princexilo / subterfuge Goto Github PK
View Code? Open in Web Editor NEWAutomatically exported from code.google.com/p/subterfuge
License: GNU General Public License v3.0
Automatically exported from code.google.com/p/subterfuge
License: GNU General Public License v3.0
What steps will reproduce the problem?
1. configuring the interfaces
2.
3.
What is the expected output? What do you see instead?
sh-3.2# subterfuge
Validating models...
0 errors found
Django version 1.3.1, using settings 'subterfuge.settings'
Development server is running at http://127.0.0.1:80/
Quit the server with CONTROL-C.
ls: /sys/class/net/: No such file or directory
usage: route [-dnqtv] command [[modifiers] args]
No default gateway present
What version of the product are you using? On what operating system?
mac os x lion
Please provide any additional information below.
Original issue reported on code.google.com by [email protected]
on 5 May 2012 at 11:53
[deleted issue]
What steps will reproduce the problem?
1. Get code injection module to work without breaking sslstrip
2.
3.
What is the expected output? What do you see instead?
Functioning Code Injection Module
Please use labels and text to provide additional information.
Original issue reported on code.google.com by [email protected]
on 6 Apr 2012 at 8:48
What steps will reproduce the problem?
1. Ensure definitions include mobile site versions of field names
2. Ensure that credentials will be harvested when using mobile devices
What is the expected output? What do you see instead?
-Mobile Device Support in the Credential Harvesting Module
Original issue reported on code.google.com by [email protected]
on 7 May 2012 at 9:37
What steps will reproduce the problem?
1. Write a python version of arpspoof to avoid dependency issues
2. Write custom version which thwarts cisco DAI (Dynamic Arp Inspection)
3.
What is the expected output? What do you see instead?
Much better functionality
Please use labels and text to provide additional information.
Original issue reported on code.google.com by [email protected]
on 2 Apr 2012 at 4:42
What steps will reproduce the problem?
1. When subterfuge is already started and you go to the settings page, the
button says start instead of stop
2.
3.
What is the expected output? What do you see instead?
Please use labels and text to provide additional information.
Original issue reported on code.google.com by [email protected]
on 29 Apr 2012 at 3:42
What steps will reproduce the problem?
1. rewrite gateway auto-detection code to reliably grab the gateway, not just
guess
2.
3.
What is the expected output? What do you see instead?
more reliable gateway detection
Please use labels and text to provide additional information.
Original issue reported on code.google.com by [email protected]
on 2 Apr 2012 at 4:40
What steps will reproduce the problem?
1. Create module for a fake DHCP Server
2. Will drop all dhcp packets not sent from itself
3. Will respond to DHCP requests with subterfuge as the gateway
4. ip addresses will count down to avoid confliction
5. possibly join with DNS Spoofing module - add subterfuge as the DNS server
What is the expected output? What do you see instead?
DHCP Module - another MITM attach vector
Please use labels and text to provide additional information.
Original issue reported on code.google.com by [email protected]
on 7 Apr 2012 at 9:25
What steps will reproduce the problem?
1. Ability to use custom certs
2.
3.
What is the expected output? What do you see instead?
Please use labels and text to provide additional information.
Original issue reported on code.google.com by [email protected]
on 29 Apr 2012 at 4:22
What steps will reproduce the problem?
1. Get lock favicon.ico to properly be injected
2.
3.
What is the expected output? What do you see instead?
A lock will appear in the url bar even though it is not https
Please use labels and text to provide additional information.
Original issue reported on code.google.com by [email protected]
on 26 Apr 2012 at 7:59
[deleted issue]
What steps will reproduce the problem?
1. Can not change to any interface e.g. wlan0. Always reverts back to default
eth0.
What version of the product are you using? On what operating system?
BT5r2
Please provide any additional information below.
