterfuge folder type : ./setup.py.
8) Choose full install with depencencies and pressed the install button.
9 ) To start subterfuge, type : subterfuge.
10) Load up your browser and direct yourselves to http://127.0.0.1:80.
11) The various plugins of subterfuge.
12) On the right hand corner, click on the start button.
13) Click Ok on the prompt and subterfuge will begin initialization.
14) Lets take a look at subterfuge terminal.
15) As you can see, everything is automated. It does your ip forwarding, arp poisoning, credential harvester, sslstrip.
16) I have no victims as i am on a company network alone on a Sunday. But if your network is busy, the vulnerable targets will start appearing on your web screen as shown below.
17) All neatly arranged in sections : source , username, password and date of activity.
Authors Note :
1) The author will not be responsible for your action.
2) You may download the PDF version of this guide here
3) This is for educational purposes only.
4) Do NOT harm the innocent.
“We see that substance addictions are only one specific form of blind attachment to harmful ways of being, yet we condemn the addict’s stubborn refusal to give up something deleterious to his life or to the life of others. Why do we despise, ostracize and punish the drug addict, when as a social collective, we share the same blindness and engage in the same rationalizations?”
― Dr.Gabor Maté, In the Realm of Hungry Ghosts: Close Encounters with Addiction
Installation Demonstration :
Defcon Demonstration
Contributed By
Un Prophete
nice job bro.
this mitm tool seems good enough to me to replace wireshark.
user fiendly interface.
Yes bro its very user-friendly, at times i feel too user friendly!
yeap lol
too friendly GUI.
bad habits
Great Tutorial,
Thx to Prophete!
Thank you bro
Is there a possibility to write with you more private than under an article dude?
But why? Everything was going so well….:(
I dont have any form of messenger but i do have an email which i rarely check.
But all that could change if you buy me a beer lol
Haha
I keep getting errors on the install. It says that it can’t find the path specified and that there are commands it can’t recognize. Help?
best part on subterfuge terminal during arp poisoning : ”192.168.x.x is asking where the router is. Remind them kindly who the router is…”
hahaha
Is this type of sniffing available in a wpa-enterprise network?
Personally i have not tested it out on a wpa enterprise network but in my opinion enterprise users should be safe. Though it is 100% possible to defeat and sniff past an enterprise network, i doubt subterfuge can pull off what wireshark barely did.
Just FYI. WPA authentication types and Layer 3 Network attacks (Like Subterfuge) are very different topics. There is no reason (barring some router specific protection) why Subterfuge would not work on a WPA Enterprise Network.
As i have said, i have not test it out on an enterprise network, Annoying. Should i have said yes? Then i would not have given you this opportunity to feel smart.
Try that shit on reddit.
[...] Network Sniffers : Automated credentials sniffing with Subterfuge. [...]
This is the Best Website i have known for Backtrack Tutorials. Thanks for posting your amazing Website. If you keep up with your Hardwork i will donate you 300 bucks! I will be waiting for another 2 months and will decide to donate
Firstly Thank you for your kind words on my blog.
Secondly do not try to lure me with money. I always post the best i can. If you wish to donate , i appreciate it. If you dont its ok.
But there is no need to say ” i will wait for 2 months and decide to donate”
If you have not decided then stop talking about it.
In all honestly i know you are full of shit and would not even spare 3 dollars.
But thanks for enjoying my blog.
Ok! You think i’m full of shit.
First and foremost you don’t even know how to respect others, so you don’t fit to my donation list. Goodbye! done with this Website
[...] the last time we had some fun was when i introduced you guys to a network sniffer call subterfuge, which made sniffing passwords too simple. But let me repeat that line, “Network” [...]
i tried to open subterfuge but look what i got :
root@bt:~/subterfuge# subterfuge
Traceback (most recent call last):
File “/bin/subterfuge”, line 6, in
from versioninfo import *
ImportError: No module named versioninfo
root@bt:~/subterfuge#