Coder Social home page Coder Social logo

mitm6's Introduction

mitm6

Python 2.7 and 3 compatible PyPI version License: GPLv2

mitm6 is a pentesting tool that exploits the default configuration of Windows to take over the default DNS server. It does this by replying to DHCPv6 messages, providing victims with a link-local IPv6 address and setting the attackers host as default DNS server. As DNS server, mitm6 will selectively reply to DNS queries of the attackers choosing and redirect the victims traffic to the attacker machine instead of the legitimate server. For a full explanation of the attack, see our blog about mitm6. Mitm6 is designed to work together with ntlmrelayx from impacket for WPAD spoofing and credential relaying.

Dependencies and installation

mitm6 is compatible with both Python 2.7 and 3.x. You can install the requirements for your version with pip install -r requirements.txt. In both cases, mitm6 uses the following packages:

  • Scapy
  • Twisted
  • netifaces

For python 2.7, it uses the ipaddress backport module. You can install the latest release from PyPI with pip install mitm6, or the latest version from source with python setup.py install after cloning this git repository.

Usage

After installation, mitm6 will be available as a command line program called mitm6. Since it uses raw packet capture with Scapy, it should be run as root. mitm6 should detect your network settings by default and use your primary interface for its spoofing. The only option you will probably need to specify is the AD domain that you are spoofing. For advanced tuning, the following options are available:

usage: mitm6 [-h] [-i INTERFACE] [-l LOCALDOMAIN] [-4 ADDRESS] [-6 ADDRESS] [-m ADDRESS] [-a] [-r TARGET] [-v] [--debug]
             [-d DOMAIN] [-b DOMAIN] [-hw DOMAIN] [-hb DOMAIN] [--ignore-nofqdn]

mitm6 - pwning IPv4 via IPv6
For help or reporting issues, visit https://github.com/dirkjanm/mitm6

optional arguments:
  -h, --help            show this help message and exit
  -i INTERFACE, --interface INTERFACE
                        Interface to use (default: autodetect)
  -l LOCALDOMAIN, --localdomain LOCALDOMAIN
                        Domain name to use as DNS search domain (default: use first DNS domain)
  -4 ADDRESS, --ipv4 ADDRESS
                        IPv4 address to send packets from (default: autodetect)
  -6 ADDRESS, --ipv6 ADDRESS
                        IPv6 link-local address to send packets from (default: autodetect)
  -m ADDRESS, --mac ADDRESS
                        Custom mac address - probably breaks stuff (default: mac of selected interface)
  -a, --no-ra           Do not advertise ourselves (useful for networks which detect rogue Router Advertisements)
  -r TARGET, --relay TARGET
                        Authentication relay target, will be used as fake DNS server hostname to trigger Kerberos auth
  -v, --verbose         Show verbose information
  --debug               Show debug information

Filtering options:
  -d DOMAIN, --domain DOMAIN
                        Domain name to filter DNS queries on (Allowlist principle, multiple can be specified.)
  -b DOMAIN, --blocklist DOMAIN, --blacklist DOMAIN
                        Domain name to filter DNS queries on (Blocklist principle, multiple can be specified.)
  -hw DOMAIN, -ha DOMAIN, --host-allowlist DOMAIN, --host-whitelist DOMAIN
                        Hostname (FQDN) to filter DHCPv6 queries on (Allowlist principle, multiple can be specified.)
  -hb DOMAIN, --host-blocklist DOMAIN, --host-blacklist DOMAIN
                        Hostname (FQDN) to filter DHCPv6 queries on (Blocklist principle, multiple can be specified.)
  --ignore-nofqdn       Ignore DHCPv6 queries that do not contain the Fully Qualified Domain Name (FQDN) option.

You can manually override most of the autodetect options (though overriding the MAC address will break things). If the network has some hardware which blocks or detects rogue Router Advertisement messages, you can add the --no-ra flag to not broadcast those. Router Advertisements are not needed for mitm6 to work since it relies mainly on DHCPv6 messages.

Filtering options

Several filtering options are available to select which hosts you want to attack and spoof. First there are the --host-allowlist and --host-blocklist options (or -hw and -hb for short), which take a (partial) domain as argument. Incoming DHCPv6 requests will be filtered against this list. The property checked is the DHCPv6 FQND option, in which the client provides its hostname. The same applies for DNS requests, for this the --domain option (or -d) is available, where you can supply which domain(s) you want to spoof. Blocking specific domains is also possible with --blocklist/-b. Both parameters can be specified multiple times to include/block multiple domains (for example -d domain.local -d otherdomain.local -b somehost.domain.local -b somehost.otherdomain.local).

For both the host and DNS filtering, simple string matching is performed. So if you choose to reply to wpad, it will also reply to queries for wpad.corpdomain.com. If you want more specific filtering, use both the allowlist and blocklist options, since the blocklist takes precedence over the allowlist. By default the first domain specified will be used as the DNS search domain, if you explicitliy want to specify this domain yourself use the --localdomain option.

About network impact and restoring the network

mitm6 is designed as a penetration testing tool and should thus impact the network as little as possible. This is the main reason mitm6 doesn't implement a full machine-in-the-middle attack currently, like we see in for example the SLAAC attack. To further minimize the impact, the IP addresses assigned have low time-to-live (TTL) values. The lease will expire within 5 minutes when mitm6 is stopped, which will remove the DNS server from the victims configuration. To prevent DNS replies getting cached, all replies are sent with a TTL of 100 seconds, which makes sure the cache is cleared within minutes after the tool exits.

