princexilo / subterfuge Goto Github PK

What steps will reproduce the problem?
1. configuring the interfaces
2.
3.

What is the expected output? What do you see instead?
sh-3.2# subterfuge
Validating models...

0 errors found
Django version 1.3.1, using settings 'subterfuge.settings'
Development server is running at http://127.0.0.1:80/
Quit the server with CONTROL-C.
ls: /sys/class/net/: No such file or directory
usage: route [-dnqtv] command [[modifiers] args]
No default gateway present


What version of the product are you using? On what operating system?
mac os x lion

Please provide any additional information below.

[deleted issue]

What steps will reproduce the problem?
1. Get code injection module to work without breaking sslstrip
2.
3.

What is the expected output? What do you see instead?
Functioning Code Injection Module

Please use labels and text to provide additional information.

What steps will reproduce the problem?
1. Ensure definitions include mobile site versions of field names
2. Ensure that credentials will be harvested when using mobile devices

What is the expected output? What do you see instead?
-Mobile Device Support in the Credential Harvesting Module

What steps will reproduce the problem?
1. Write a python version of arpspoof to avoid dependency issues
2. Write custom version which thwarts cisco DAI (Dynamic Arp Inspection)
3.

What is the expected output? What do you see instead?
Much better functionality

Please use labels and text to provide additional information.

What steps will reproduce the problem?
1. When subterfuge is already started and you go to the settings page, the 
button says start instead of stop
2.
3.

What is the expected output? What do you see instead?


Please use labels and text to provide additional information.

What steps will reproduce the problem?
1. rewrite gateway auto-detection code to reliably grab the gateway, not just 
guess
2.
3.

What is the expected output? What do you see instead?
more reliable gateway detection

Please use labels and text to provide additional information.

What steps will reproduce the problem?
1. Create module for a fake DHCP Server
2. Will drop all dhcp packets not sent from itself
3. Will respond to DHCP requests with subterfuge as the gateway
4. ip addresses will count down to avoid confliction
5. possibly join with DNS Spoofing module - add subterfuge as the DNS server

What is the expected output? What do you see instead?
DHCP Module - another MITM attach vector

Please use labels and text to provide additional information.

What steps will reproduce the problem?
1. Ability to use custom certs
2.
3.

What is the expected output? What do you see instead?


Please use labels and text to provide additional information.

What steps will reproduce the problem?
1. Get lock favicon.ico to properly be injected
2.
3.

What is the expected output? What do you see instead?
A lock will appear in the url bar even though it is not https

Please use labels and text to provide additional information.

[deleted issue]

What steps will reproduce the problem?
1. Can not change to any interface e.g. wlan0. Always reverts back to default 
eth0.

What version of the product are you using? On what operating system?

BT5r2

Please provide any additional information below.

Environment:


Request Method: GET
Request URL: http://127.0.0.1/config/settings/

Django Version: 1.3.1
Python Version: 2.6.5
Installed Applications:
['django.contrib.auth',
 'django.contrib.contenttypes',
 'django.contrib.sessions',
 'django.contrib.sites',
 'django.contrib.messages',
 'django.contrib.staticfiles',
 'subterfuge.main',
 'subterfuge.cease',
 'subterfuge.modules']
Installed Middleware:
('django.middleware.common.CommonMiddleware',
 'django.contrib.sessions.middleware.SessionMiddleware',
 'django.contrib.auth.middleware.AuthenticationMiddleware',
 'django.contrib.messages.middleware.MessageMiddleware')


Traceback:
File "/usr/local/lib/python2.6/dist-packages/django/core/handlers/base.py" in 
get_response
  111.                         response = callback(request, *callback_args, **callback_kwargs)
File "/usr/share/subterfuge/main/views.py" in conf
  196.       conf[15] = request.POST["iface"] + "\n"
File "/usr/local/lib/python2.6/dist-packages/django/utils/datastructures.py" in 
__getitem__
  256.             raise MultiValueDictKeyError("Key %r not found in %r" % (key, self))

Exception Type: MultiValueDictKeyError at /config/settings/
Exception Value: "Key 'iface' not found in <QueryDict: {}>"

What steps will reproduce the problem?
1. Hijack Sessions 
2.
3.

What is the expected output? What do you see instead?


