The source code for this project can be found on Gitlab!
To achieve this, we have developed a Python-based framework that utilizes additional libraries such as nmap and scapy. Notably, scapy plays an essential role in crafting customized packets to optimize the effectiveness of the attacks. Our project places a strong emphasis on performance and user convenience, relieving users from labor-intensive tasks by seamlessly handling complex aspects. We intend to continue working on this project beyond the current semester.
Dependencies/libraries used by Powerhouse:
- python-dotenv -> for loading the .env variables
- netifaces -> for enumerating network interfaces
- netaddr -> network address manipulation library
- python-nmap -> network scanning, host detection and monitoring
- scapy -> packet crafting
- dhcpkit -> dhcp
- mitmproxy -> intercepts HTTP responses and modifies them according to user parameters
- sslsplitter -> intercept HTTPS traffic
- beef -> a framework that offers an intuitive web GUI, enabling users to trigger events on a target browser through the injection of a hook.js file.
- pm2 -> a very useful process management tool within npm, we use it to start/stop processes
Setup guide (based on Kali Linux running on a Raspberry Pi)
- Install Kali Linux for Raspberry Pi.
sudo apt update
sudo apt upgrade(optional)
sudo apt install npm
npm install pm2 -g-> needs to be installed globally (-g)
sudo apt install mitmproxy(if not already pre-installed with Kali Linux)
sudo apt install beef-xss
sudo apt install sslsplit
wget http://standards-oui.ieee.org/oui.txt(for DHCP leasing record)
sudo mv oui.txt /usr/local/etc(folder can only be modified with sudo rights / file has “644” rights)
- Switch to the “Code” directory
sudo apt install python3.11-venv(may not be necessary)
python -m venv venv
venv/bin/pip install -r requirements.txt
- To run the program:
sudo venv/bin/python main.py
Ctrl + Cto exit the program
The program assumes the username is “kali”. If your username is different, you might need to change that in the code. Refer to the error message logged to the console during the execution of the program!
Every system is different, therefore refer to any possible error messages/logging if something doesn’t work!
Here is where things get interesting. In the
.env file, you can change various settings related to the execution of the program.
METHOD: Here, you can specify which modules of the program shall be used.
dhcp;webserver;proxy(use rogue DHCP server, web server to host all relevant files, (mitm)proxy to edit incoming HTTP responses)
arp;webserver;proxy(use ARP spoofing instead of rogue DHCP)
arp;webserver;beef(launch the BeEF framework -> this injects the hook.js needed to connect a target browser to the framework)
IGNORE_GATEWAY: When set to “YES”, the program will ignore the gateway (not spoof it).
IGNORE_IPS: In this variable, you can list any IPs you don’t want to spoof.
IFACE: In case you need to tell the program which specific network interface to use, you can specify it here. Under Kali Linux running on a Raspberry Pi, the default interface is
RESET_IPTABLES_RULES: Can be useful if any errors/problems arise regarding
arp: Causes the program to use ARP spoofing as the MITM method, ARP spoofing is the most reliable option - if that doesn't work, try DHCP spoofing
dhcp: Causes the program to launch a rogue DHCP server, giving clients IP addresses after exhausting the actual DHCP servers resources, this enables the MITM attack
webserver: Launch a webserver that is used to for example host the JS files we want to insert into HTTP responses
ssl: Launches an SSLSPLIT attack and also facilitates creating new certificates
proxy: This determines if mitmproxy is started (mitmproxy handles the injection of code into the HTTP responses)
beef: This launches the beef framework, which can be a helpful tool
Here you can find some settings related to the SSL certificate creation process.
NEW_CERTIFICATE: if set to
YESa new ssl certificate is created, used and stored in the
certsfolder. if set to
NOa existing cert is read. Use the
CERTIFICATEvariable to define the certificate. Use
Web Server Settings:
These parameters can be used in case you need to modify anything related to the webserver.
(In our Git repository, you can also find example
.env files with some extra explanations.)