Usage with ntlmrelayx

mitm6 is designed to be used with ntlmrelayx. You should run the tools next to each other, in this scenario mitm6 will spoof the DNS, causing victims to connect to ntlmrelayx for HTTP and SMB connections. For this you have to make sure to run ntlmrelayx with the -6 option, which will make it listen on both IPv4 and IPv6. To obtain credentials for WPAD, specify the WPAD hostname to spoof with -wh HOSTNAME (any non-existing hostname in the local domain will work since mitm6 is the DNS server). Optionally you can also use the -wa N parameter with a number of attempts to prompt for authentication for the WPAD file itself in case you suspect victims do not have the MS16-077 patch applied.

Usage with krbrelayx

You can also use mitm6 to relay Kerberos authentication, especially via DNS. To do this, use the --relay parameter and specify a host that you want to relay to. This host will be impersonated, and mitm6 will try to convince your victims to send authenticated dynamic updates using Kerberos authentication to krbrelayx. More info about this attack is available on the following blog: https://dirkjanm.io/relaying-kerberos-over-dns-with-krbrelayx-and-mitm6/

Detection

The Fox-IT Security Research Team team has released Snort and Suricata signatures to detect rogue DHCPv6 traffic and WPAD replies over IPv6. The signatures are available here: https://gist.github.com/fox-srt/98f29051fe56a1695de8e914c4a2373f

mitm6's People

Contributors

deadjakk avatar dirkjanm avatar hackndo avatar laxa avatar thepiratewhosmellsofsunflowers avatar

Stargazers

 avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar

Watchers

 avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar

mitm6's Issues

socket.gaierror

I installed on kali via pip install mitm6, but I always get this error:

Unless this is what you want, specify at least one domain with -d
Traceback (most recent call last):
  File "/usr/local/bin/mitm6", line 10, in <module>
    sys.exit(main())
  File "/usr/local/lib/python2.7/dist-packages/mitm6/mitm6.py", line 362, in main
    dnssock = setupFakeDns()
  File "/usr/local/lib/python2.7/dist-packages/mitm6/mitm6.py", line 284, in setupFakeDns
    addrinfo = socket.getaddrinfo(fulladdr, 53, socket.AF_INET6, socket.SOCK_DGRAM)
socket.gaierror: [Errno -2] Name or service not known

Any suggestions?

DNS server spoofing only working once

Hi,

I came across the following problem in my lab:

I've set up a Kali Host and a Win10 machine on VMware residing on the same network. No changes have been made to the IPv6 configuration of the Win10 machine:

Connection-specific DNS Suffix  . : localdomain
Description . . . . . . . . . . . : Intel(R) 82574L Gigabit Network Connection
Physical Address. . . . . . . . . : 00-0C-29-54-B5-84
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::2527:53eb:9abd:8df2%15(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.13.129(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Freitag, 12. Juli 2019 15:43:06
Lease Expires . . . . . . . . . . : Freitag, 12. Juli 2019 16:13:08
Default Gateway . . . . . . . . . :
DHCP Server . . . . . . . . . . . : 192.168.13.254
DHCPv6 IAID . . . . . . . . . . . : 50334761
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-22-15-BB-A2-00-0C-29-54-B5-84
DNS Servers . . . . . . . . . . . : 9.9.9.9
NetBIOS over Tcpip. . . . . . . . : Enabled

When i start wireshark on Kali I can't see any DHCPv6 requests.
Update: I now know, that this is because of my lab running on an ESXi. Kali won't see the DHCPv6 messages because vSphere virtual switches implement the MLDv2 protocol. Windows sends DHCPv6 solicit to the all-dhcp-agents multicast address and the Kali machine is not part of this group (although this functionality could be added to mitm6 I guess).

If I start mitm6 with mitm6 -i eth0, Win10 will recognise Kali (due to the RA or Router Advertisement I guess) and send a DHCPv6 request. mitm6 sends the reply and Win10 sets the IPv6 parameters as intended:

Connection-specific DNS Suffix  . : localdomain
Description . . . . . . . . . . . : Intel(R) 82574L Gigabit Network Connection
Physical Address. . . . . . . . . : 00-0C-29-54-B5-84
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::9900:1%15(Preferred)
Lease Obtained. . . . . . . . . . : Freitag, 12. Juli 2019 15:54:12
Lease Expires . . . . . . . . . . : Freitag, 12. Juli 2019 15:59:12
Link-local IPv6 Address . . . . . : fe80::2527:53eb:9abd:8df2%15(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.13.129(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Freitag, 12. Juli 2019 15:43:06
Lease Expires . . . . . . . . . . : Freitag, 12. Juli 2019 16:13:08
Default Gateway . . . . . . . . . : fe80::b49f:39ff:fe37:9cd6%15
DHCP Server . . . . . . . . . . . : 192.168.13.254
DHCPv6 IAID . . . . . . . . . . . : 50334761
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-22-15-BB-A2-00-0C-29-54-B5-84
DNS Servers . . . . . . . . . . . : fe80::b49f:39ff:fe37:9cd6%15
                                   9.9.9.9
NetBIOS over Tcpip. . . . . . . . : Enabled

The corresponding wireshark log looks like this (IPv6 ending in 9cd6 being Kali, 8df2 being Win10):
image

mitm6 is sending fake DNS responses and I get connections from Win10 to ntlmrelayx.py. Everything OK so far!

