Miner In The Middle
Author: Anthony Russell
Not for illegal use!
(unless you own the network or have permission from everyone on it, it's illegal)
Make sure to configure your config.json file before attempting to use the application.
You'll find a sample_config.json in this repo. You really only need two things in this config file.
ipConstraintfield, I would put
BONUS: if you have your own js file you'd rather inject into people instead of the minero.cc miner, then in the config file, put the path of your js file in the
You will first need to make sure that you have the required python dependencies
To install dependencies run:
----To launch a standard miner attack----
The standard network attack arp spoofs the network, then injects a miner into http responses.
To launch a standard miner injection attack run:
----To launch a custom js injection attack----
You only need to create the js file and modify the config.json file. The config.json property for customInjection should be the path to your custom js file
----To launch a popunder attack----
You'll need to configure a couple things for this.
First, the config file should have the attacker ip filled in as well as the palyoad name. This just needs to be a file that you're hosting on your attacking box.
For example, if I'm running an apache server at 192.168.1.10 and it's hosting the html file I want to display as my pop under and it's called test.html, then the attacker ip in the config file would be 192.168.1.10 and the payload name would be test.html
Also, please make sure to start your server :-)