Current main features are :
- Real-time output of creds without definition files : any credential, from any website whould show up
- Log parsing for user-friendly output.
- Network mapping for host discovery.
- Can save dumped passwords to file as well as the whole log file.
- Support for multiple targets on the network, as well as adding targets after attack is launched.
- Sslstrip checking (existence, executable, directory, check version, update…)
- Standalone script, updatable, interactive (new !).
Basically its main advantage is that it produces credentials sniffed in real time, and doesn’t require ANY program to parse through the actual log file. It does everything on its own
. However, the biggest CON here is that the live output shows ONLY the password+account/email. It DOES NOT show to which websites are those credentials linked to. Which kind of loses the entire purpose of live output, but still makes it easier to search for the site in the actual log file. As of version 0.8 such a CON no longer exists. The script now shows live credentials PLUS the website for which these credentials are valid.
Official website: http://comax.pagesperso-orange.fr/info/#yamas
Actual script : http://comax.pagesperso-orange.fr/info/mitm/#axzz1NphSAxjw
Change log for v0.8:
- Tail-greping log file so we can be sure there is traffic being sniffed
- New parsing method from scratch : should be lighter, less CPU consuming, and most of all, outputs websites as well.
This should be tested though to ensure maximum reliability. PLease report back !
- More improvements.
As of version 0.8 this is by far the best credential sniffing script available to the general public. It has everything you would ever need.
Note: Doesn’t work on N900 as currently arpspoof isn’t available to Maemo.
UPDATED 5 June 2011/ version 0.8.3