If I stop mitm6 on Kali, everything regarding IPv6 is reverted in Win10 after the lease timeout:

Connection-specific DNS Suffix  . : localdomain
Description . . . . . . . . . . . : Intel(R) 82574L Gigabit Network Connection
Physical Address. . . . . . . . . : 00-0C-29-54-B5-84
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::2527:53eb:9abd:8df2%15(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.13.129(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Freitag, 12. Juli 2019 15:43:06
Lease Expires . . . . . . . . . . : Freitag, 12. Juli 2019 16:28:08
Default Gateway . . . . . . . . . :
DHCP Server . . . . . . . . . . . : 192.168.13.254
DHCPv6 IAID . . . . . . . . . . . : 50334761
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-22-15-BB-A2-00-0C-29-54-B5-84
DNS Servers . . . . . . . . . . . : 9.9.9.9
NetBIOS over Tcpip. . . . . . . . : Enabled

The interesting (or annoying) thing now is that I cannot get the attack to work a second time. If I start mitm6 again with mitm6 -i eth0, a RA is sent via multicast but Win10 doesn't send a DHCPv6 request:
image

Win10 only sets the Default Gateway and that's it. No DNS server is set, no DHCPv6 messages are exchanged:

Connection-specific DNS Suffix  . : localdomain
Description . . . . . . . . . . . : Intel(R) 82574L Gigabit Network Connection
Physical Address. . . . . . . . . : 00-0C-29-54-B5-84
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::2527:53eb:9abd:8df2%15(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.13.129(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Freitag, 12. Juli 2019 15:43:06
Lease Expires . . . . . . . . . . : Freitag, 12. Juli 2019 18:28:08
Default Gateway . . . . . . . . . : fe80::b49f:39ff:fe37:9cd6%15
DHCP Server . . . . . . . . . . . : 192.168.13.254
DHCPv6 IAID . . . . . . . . . . . : 50334761
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-22-15-BB-A2-00-0C-29-54-B5-84
DNS Servers . . . . . . . . . . . : 9.9.9.9
NetBIOS over Tcpip. . . . . . . . : Enabled

The IPv6 gateway stays there for a while (I guess 1800s as announced in the RA) and then disappears. If I start mitm6 again the same thing happens again.

I tried the following things which didn't help:

  • Assigning a new MAC and IPv6 address to Kali
  • Starting mitm6 with --no-ra: Nothing happened at a network level because Win10 never sent DHCPv6 requests on its own. It only reacted to RAs. Update: I now know, that this is because of my lab running on an ESXi. Kali won't see the ICMPv6 messages because vSphere virtual switches implement the MLDv2 protocol. Windows sends ICMPv6 solicit to the all-dhcp-agents multicast address and the Kali machine is not part of this group (although this functionality could be added to mitm6 I guess).

These things did help:

  • Rebooting the Win10 machine
  • Deactivating the IPv6 protocol on the network adapter on Win10 an re-enable it.

I found the following Microsoft thread:
https://social.technet.microsoft.com/Forums/office/en-US/b16e7d78-e390-4ada-a24b-3ccba60fa571/no-ipv6-dns-statelessdhcp-since-windows-10-anniversary-update

Reading the second last comment from bigjoesmithh indicates that this could be a problem within Windows 10:

Windows client will not correctly pull DNS information from a DHCPv6 server after correctly doing stateless address configuration using router assignment [...]

So the problem maybe occurs only if Win10 doesn't send DHCPv6 Solicit messages on its own but only reacts to router advertisements.

The following questions occur to me:

  • Do you have an idea why Win10 behaves this way?
  • Is there a way we could tell the victim, that it should forget everything it learned from mitm6? Some message that notifies the Win10 machine, that the DHCP/DNS server no longer exists?
  • Do you have an idea why some Win10 machines send DHCPv6 Solicit messages but others don't?

Scapy Error

getting this error after a fresh install on Kali 2019.1

Unsure if it's something with my install. Tried different versions of mitm6.

anyways below is the error:

Traceback (most recent call last):
  File "/usr/local/bin/mitm6", line 11, in <module>
    load_entry_point('mitm6==0.2.1', 'console_scripts', 'mitm6')()
  File "build/bdist.linux-x86_64/egg/mitm6/mitm6.py", line 366, in main
    reactor.run()
  File "/usr/local/lib/python2.7/dist-packages/twisted/internet/base.py", line 1267, in run
    self.mainLoop()
  File "/usr/local/lib/python2.7/dist-packages/twisted/internet/base.py", line 1276, in mainLoop
    self.runUntilCurrent()
--- <exception caught here> ---
  File "/usr/local/lib/python2.7/dist-packages/twisted/internet/base.py", line 875, in runUntilCurrent
    f(*a, **kw)
  File "build/bdist.linux-x86_64/egg/mitm6/mitm6.py", line 272, in parsepacket
    if arpp.op is arpp.is_at:
  File "/usr/local/lib/python2.7/dist-packages/scapy/packet.py", line 326, in __getattr__
    return self.payload.__getattr__(attr)
  File "/usr/local/lib/python2.7/dist-packages/scapy/packet.py", line 326, in __getattr__
    return self.payload.__getattr__(attr)
  File "/usr/local/lib/python2.7/dist-packages/scapy/packet.py", line 324, in __getattr__
    fld, v = self.getfield_and_val(attr)
  File "/usr/local/lib/python2.7/dist-packages/scapy/packet.py", line 1427, in getfield_and_val
    raise AttributeError(attr)
exceptions.AttributeError: is_at

Newest Kali + mitm6 + ntlmrelay = crickets(?!)