Environment:
Request Method: GET
Request URL: http://127.0.0.1/config/settings/
Django Version: 1.3.1
Python Version: 2.6.5
Installed Applications:
['django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.sites',
'django.contrib.messages',
'django.contrib.staticfiles',
'subterfuge.main',
'subterfuge.cease',
'subterfuge.modules']
Installed Middleware:
('django.middleware.common.CommonMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware')
Traceback:
File "/usr/local/lib/python2.6/dist-packages/django/core/handlers/base.py" in
get_response
111. response = callback(request, *callback_args, **callback_kwargs)
File "/usr/share/subterfuge/main/views.py" in conf
196. conf[15] = request.POST["iface"] + "\n"
File "/usr/local/lib/python2.6/dist-packages/django/utils/datastructures.py" in
__getitem__
256. raise MultiValueDictKeyError("Key %r not found in %r" % (key, self))
Exception Type: MultiValueDictKeyError at /config/settings/
Exception Value: "Key 'iface' not found in <QueryDict: {}>"
Original issue reported on code.google.com by [email protected]
on 8 Jul 2012 at 6:54
What steps will reproduce the problem?
1. Hijack Sessions
2.
3.
What is the expected output? What do you see instead?
Please use labels and text to provide additional information.
Original issue reported on code.google.com by [email protected]
on 29 Apr 2012 at 4:19
What steps will reproduce the problem?
1. On small screens, the GUI for the modules page doesn't format correctly
2.
3.
What is the expected output? What do you see instead?
Fully functional GUI no matter what the size of the screen
Please use labels and text to provide additional information.
Original issue reported on code.google.com by [email protected]
on 11 Apr 2012 at 1:14
For more automation and convenience the MITM collected traffic should be
analyzed in real time using a tool like p0f v3 or Ntop, to collect hostnames,
IP addresses, User Agent strings, etc. The captured traffic should also be
optionally saved to a Pcap file for later in-depth analysis via Wireshark,
NetworkMiner, etc.
Original issue reported on code.google.com by [email protected]
on 6 May 2012 at 2:13
What steps will reproduce the problem?
1. Fix auto-configure functionality
2. Ignore all instances of lo interface
3. Ensure lo interface is NOT an option for the auto-configure to choose from!
What is the expected output? What do you see instead?
More functional and better working auto-configure
Please use labels and text to provide additional information.
Original issue reported on code.google.com by [email protected]
on 7 Apr 2012 at 9:28
What steps will reproduce the problem?
1. create a svn repo with the username and password field definitions file
2. Add update link/button in settings page of subterfuge GUI
3.
What is the expected output? What do you see instead?
update functionality
Please use labels and text to provide additional information.
Original issue reported on code.google.com by [email protected]
on 2 Apr 2012 at 4:50
What steps will reproduce the problem?
1. IPtables / Firewall front end module
2. Ability to block ports, transparently proxy, block ip addresses, etc
3.
What is the expected output? What do you see instead?
Please use labels and text to provide additional information.
Original issue reported on code.google.com by [email protected]
on 28 Apr 2012 at 7:28
What steps will reproduce the problem?
1. Arp Scan, nmap scan
2. Visual Representation of the Network
3.
What is the expected output? What do you see instead?
Please use labels and text to provide additional information.
Original issue reported on code.google.com by [email protected]
on 29 Apr 2012 at 4:21
What steps will reproduce the problem?
1. install subterfuge
2. just type this. "subterfuge -s localhost:8080"
What is the expected output? What do you see instead?
------------------------------------------------------
root@bt:~# subterfuge -s "localhost:8080"
Validating models...
0 errors found
Django version 1.3.1, using settings 'subterfuge.settings'
Development server is running at http://localhost:8080/
Quit the server with CONTROL-C.
------------------------------------------------------
root@bt:~# subterfuge -s "localhost:8080"
Validating models...
0 errors found
Django version 1.3.1, using settings 'subterfuge.settings'
Development server is running at http://127.0.0.1:80/
Quit the server with CONTROL-C.
------------------------------------------------------
Please provide any additional information below.
- Please see attachment.
Original issue reported on code.google.com by [email protected]
on 1 May 2012 at 11:07
Attachments:
What steps will reproduce the problem?
1. sudo subterfuge
2.
3.
What is the expected output? What do you see instead?
Under Settings, it should display eth0 and eth1. Only eth0 is shown.
What version of the product are you using? On what operating system?
2.0 Public Beta. Ubuntu 12.04
Please provide any additional information below.
1.1 PB displays both interface.
Original issue reported on code.google.com by [email protected]
on 9 May 2012 at 1:24
What steps will reproduce the problem?
