Morpheus - automated ettercap TCP/IP Hijacking tool

Version release : v1.5-Alpha
Author : pedro ubuntu  [ r00t-3xp10it ]
Distros Supported : Linux Ubuntu, Kali, Mint, Parrot OS
Suspicious-Shell-Activity (SSA) RedTeam develop @2016

LEGAL DISCLAMER

The author does not hold any responsibility for the bad use
of this tool, remember that attacking targets without prior
consent is illegal and punished by law.

Framework description

morpheus.sh framework automates tcp/udp packet manipulation tasks by using
ettercap filters to manipulate target http requests under MitM attacks
replacing the http packet contents by our own contents befor sending the
packet back to the host that have request for it (tcp/ip hijacking).

work flow:
1º - arp poison local lan (mitm)
2º - target requests webpage from network (wan)
3º - attacker modifies webpage response (contents)
4º - modified packet its forward back to target host

"morpheus automates the above described steps in a easy-automated-user-friendly-interface"

What can we acomplish by using filters?

morpheus ships with a collection of etter filters writen be me to acomplish various tasks:
replacing images in webpages, replace text in webpages, inject payloads using html <form> tag
denial-of-service attack (drop,kill packets from source), https/ssh downgrade attacks, redirect
target browser traffic to another ip address (domain) and also gives you the ability to build
compile your filter from scratch and lunch it through morpheus framework.

"filters can be extended using browser languages like: javascript,css,flash,etc"...

In this example we are using 'CSS3' to trigger webpage 180º rotation In this example we are using 'head HTML tag' to inject an rediretion url into target request

Framework limitations

1º - morpheus will fail if target system its protected againt arp poison atacks
2º - downgrade attacks will fail if browser target as installed no-http addon's
3º - target system sometimes needs to clear netcache for arp poison be effective

incorrect number of token (///) in TARGET !!

morpheus by default will run ettercap using IPv6 (USE_IPV6=ACTIVE) like its previous
configurated into 'settings' file, if you are reciving this error than edit settings
file befor runing morpheus and set (USE_IPV6=DISABLED) to force ettercap to use IPV4

Dependencies

ettercap, nmap, zenity

Credits

alor&naga (ettercap framework)  | fyodor (nmap framework)
filters: irongeek (replace img) | seannicholls (rotate 180º)
Most of the filters in morpheus framework have been writen be me except the ones described
above, but this project will contemplate new external (authors) addictions found in the
fast network as the project continues to grow up (new releases), also new examples can
be found editing ettercap's etter.filter.examples file that will help us write new ones.

ettercap linux man pages

<br /> # Framework option [9-firewall] running 

Credentials capture (http,smb)

<br /> ---

_EOF