Yamas Script
Information:
Yamas is a tool that aims at facilitating mitm attacks by automating the whole process from setting up ip forwarding and modifying iptables, to the ARP cache poisoning (either using ettercap or arpspoof). The traffic is stripped off ssl with the famous sslstrip 0.9. If any mitm script does that, Yamas has a unique and appreciated feature: it parses the logs as the attack keeps running, so that credentials are displayed just as they are sniffed. The parsing method is a home-made 100% pure bash script that -so far- never missed anything.
Tutorial how-to:
1. Boot into BackTrack 5 (or any Linux distro)
2. Download the yamas-arm script from: http://comax.fr/yamas/btarm/yamas.sh
***NOTE: For the desktop BackTrack yamas script, download: http://comax.fr/yamas/bt5/yamas.sh***
3. Right-click on the downloaded script and go to Properties > Permissions and check 'Allow Executing as a Program'
4. Double-click the script and select 'Run'
5. All the default setting should work, so just keep pressing 'Enter'
6. When the script is running, you'll see 2 new windows open, one of which is a window that says passwords. Whenever anyone connects to a website on the network that requires a username/password, as soon as they enter their information, their username and password will appear in the passwords window in plain text
7. When you're done sniffing, type '6', which will close the script and ask you if you want to save the sniffed passwords to a txt file.
Requirements:
1. A Linux Installation (Backtrack 5 recommended)
2. Internet Access
Download:
http://comax. fr/ yamas/ bt 5/ yamas.sh
Website:
http:// comax. fr/ yamas.php