Please use labels and text to provide additional information.

What steps will reproduce the problem?
1. On small screens, the GUI for the modules page doesn't format correctly
2.
3.

What is the expected output? What do you see instead?
Fully functional GUI no matter what the size of the screen

Please use labels and text to provide additional information.

For more automation and convenience the MITM collected traffic should be 
analyzed in real time using a tool like p0f v3 or Ntop, to collect hostnames, 
IP addresses, User Agent strings, etc. The captured traffic should also be 
optionally saved to a Pcap file for later in-depth analysis via Wireshark, 
NetworkMiner, etc.

What steps will reproduce the problem?
1. Fix auto-configure functionality
2. Ignore all instances of lo interface
3. Ensure lo interface is NOT an option for the auto-configure to choose from!

What is the expected output? What do you see instead?
More functional and better working auto-configure

Please use labels and text to provide additional information.

What steps will reproduce the problem?
1. create a svn repo with the username and password field definitions file
2. Add update link/button in settings page of subterfuge GUI
3.

What is the expected output? What do you see instead?
update functionality

Please use labels and text to provide additional information.

What steps will reproduce the problem?
1. IPtables / Firewall front end module
2. Ability to block ports, transparently proxy, block ip addresses, etc
3.

What is the expected output? What do you see instead?


Please use labels and text to provide additional information.

What steps will reproduce the problem?
1. Arp Scan, nmap scan
2. Visual Representation of the Network
3.

What is the expected output? What do you see instead?


Please use labels and text to provide additional information.

What steps will reproduce the problem?
1. install subterfuge
2. just type this. "subterfuge -s localhost:8080"



What is the expected output? What do you see instead?
------------------------------------------------------
root@bt:~# subterfuge -s "localhost:8080"
Validating models...

0 errors found
Django version 1.3.1, using settings 'subterfuge.settings'
Development server is running at http://localhost:8080/
Quit the server with CONTROL-C.
------------------------------------------------------
root@bt:~# subterfuge -s "localhost:8080"
Validating models...

0 errors found
Django version 1.3.1, using settings 'subterfuge.settings'
Development server is running at http://127.0.0.1:80/
Quit the server with CONTROL-C.
------------------------------------------------------



Please provide any additional information below.
- Please see attachment. 

What steps will reproduce the problem?
1. sudo subterfuge
2.
3.

What is the expected output? What do you see instead?
Under Settings, it should display eth0 and eth1. Only eth0 is shown.

What version of the product are you using? On what operating system?
2.0 Public Beta. Ubuntu 12.04

Please provide any additional information below.
1.1 PB displays both interface.

What steps will reproduce the problem?
1. Organize, clean, make better
2.
3.

What is the expected output? What do you see instead?
Nice, clean, understandable config file

Please use labels and text to provide additional information.

What steps will reproduce the problem?
1. Make the current presentation more in-depth
2. Write a topic sentence for each category in the outline

What is the expected output? What do you see instead?
--A product worthy of being handed in

[deleted issue]

What steps will reproduce the problem?
1. Fix array out of bounds error if no arguments are passed - just resort to a 
predetermined default action
2. print help menu possibly
3. etc.

What is the expected output? What do you see instead?
--Make it more intuitive

What steps will reproduce the problem?
1. Allow injection and customization of html
2. replace all image tags, replace title tag, replace all links, etc.
3.

What is the expected output? What do you see instead?


Please use labels and text to provide additional information.

What steps will reproduce the problem?
1. race condition module
2.
3.

What is the expected output? What do you see instead?


Please use labels and text to provide additional information.

What steps will reproduce the problem?
1. Optimize arp poisoning process
2. Ensure new clients are poisoned quickly
3. Prevent an ARP DOS from happening!

What is the expected output? What do you see instead?
A completely revamped arpmitm tool. 1.1 release is not stable.

Please use labels and text to provide additional information.

What steps will reproduce the problem?
1. Create Mac OS X application

What is the expected output? What do you see instead?
-Subterfuge running natively on Mac OS X

What steps will reproduce the problem?
1. Insert the necessary code to make the check box actually change the config 
file
2.
3.

What is the expected output? What do you see instead?
--Working check box for autoconfigure in the settings page

Rework client detection mechanism to better support stateless protocol.

What steps will reproduce the problem?
1. Started subterfuge on a VM 
2. Click on start - auto configured
3.

What is the expected output? What do you see instead?
Ability to still surf, lost all connection to everything on my network

What version of the product are you using? On what operating system?
Public Beta 1.1

Please provide any additional information below.

New install of Ubuntu

What steps will reproduce the problem?
1. Change all of the instances of the name of Singularity in the code to 
Subterfuge
2. Change Wallpaper
3. Change All Occurrences on the Webpage (bar, etc.)

What is the expected output? What do you see instead?
--No change in functionality, just change the name with no regression

What steps will reproduce the problem?
1. Determine mac address of gateway in windows
2.
3.

What is the expected output? What do you see instead?


Please use labels and text to provide additional information.

What steps will reproduce the problem?
1. Write Wireless AP Suite
2. Research best tools to accomplish this
3. Incorporate as a module

What is the expected output? What do you see instead?
Functioning Wireless AP Suite capable of creating a wireless AP

Please use labels and text to provide additional information.

What steps will reproduce the problem?
1. Evilgrade Exploitation Module
2.
3.

What is the expected output? What do you see instead?


Please use labels and text to provide additional information.

I suggest exposing detailed attack info in subterfuge web UI, such as:
- ARP spoofed hosts
- Networking configuration
- Tools in use and loaded plugins
- Error messages 

This is a feature request not a bug report.
SSLStrip has a "-k" switch to kill active sessions in order to force connected 
users to reconnect and therefore collect there credentials. I suggest 
implementing this as an option in Subterfuge. 

What steps will reproduce the problem?
1. Arp DOS capability
2. Poison a specific host(s) with a route to nowhere
3.

What is the expected output? What do you see instead?


Please use labels and text to provide additional information.

What steps will reproduce the problem?
1. Create Windows Version of Subterfuge
2.
3.

What is the expected output? What do you see instead?
Windows Version of Subterfuge

Please use labels and text to provide additional information.

What steps will reproduce the problem?
1. Open a browser on the attacker machine which replays what the victims are 
requesting
2. Display the webpages that a victim is viewing live to a local browser

What is the expected output? What do you see instead?
View what a victim is viewing

What steps will reproduce the problem?
1. Detect if the installer is not being run as root and display an error message
2.
3.

What is the expected output? What do you see instead?


Please use labels and text to provide additional information.

What steps will reproduce the problem?
1. Add Cain HTTP Post username fields to definitions
2. Add Cain HTTP Post password fields to definitions
3. Complete regression testing

What is the expected output? What do you see instead?
Better definitions for better effectiveness

Please use labels and text to provide additional information.

What steps will reproduce the problem?
1. Write python program which blocks VPNs, SSH, etc.
2. Block Standard VPN protocols (CISCO, PPTP, OPEN, L2TP, etc.) on standard 
ports using iptables
3. Block SSH on standard port using iptables

What is the expected output? What do you see instead?
New Tunnel Blocking Module

Please use labels and text to provide additional information.

What steps will reproduce the problem?
1. interferes and breaks server-client architecture
2.
3.

What is the expected output? What do you see instead?


Please use labels and text to provide additional information.

What steps will reproduce the problem?
1. Create ability to build modules
2. plugin framework
3.

What is the expected output? What do you see instead?


Please use labels and text to provide additional information.

What steps will reproduce the problem?
1. Add ability to export stored data / credentials
2. Probably an xml format
3.

What is the expected output? What do you see instead?
Ability to export stored data / credentials

Please use labels and text to provide additional information.

What steps will reproduce the problem?
1. Package everything up for a public beta release
2. Fix and test installer
3.

What is the expected output? What do you see instead?
Fully functional beta with working installer

Please use labels and text to provide additional information.

What steps will reproduce the problem?
1. Add try/except to sslstrip in reactor when reactor.run() is called
2. Hide SSLStrip error messages from displaying in the terminal

What is the expected output? What do you see instead?
-Might increase performance and speed of sslstrip
-Could decrease wait time while sslstrip downgrades a page with secure links

What steps will reproduce the problem?
1. Figure out how to add screenshots 
2.
3.

What is the expected output? What do you see instead?
Screenshots

Please use labels and text to provide additional information.