1. Organize, clean, make better
2.
3.
What is the expected output? What do you see instead?
Nice, clean, understandable config file
Please use labels and text to provide additional information.
Original issue reported on code.google.com by [email protected]
on 26 Apr 2012 at 10:51
What steps will reproduce the problem?
1. Make the current presentation more in-depth
2. Write a topic sentence for each category in the outline
What is the expected output? What do you see instead?
--A product worthy of being handed in
Original issue reported on code.google.com by [email protected]
on 15 Mar 2012 at 5:20
[deleted issue]
What steps will reproduce the problem?
1. Fix array out of bounds error if no arguments are passed - just resort to a
predetermined default action
2. print help menu possibly
3. etc.
What is the expected output? What do you see instead?
--Make it more intuitive
Original issue reported on code.google.com by [email protected]
on 15 Mar 2012 at 5:09
What steps will reproduce the problem?
1. Allow injection and customization of html
2. replace all image tags, replace title tag, replace all links, etc.
3.
What is the expected output? What do you see instead?
Please use labels and text to provide additional information.
Original issue reported on code.google.com by [email protected]
on 28 Apr 2012 at 7:25
What steps will reproduce the problem?
1. race condition module
2.
3.
What is the expected output? What do you see instead?
Please use labels and text to provide additional information.
Original issue reported on code.google.com by [email protected]
on 29 Apr 2012 at 4:19
What steps will reproduce the problem?
1. Optimize arp poisoning process
2. Ensure new clients are poisoned quickly
3. Prevent an ARP DOS from happening!
What is the expected output? What do you see instead?
A completely revamped arpmitm tool. 1.1 release is not stable.
Please use labels and text to provide additional information.
Original issue reported on code.google.com by [email protected]
on 30 Apr 2012 at 4:05
What steps will reproduce the problem?
1. Create Mac OS X application
What is the expected output? What do you see instead?
-Subterfuge running natively on Mac OS X
Original issue reported on code.google.com by [email protected]
on 8 May 2012 at 9:57
What steps will reproduce the problem?
1. Insert the necessary code to make the check box actually change the config
file
2.
3.
What is the expected output? What do you see instead?
--Working check box for autoconfigure in the settings page
Original issue reported on code.google.com by [email protected]
on 15 Mar 2012 at 5:10
Rework client detection mechanism to better support stateless protocol.
Original issue reported on code.google.com by [email protected]
on 8 Jul 2012 at 12:30
What steps will reproduce the problem?
1. Started subterfuge on a VM
2. Click on start - auto configured
3.
What is the expected output? What do you see instead?
Ability to still surf, lost all connection to everything on my network
What version of the product are you using? On what operating system?
Public Beta 1.1
Please provide any additional information below.
New install of Ubuntu
Original issue reported on code.google.com by [email protected]
on 3 May 2012 at 5:03
What steps will reproduce the problem?
1. Change all of the instances of the name of Singularity in the code to
Subterfuge
2. Change Wallpaper
3. Change All Occurrences on the Webpage (bar, etc.)
What is the expected output? What do you see instead?
--No change in functionality, just change the name with no regression
Original issue reported on code.google.com by [email protected]
on 15 Mar 2012 at 4:59
What steps will reproduce the problem?
1. Determine mac address of gateway in windows
2.
3.
What is the expected output? What do you see instead?
Please use labels and text to provide additional information.
Original issue reported on code.google.com by [email protected]
on 28 Apr 2012 at 7:30
What steps will reproduce the problem?
1. Write Wireless AP Suite
2. Research best tools to accomplish this
3. Incorporate as a module
What is the expected output? What do you see instead?
Functioning Wireless AP Suite capable of creating a wireless AP
Please use labels and text to provide additional information.
Original issue reported on code.google.com by [email protected]
on 6 Apr 2012 at 8:47
What steps will reproduce the problem?
1. Evilgrade Exploitation Module
2.
3.
What is the expected output? What do you see instead?
Please use labels and text to provide additional information.
