Skip to content
/ mmt-attacker Public

Simulate and generate attack based on an attack traffic trace file or by executing a script

1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Montimage/mmt-attacker

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

22 Commits
src
src
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
requirements.txt
requirements.txt
 
 
slowloris_dos.sh
slowloris_dos.sh
 
 
ssh_brute_force.sh
ssh_brute_force.sh
 
 

Repository files navigation

mmt-attacker

Generate attack traffics from a pcap file or by executing a script to a specific target

Install

Install some dependencies

sudo apt-get install build-essential python-dev tcpreplay
pip3.10 install -r requirements.txt
pip3.10 install netifaces
pip3.10 install paramiko
pip3.10 install mechanize

Config

Set permission for tcpreplay to access to the interface:

sudo setcap cap_net_raw=eip /usr/bin/tcprelay-edit

Commands

cd mmt-attacker/
python  src/mmt-attack.py <attack_id> <argument-01> <argument-02> <argument-03>

Execute a real attack

SSH brute force attack

python3.8  src/mmt_attack.py ssh-bruteforce-attack 212.101.173.11 22 montimage "mmtbox","mmt2nm","montimage"

SQL Injection attack

python3.10  src/mmt_attack.py sql-injection-attack https://www.montimage.com/contact data[name]
python3.10  src/mmt_attack.py sql-injection-attack https://www.montimage.com/contact data[name] \"\; DROP TABLE USERS\"

Slowloris attack

python3.10 src/mmt_attack.py slowloris 217.70.184.55 -p 80 -s 100

Simulate an attack based on a pcap file

python3.10  src/mmt_attack.py [attack_id] [target_ip_or_hostname]

List available attack-ids:

51-ping-of-death
20-icmp-redirect-flood
23-ip-frag-opverlapping
45-tcp-maimon-scan
27-udp-scan
28-xmas-scan
33-trojan
38-wanna-cry

For example, to execute the Ping of Dead attack:

python3.10 src/mmt_attack.py 51-ping-of-death 8.8.8.8

Add a new attack

Open and modify the src/attacks.json file with the required informations: For a pcap based attack

  {
    "attackId":"pcap-attack-71", # Unique ID to identify the attack
    "attackName":"HTTP version is not correct", # Name of the attack - can be use to show on a dropdown menu
    "description":"Detect a request which has a HTTP version is not normal", # Description of the attack - describe what is the attack about, etc...
    "attackType": "pcap", # Type of the attack - support: pcap - attack based on a pcap file, script - attack by executing a script
    "pcapFileName":  "71.http_version.pcap", # pcap file name which contains the attack -> the pcap file must be placed in location: src/pcaps/
    "destIP": "192.168.56.1", # The destination of the attack (target IP) in the original pcap file (can be found by using Wireshark - or MMT security)
    "destPort": 80 # The target port of original pcap file
  }

For a script based attack

{
    "attackId":"script-attack-01",
    "attackName":"SSH BruteForce Attack",
    "description":"SSH BruteForce Attack",
    "attackType": "script",
    "scriptFileName":  "ssh-brute-force.py", # The script that will be execute to generate the attack - must be placed in location: src/scripts/
    "exeApp": "python3.10" # The execute application to launch the attack, depends on the script: python, node, or sh (shell),
    "extraParametersHelper": "<targetIP> <targetPort> <username> <password1[,password2,password3]>" # the helper to show to guide user how to use this attack
  }

License

Montimage License

[email protected]

About

Simulate and generate attack based on an attack traffic trace file or by executing a script

Resources

Readme
Activity
Custom properties

Stars

1 star

Watchers

6 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages