It's a facet of using an Unsigned Java Applet. If you swap that out with an exploit that your target browser is vulnerable to you can avoid that message.
This is really cool! Subterfuge and armitage are both great tools. But a integration with the beef framework would be awesome. Would like to know what you guys thinks about that.
You can already inject beef hooks with Subterfuge. The integration isn't quite as seamless as with Armitage though. Use the custom injection option, paste in the beef hook, and and Subterfuge should see to it that you've hooked victim browsers on every page they navigate to.
You are probably not running the latest version of Subterfuge. Run subterfuge --version. Make sure it is version 5.0.8; if it is not update Subterfuge from the settings page. You're probably missing the incremental update that added that feature: 5.0.7. Cheers!
Nice video Matthew, but I have a problem with my browsers. I dont know if they're the same version as yours, but IE and Chrome shows a message about risks of a unknow .jar (our exploit). With this message the victim will know what is going on...
Hi Matthew, I love subterfuge, the next best thing after ettercap. I do have a problem with armitage. I setup everything almost the same as you. I setup 2 computers instead of the Virtual box. My armitage kept saying, "java_signed_applet - Sending SiteLoader.jar. Waiting for user to click 'accept'..." or "java_signed_applet - Handling request." I didn't catch any computers at all. Please Help.
I tried this and when I used my ip in virtual box, it gave me 10.0.2.15 which not the kind that you had. What settings did you use to get this to work in your vm software?
great video. Looking forward trying that out here when i get home.
It's a facet of using an Unsigned Java Applet. If you swap that out with an exploit that your target browser is vulnerable to you can avoid that message.
In virtual box your VM is using NAT. Look up how to switch it into bridged mode. That should solve your issue.
This is really cool! Subterfuge and armitage are both great tools. But a integration with the beef framework would be awesome. Would like to know what you guys thinks about that.
You can already inject beef hooks with Subterfuge. The integration isn't quite as seamless as with Armitage though. Use the custom injection option, paste in the beef hook, and and Subterfuge should see to it that you've hooked victim browsers on every page they navigate to.
Amazing technology :) Gonna test this on my vm's :)
You are probably not running the latest version of Subterfuge. Run subterfuge --version. Make sure it is version 5.0.8; if it is not update Subterfuge from the settings page. You're probably missing the incremental update that added that feature: 5.0.7.
Cheers!
Don't we all love free wifi hotspots? ;)
"Honest Pete's Free Internet"
Nice video Matthew, but I have a problem with my browsers. I dont know if they're the same version as yours, but IE and Chrome shows a message about risks of a unknow .jar (our exploit). With this message the victim will know what is going on...
Hi Matthew, I love subterfuge, the next best thing after ettercap. I do have a problem with armitage. I setup everything almost the same as you. I setup 2 computers instead of the Virtual box. My armitage kept saying, "java_signed_applet - Sending SiteLoader.jar. Waiting for user to click 'accept'..." or "java_signed_applet - Handling request." I didn't catch any computers at all. Please Help.
I tried this and when I used my ip in virtual box, it gave me 10.0.2.15 which not the kind that you had. What settings did you use to get this to work in your vm software?
i forgot how to run subterfuge on my desktop from my laptop plz someone help me me with the command for kali linux
thank yu kid
OH EM GEE