Original issue reported on code.google.com by [email protected]
on 29 Apr 2012 at 4:20
I suggest exposing detailed attack info in subterfuge web UI, such as:
- ARP spoofed hosts
- Networking configuration
- Tools in use and loaded plugins
- Error messages
Original issue reported on code.google.com by [email protected]
on 6 May 2012 at 2:12
This is a feature request not a bug report.
SSLStrip has a "-k" switch to kill active sessions in order to force connected
users to reconnect and therefore collect there credentials. I suggest
implementing this as an option in Subterfuge.
Original issue reported on code.google.com by [email protected]
on 6 May 2012 at 2:02
What steps will reproduce the problem?
1. Arp DOS capability
2. Poison a specific host(s) with a route to nowhere
3.
What is the expected output? What do you see instead?
Please use labels and text to provide additional information.
Original issue reported on code.google.com by [email protected]
on 28 Apr 2012 at 7:27
What steps will reproduce the problem?
1. Create Windows Version of Subterfuge
2.
3.
What is the expected output? What do you see instead?
Windows Version of Subterfuge
Please use labels and text to provide additional information.
Original issue reported on code.google.com by [email protected]
on 7 Apr 2012 at 9:27
What steps will reproduce the problem?
1. Open a browser on the attacker machine which replays what the victims are
requesting
2. Display the webpages that a victim is viewing live to a local browser
What is the expected output? What do you see instead?
View what a victim is viewing
Original issue reported on code.google.com by [email protected]
on 18 May 2012 at 5:44
What steps will reproduce the problem?
1. Detect if the installer is not being run as root and display an error message
2.
3.
What is the expected output? What do you see instead?
Please use labels and text to provide additional information.
Original issue reported on code.google.com by [email protected]
on 7 Apr 2012 at 9:54
What steps will reproduce the problem?
1. Add Cain HTTP Post username fields to definitions
2. Add Cain HTTP Post password fields to definitions
3. Complete regression testing
What is the expected output? What do you see instead?
Better definitions for better effectiveness
Please use labels and text to provide additional information.
Original issue reported on code.google.com by [email protected]
on 29 Mar 2012 at 7:00
What steps will reproduce the problem?
1. Write python program which blocks VPNs, SSH, etc.
2. Block Standard VPN protocols (CISCO, PPTP, OPEN, L2TP, etc.) on standard
ports using iptables
3. Block SSH on standard port using iptables
What is the expected output? What do you see instead?
New Tunnel Blocking Module
Please use labels and text to provide additional information.
Original issue reported on code.google.com by [email protected]
on 7 Apr 2012 at 9:22
What steps will reproduce the problem?
1. interferes and breaks server-client architecture
2.
3.
What is the expected output? What do you see instead?
Please use labels and text to provide additional information.
Original issue reported on code.google.com by [email protected]
on 29 Apr 2012 at 4:12
What steps will reproduce the problem?
1. Create ability to build modules
2. plugin framework
3.
What is the expected output? What do you see instead?
Please use labels and text to provide additional information.
Original issue reported on code.google.com by [email protected]
on 29 Apr 2012 at 4:16
What steps will reproduce the problem?
1. Add ability to export stored data / credentials
2. Probably an xml format
3.
What is the expected output? What do you see instead?
Ability to export stored data / credentials
Please use labels and text to provide additional information.
Original issue reported on code.google.com by [email protected]
on 26 Apr 2012 at 4:41
What steps will reproduce the problem?
1. Package everything up for a public beta release
2. Fix and test installer
3.
What is the expected output? What do you see instead?
Fully functional beta with working installer
Please use labels and text to provide additional information.
Original issue reported on code.google.com by [email protected]
on 2 Apr 2012 at 4:38
What steps will reproduce the problem?
1. Add try/except to sslstrip in reactor when reactor.run() is called
2. Hide SSLStrip error messages from displaying in the terminal
What is the expected output? What do you see instead?
-Might increase performance and speed of sslstrip
-Could decrease wait time while sslstrip downgrades a page with secure links
Original issue reported on code.google.com by [email protected]
on 7 May 2012 at 9:34
What steps will reproduce the problem?
1. Figure out how to add screenshots
2.
3.
What is the expected output? What do you see instead?
Screenshots
Please use labels and text to provide additional information.
Original issue reported on code.google.com by [email protected]
on 2 Apr 2012 at 4:36
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.