Hi there,

I have two fresh Kali boxes (2019.4) that I've really only done the round of apt-get update/upgrades on, as well as download Responder, Mitm6, ntlmrelay, etc. I've also run the necessary "pip" and/or setup scripts to install dependencies.

One system is at a client environment, one is in my lab. But when I run mitm6 for the target domain, and ntlmrelayx in a second window, I get absolutely no activity from either one - even after an hour. Here are screenshots from my lab north.pole (Santa works here :-)

Screen Shot 2019-12-12 at 11 14 18 PM

Screen Shot 2019-12-12 at 11 14 27 PM

Admittedly this is my first time ever running mitm6 so I don't know what to expect, but by looking at pretty much any other blog/video out there, I should start seeing spoofed replies pretty quickly (or do I just need to wait this out? I can report back tomorrow...gonna leave these run overnight).

Can you think of anything I can test/troubleshoot to figure this out?

Thanks!
Brian

Exception in HTTP request

Hello,

I'm getting a message "Exception in the HTTP request handler: Port could not be cast to integer value as ':ffff:IP:445'

Offhand I just wanted to know what if this has been seen before, if so what would be the resolve? a new install? Just install it from the repo clone.

Thank you

Does mitm6 work through tun0?

Hi,

Tried looking around but can't get a concrete answer.

Relatively new to Linux and Networking, so trying to get to grasp with items.

I am trying to use the following command to connect to the homelab and run mitm6.

sudo mitm6 -d marvel.local -i tun0

I have ran the command also without -i tun0 but I assume it is needed or it will default to etho0 ?

I get the below output, but in all honesty, not sure what it means.

  cipher=algorithms.Blowfish,
/usr/local/lib/python3.11/dist-packages/scapy/layers/ipsec.py:485: CryptographyDeprecationWarning: CAST5 has been deprecated
  cipher=algorithms.CAST5,
Traceback (most recent call last):
  File "/usr/local/bin/mitm6", line 33, in <module>
    sys.exit(load_entry_point('mitm6==0.3.0', 'console_scripts', 'mitm6')())
             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/dist-packages/mitm6-0.3.0-py3.11.egg/mitm6/mitm6.py", line 369, in main
  File "/usr/local/lib/python3.11/dist-packages/mitm6-0.3.0-py3.11.egg/mitm6/mitm6.py", line 57, in __init__
KeyError: 17

I have done and clean and recent install of mitm6. I am wondering if I am just trying to use a tool (mitm6) where it isn't built to work, such as through a VPN tunnel?

Thanks for any help or advice.

Purpose of the --ignore-nofqdn option?

Hi, this is just a question: What's the purpose of the --ignore-nofqdn option? I understand that clients can send their hostname/FQDN in their DHCPv6 messages in order to update the record. In most mitm6 guides, the option --ignore-nofqdn is used but nobody says anything about the purpose. Are there specific types of clients that don't send FQDNs?

The only guess I have is that the --host-whitelist and --host-blacklist flags would be useless for DHCPv6 messages lacking a FQDN. Then users would be able to decide whether or not to answer those with the --ignore-nofqdn option. Am I correct in assuming that this is the purpose of this option?

Thanks for your great tool! Feel free to close this issue.

mitm6 is quiet...TOO quiet?

Hello!

I've got a brand spanking new Kali VM, fully updated with just a handful of tools on it - one of which (of course!) is mitm6. I ran it for the first time this week at a customer network, and here's what things look like when it fires up:

/opt/mitm6/mitm6/mitm6.py:283: SyntaxWarning: "is" with a literal. Did you mean "=="?
  if arpp.op is 2:
Unable to init server: Could not connect: Connection refused
Unable to init server: Could not connect: Connection refused

(mitm6.py:1237): Gdk-CRITICAL **: 08:38:54.206: gdk_cursor_new_for_display: assertion 'GDK_IS_DISPLAY (display)' failed
Starting mitm6 using the following configuration:
Primary adapter: eth0 [x:x:x:x:x:x]
IPv4 address: x.x.x.x
IPv6 address: x::x:x:x:x
DNS local search domain: network.local
DNS whitelist: network.local

The screen just sat there for about 30 minutes and I was anxious to see results start rolling in, but all that eventually coughed up was:

Unhandled Error
Traceback (most recent call last):
  File "/opt/mitm6/mitm6/mitm6.py", line 380, in <module>
    main()
  File "/opt/mitm6/mitm6/mitm6.py", line 377, in main
    reactor.run()
  File "/usr/lib/python3/dist-packages/twisted/internet/base.py", line 1267, in run
    self.mainLoop()
  File "/usr/lib/python3/dist-packages/twisted/internet/base.py", line 1276, in mainLoop
    self.runUntilCurrent()
--- <exception caught here> ---
  File "/usr/lib/python3/dist-packages/twisted/internet/base.py", line 875, in runUntilCurrent
    f(*a, **kw)
  File "/opt/mitm6/mitm6/mitm6.py", line 288, in parsepacket
    send_dns_reply(p)
  File "/opt/mitm6/mitm6/mitm6.py", line 179, in send_dns_reply
    if dns.qd.qclass != 1 or dns.qr != 0:
builtins.AttributeError: 'NoneType' object has no attribute 'qclass'

Unhandled Error
Traceback (most recent call last):
  File "/opt/mitm6/mitm6/mitm6.py", line 380, in <module>
    main()
  File "/opt/mitm6/mitm6/mitm6.py", line 377, in main
    reactor.run()
  File "/usr/lib/python3/dist-packages/twisted/internet/base.py", line 1267, in run
    self.mainLoop()
  File "/usr/lib/python3/dist-packages/twisted/internet/base.py", line 1276, in mainLoop
    self.runUntilCurrent()
--- <exception caught here> ---
  File "/usr/lib/python3/dist-packages/twisted/internet/base.py", line 875, in runUntilCurrent
    f(*a, **kw)
  File "/opt/mitm6/mitm6/mitm6.py", line 288, in parsepacket
    send_dns_reply(p)
  File "/opt/mitm6/mitm6/mitm6.py", line 179, in send_dns_reply
    if dns.qd.qclass != 1 or dns.qr != 0:
builtins.AttributeError: 'NoneType' object has no attribute 'qclass'

I let the session run a while longer but it was just radio silence after this.

Any thoughts on what might be the issue?

Thanks,
Brian

Not compatible with Python 3.7

This line here breaks in Python versions starting with 3.7 due to updates to the socket library.

https://github.com/fox-it/mitm6/blob/186428fdcb432b6226fbbd8be2897f7a4a29e32f/mitm6/mitm6.py#L283-L284

From the documentation for the socket library (https://docs.python.org/3/library/socket.html) the socket.getaddrinfo method has this message:

Changed in version 3.7: for IPv6 multicast addresses, string representing an address will not contain %scope part.

In the current version, running on Python 3.7.2, you will get an error:

Traceback (most recent call last):
  File "/usr/local/bin/mitm6", line 11, in <module>
    load_entry_point('mitm6==0.2.1', 'console_scripts', 'mitm6')()
  File "/usr/local/lib/python3.7/site-packages/mitm6-0.2.1-py3.7.egg/mitm6/mitm6.py", line 362, in main
  File "/usr/local/lib/python3.7/site-packages/mitm6-0.2.1-py3.7.egg/mitm6/mitm6.py", line 284, in setupFakeDns
  File "/usr/local/lib/python3.7/socket.py", line 748, in getaddrinfo
    for res in _socket.getaddrinfo(host, port, family, type, proto, flags):
socket.gaierror: [Errno -2] Name does not resolve

If you go and edit the above mentioned line to remove the additional %... the error goes away.

I do not know what this does to the overall functionality of the tool, otherwise I would have just included the PR. Unfortunately, building a good testing environment for this is difficult.

Feature Request: Full Routing

When using this tool on client networks, I've noticed that it interrupts internet connectivity on all compromised systems. Would it be possible to route requested traffic out to the proper destination to avoid interrupting internet access to help make this attack seamless?

More Documentation

The PNPT certification uses this tool for the training. However, they do not mention how to use the aclpwn-20211219-144804.restore to restore the modified ACL. It might be that I am blind, but I couldn't find any comment or reference in your readme.

This would really be helpful to clean up training environments. Otherwise, an admin might use this tool for testing and accidentally leave a vulnerable ACL on his DC.

'KeyError: 2' when starting on an interface that has no IPv4 address

If I start mitm6 with -i to assign it to a specific interface, it chokes and stops with KeyError: 2 if this interface only has an IPv6 address, and no IPv4:

# ip -6 address add fe80::800:27ff:fe00:0000/64 dev vboxnet0
# ip link set vboxnet0 up
# ip --brief a show
lo               UNKNOWN        127.0.0.1/8 ::1/128 
enp0s31f6        DOWN
wlp0s20f3        UP             192.168.0.49/24 
tun0             UNKNOWN        [removed]
vboxnet0         UP             fe80::800:27ff:fe00:0/64 
# mitm6 -i vboxnet0 -v --debug
Traceback (most recent call last):
  File "/usr/local/bin/mitm6", line 8, in <module>
    sys.exit(main())
  File "/usr/local/pipx/venvs/mitm6/lib/python3.10/site-packages/mitm6/mitm6.py", line 369, in main
    config = Config(args)
  File "/usr/local/pipx/venvs/mitm6/lib/python3.10/site-packages/mitm6/mitm6.py", line 39, in __init__
    self.v4addr = netifaces.ifaddresses(self.default_if)[netifaces.AF_INET][0]['addr']
KeyError: 2
FAIL: 1

If I assign an IPV4 address, it works fine and the virtual machine on vboxnet0 get spoofed:

# ip address add 192.168.56.1/24 dev vboxnet0
# mitm6 -i vboxnet0 -v --debug
Starting mitm6 using the following configuration:
Primary adapter: vboxnet0 [0a:00:27:00:00:00]
IPv4 address: 192.168.56.1
IPv6 address: fe80::800:27ff:fe00:0
Warning: Not filtering on any domain, mitm6 will reply to all DNS queries.
Unless this is what you want, specify at least one domain with -d
WARNING: The conf.iface interface (tun0) does not support IPv6! Using vboxnet0 instead for routing!
WARNING: The conf.iface interface (tun0) does not support IPv6! Using vboxnet0 instead for routing!
WARNING: more The conf.iface interface (tun0) does not support IPv6! Using vboxnet0 instead for routing!
IPv6 address fe80::192:168:56:3 is now assigned to mac=08:00:27:c6:9b:11 host= ipv4=192.168.56.3
IPv6 address fe80::192:168:56:3 is now assigned to mac=08:00:27:c6:9b:11 host= ipv4=192.168.56.3
Sent spoofed reply for time.windows.com. to fe80::97d:a5c7:a91b:f5f7

Project dependencies may have API risk issues

Hi, In mitm6, inappropriate dependency versioning constraints can cause risks.

Below are the dependencies and version constraints that the project is using

scapy>=2.4
ipaddress;python_version<'3.0'
future;python_version<'3.0'
twisted
netifaces

The version constraint == will introduce the risk of dependency conflicts because the scope of dependencies is too strict.
The version constraint No Upper Bound and * will introduce the risk of the missing API Error because the latest version of the dependencies may remove some APIs.

After further analysis, in this project,
The version constraint of dependency scapy can be changed to >=2.4.0rc3,<=2.4.5.

The above modification suggestions can reduce the dependency conflicts as much as possible,
and introduce the latest version as much as possible without calling Error in the projects.

The invocation of the current project includes all the following methods.

The calling methods from the scapy
scapy.all.ls
scapy.sendrecv.sendp
scapy.layers.inet6.ICMPv6ND_RA
The calling methods from the all methods
DHCP6OptClientId
twisted.internet.reactor.adoptDatagramPort
socket.getaddrinfo
argparse.ArgumentParser
loop.start.addErrback
scapy.all.IPv6
args.relay.lower
scapy.all.IP
should_spoof_dhcpv6
twisted.internet.task.LoopingCall.start
argparse.ArgumentParser.add_argument_group
matches_list
parser.add_argument_group.add_argument
should_spoof_dns
print
setupFakeDns
loop.start.lower
scapy.all.ls
DHCP6OptIAAddress
argparse.ArgumentParser.add_argument
dnssock.fileno
target.ipv4.replace
join
self.__str__
DHCP6_Advertise
main
twisted.internet.protocol.DatagramProtocol
send_dhcp_advertise
twisted.internet.reactor.callFromThread
ipaddress.ip_address
scapy.all.DNS
scapy.layers.inet6.ICMPv6ND_RA
DHCP6OptIA_NA
random.randint
value.lower
failure.getErrorMessage
DHCP6_Reply
builtins.str
json.load
host.decode
get_fqdn
twisted.internet.threads.deferToThread
get_target
DHCP6OptDNSServers
twisted.internet.task.LoopingCall
setuptools.setup
socket.socket.bind
socket.socket.setblocking
Config
DUID_LL
DHCP6OptDNSDomains
scapy.all.Ether
dns.qd.qname.decode
netifaces.ifaddresses
self.v6addr.index
args.localdomain.lower
json.dumps
DHCP6OptServerId
format
scapy.sendrecv.sendp
twisted.internet.reactor.run
dnssock2.fileno
argparse.ArgumentParser.parse_args
sys.exit
scapy.all.DNSRR
netifaces.gateways
Target
len
open
scapy.all.DNSRRSOA
socket.socket
twisted.internet.reactor.addSystemEventTrigger
send_dns_reply
scapy.all.UDP
arpcache.write
send_dhcp_reply

@developer
Could please help me check this issue?
May I pull a request to fix it?
Thank you very much.

Forcing or coercing HTTP to SMB authentication using the NetBIOS name of the relaying server

Hi,

Thank you for this tool. I use it all the time!

A common attack on IPv4 I use is to passively force or actively coerce HTTP to SMB authentication to ntlmrelayx in order to relay to LDAP. This requires the use of the NetBIOS name of the relaying server in order for the targeted Windows installations to trust the connection address. Luckily Responder provides that NetBIOS name when running so I use that for this.

I can execute the same attack as above on IPv6 using mitm6 but I still need Responder's NetBIOS name which means I need both mitm6 and Responder running at the same time targeting the same networks. Would it be possible for mitm6 to provide a NetBIOS name that can be used instead of Responder's? BTW, is it safe to use mitm6 and Responder at the same time in this way?

Thanks!

Protocol Client for LADPS not found! error

I'm using
Name: mitm6
Version: 0.3.0

Impacket v0.10.0 - Copyright 2022 SecureAuth Corporation

Steps to reproduce

  • ntlmrelayx.py -6 -t ladps://192.168.0.100 -wh fakewpad.hacklab.local -l lootme
  • sudo mitm6 -d hacklab.local
] HTTPD(80): Connection from ::ffff:192.168.0.102 controlled, attacking target ladps://192.168.0.100
[-] Protocol Client for LADPS not found!
[-] HTTPD(80): Negotiating NTLM with ladps://192.168.0.100 failed
[*] HTTPD(80): Connection from ::ffff:192.168.0.102 controlled, attacking target ladps://192.168.0.100
[-] Protocol Client for LADPS not found!
[-] HTTPD(80): Negotiating NTLM with ladps://192.168.0.100 failed
[*] HTTPD(80): Connection from ::ffff:192.168.0.102 controlled, attacking target ladps://192.168.0.100
[-] Protocol Client for LADPS not found!
[-] HTTPD(80): Negotiating NTLM with ladps://192.168.0.100 failed
[*] HTTPD(80): Connection from ::ffff:192.168.0.102 controlled, attacking target ladps://192.168.0.100
[-] Protocol Client for LADPS not found!
[-] HTTPD(80): Negotiating NTLM with ladps://192.168.0.100 failed
[*] HTTPD(80): Connection from ::ffff:192.168.0.102 controlled, attacking target ladps://192.168.0.100
[-] Protocol Client for LADPS not found!
[-] HTTPD(80): Negotiating NTLM with ladps://192.168.0.100 failed
[*] HTTPD(80): Connection from ::ffff:192.168.0.102 controlled, attacking target ladps://192.168.0.100
[-] Protocol Client for LADPS not found!
[-] HTTPD(80): Negotiating NTLM with ladps://192.168.0.100 failed
[*] HTTPD(80): Connection from ::ffff:192.168.0.102 controlled, attacking target ladps://192.168.0.100
[-] Protocol Client for LADPS not found!
[-] HTTPD(80): Negotiating NTLM with ladps://192.168.0.100 failed
[*] HTTPD(80): Connection from ::ffff:192.168.0.102 controlled, attacking target ladps://192.168.0.100
[-] Protocol Client for LADPS not found!
[-] HTTPD(80): Negotiating NTLM with ladps://192.1

I verified using RSAT tool /ldp.exe and connectivity is okay.

image

Error execution

Hello,

when I run mitm6 don't work, I have this error:

Traceback (most recent call last):
  File "/usr/bin/mitm6", line 33, in <module>
    sys.exit(load_entry_point('mitm6==0.3.0', 'console_scripts', 'mitm6')())
  File "/usr/bin/mitm6", line 22, in importlib_load_entry_point
    for entry_point in distribution(dist_name).entry_points
  File "/usr/lib/python3.9/importlib/metadata.py", line 542, in distribution
    return Distribution.from_name(distribution_name)
  File "/usr/lib/python3.9/importlib/metadata.py", line 196, in from_name
    raise PackageNotFoundError(name)
importlib.metadata.PackageNotFoundError: mitm6

I have installed the requirements, my version of Python 3.9.12 and Linux 5.16.0-kali7-amd64 #1 SMP PREEMPT Debian 5.16.18-1k

A greeting anf thanks

Is this even working?

I start mitm6 with -d and my domain, as well as ntlmrelayx.py
I don't see anything.

No reply in virtual machine

Hi basically I’ve set up mitm6 but I hear no response even if I turn off and on the machines in the network , why is this occurring? It would be nice to have an in depth explaination.

image

Documentation for multiple domains?

Hi there,
I'm trying to use multiple domains with the -d flag and I'm not confident it's working
I tried:

mitm6.py -d abc.local contoso.local
But that errored out.

mitm6.py -d abc.local,contoso.local
and
mitm6.py -d "abc.local contoso.local"

both appear to produce the same output but the output I get looks like:

Sent spoofed reply for machine.abc.local,contoso.local. to fe80::1234:1

The documentation mentions that multiple domains are possible but i've been unable to find any examples or documentation detailing the expected format.

Any help would be appreciated.
Thanks!

UnicodeError: encoding with 'idna' codec failed (UnicodeError: label too long)

env:
os:
win10 education
Version 20H2 (OS build 19042.1586)
python:
Python 3.9.1

mitm6:
lastest

here is my command to execute mitm6:
C:\Users\x\AppData\Local\Programs\Python\Python39\python3.exe C:/Users/x/Downloads/dev/mitm6-master/mitm6/mitm6.py --domain mother.fucker --host-allowlist q3eftg2wyhw4yhwyh.mother.fucker --relay ca.mother.fucker -v

here is the error info:

C:\Users\x\AppData\Local\Programs\Python\Python39\python3.exe C:/Users/x/Downloads/dev/mitm6-master/mitm6/mitm6.py --domain mother.fucker --host-allowlist q3eftg2wyhw4yhwyh.mother.fucker --relay ca.mother.fucker -v
Traceback (most recent call last):
File "C:\Users\x\AppData\Local\Programs\Python\Python39\lib\encodings\idna.py", line 167, in encode
raise UnicodeError("label too long")
UnicodeError: label too long

The above exception was the direct cause of the following exception:

Traceback (most recent call last):
File "C:\Users\x\Downloads\dev\mitm6-master\mitm6\mitm6.py", line 412, in
main()
File "C:\Users\x\Downloads\dev\mitm6-master\mitm6\mitm6.py", line 404, in main
dnssock, dnssock2 = setupFakeDns()
File "C:\Users\x\Downloads\dev\mitm6-master\mitm6\mitm6.py", line 316, in setupFakeDns
addrinfo = socket.getaddrinfo(fulladdr, 53, socket.AF_INET6, socket.SOCK_DGRAM)
File "C:\Users\x\AppData\Local\Programs\Python\Python39\lib\socket.py", line 953, in getaddrinfo
for res in _socket.getaddrinfo(host, port, family, type, proto, flags):
UnicodeError: encoding with 'idna' codec failed (UnicodeError: label too long)
Starting mitm6 using the following configuration:
Primary adapter: {A8A69050-47C3-4625-A4EE-EF1EF847904F} [00:0c:29:57:de:2a]
IPv4 address: 192.168.25.129
IPv6 address: fe80::954b:7bd0:b382:9e0d
DNS local search domain: mother.fucker
DNS allowlist: mother.fucker
Hostname allowlist: q3eftg2wyhw4yhwyh.mother.fucker
An error occurred while sending a packet: b'{A8A69050-47C3-4625-A4EE-EF1EF847904F}: No such device exists (No such device exists)'
Note that root privileges are required to run mitm6

here is the image version of error info:
image

here is the full stack:
image
image

mitm6 doesn't work on VPN tunnel interface. "mitm6 -i tun0 -d <domain name>"

   valid_lft forever preferred_lft forever

3: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN group default qlen 100
link/none
inet 10.10.15.169/23 brd 10.10.15.255 scope global tun0
valid_lft forever preferred_lft forever
inet6 dead:beef:2::11a7/64 scope global
valid_lft forever preferred_lft forever
inet6 fe80::e4e0:7a25:ea5d:b6ee/64 scope link stable-privacy
valid_lft forever preferred_lft forever

root@kali:/opt/mitm6# mitm6 -i tun0
Traceback (most recent call last):
File "/usr/local/bin/mitm6", line 8, in
sys.exit(main())
File "/usr/local/lib/python3.8/dist-packages/mitm6/mitm6.py", line 340, in main
config = Config(args)
File "/usr/local/lib/python3.8/dist-packages/mitm6/mitm6.py", line 57, in init
self.macaddr = netifaces.ifaddresses(self.default_if)[netifaces.AF_LINK][0]['addr']
KeyError: 17

mitm6 does not support wpad spoofing for IPv4?

I performed IPv6 attack and I wonder, can I perform same attack for IPv4. My goal is same I just want to ipv4 dns spoof for wpad manipulation and then I will catch ntlm response. But It didn't work. mitm6 already doesn't do DNS spoofing for both IPv4 and IPv6, does it? So shouldn't it work?

image

This image from IPv6 attack. Destination ip address is my kali computer.
mitm6
I disable IPv6 for all machine. Then I performed same attack.
mitm4

When I compare these two pictures, Can mitm6 only manipulate wpad file when ipv6 is spoofed?

Error when running

New Kali 2023.3

Not sure about this error..
'
python3 mitm6/mitm6.py

Traceback (most recent call last):
File "/opt/mitm6/mitm6/mitm6.py", line 412, in
main()
File "/opt/mitm6/mitm6/mitm6.py", line 369, in main
config = Config(args)
^^^^^^^^^^^^
File "/opt/mitm6/mitm6/mitm6.py", line 57, in init
self.macaddr = netifaces.ifaddresses(self.default_if)[netifaces.AF_LINK][0]['addr']
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^
KeyError: 17

global name 'IP' is not defined

After running mitm6 for a while, I begin seeing the following error:

Unhandled Error Traceback (most recent call last): File "mitm6.py", line 286, in <module> main() File "mitm6.py", line 283, in main reactor.run() File "/root/.pyenv/versions/mitm6v2/local/lib/python2.7/site-packages/Twisted-17.9.0-py2.7-linux-x86_64.egg/twisted/internet/base.py", line 1243, in run self.mainLoop() File "/root/.pyenv/versions/mitm6v2/local/lib/python2.7/site-packages/Twisted-17.9.0-py2.7-linux-x86_64.egg/twisted/internet/base.py", line 1252, in mainLoop self.runUntilCurrent() --- <exception caught here> --- File "/root/.pyenv/versions/mitm6v2/local/lib/python2.7/site-packages/Twisted-17.9.0-py2.7-linux-x86_64.egg/twisted/internet/base.py", line 851, in runUntilCurrent f(*a, **kw) File "mitm6.py", line 212, in parsepacket send_dns_reply(p) File "mitm6.py", line 137, in send_dns_reply ip = p[IP] exceptions.NameError: global name 'IP' is not defined

Restarting the application will result in this error reappearing. The only way I could fix it was reinstalling the application, but then the error reappeared.

I installed the application in a pyenv virtualenv, python version 2.7.9.

uname -a

Linux XXXXXX 4.0.0-kali1-amd64 #1 SMP Debian 4.0.4-1+kali2 (2015-06-03) x86_64 GNU/Linux

full machine-in-the-middle attack

mitm6 doesn't implement a full machine-in-the-middle attack currently, like we see in for example the SLAAC attack

Any plans to support a full attack in the future? SLAAC attack requires a lot of tools and has been unstable in my experience. Perhaps NAT64+DNS64?

Windows compatibility

I installed mitm6 with pip install -r requirements.txt, and then setup.py install. Both commands worked flawlessly without error. The first time I ran mitm6, it error-ed out saying I had to install WinPCAP. I installed it, but now when i run mitm6 -v it says:

Starting mitm6 using the following configuration:
Primary adapter: {E3A50949-44E1-4C87-BA7E-EB8103FB0ED2} [80:00:0b:77:c2:bb]
IPv4 address: 172.27.71.64
IPv6 address: fe80::194:f706:e99b:648a
Warning: Not filtering on any domain, mitm6 will reply to all DNS queries.
Unless this is what you want, specify a domain with -d
Traceback (most recent call last):
  File "C:\Python27\Scripts\mitm6-script.py", line 11, in <module>
    load_entry_point('mitm6==0.1.1', 'console_scripts', 'mitm6')()
  File "C:\Python27\lib\site-packages\mitm6\mitm6.py", line 279, in main
    dnssock = setupFakeDns()
  File "C:\Python27\lib\site-packages\mitm6\mitm6.py", line 219, in setupFakeDns

    addrinfo = socket.getaddrinfo(fulladdr, 53, socket.AF_INET6, socket.SOCK_DGRAM)
socket.gaierror: [Errno 11004] getaddrinfo failed

How do I fix this?

AttributeError: 'IPv6Address' object has no attribute 'reverse_pointer'

I'm getting the following error on kali. Please advise.

root@kali:~/Tools/mitm6/mitm6# uname -a
Linux kali 5.2.0-kali3-amd64 #1 SMP Debian 5.2.17-1kali2 (2019-10-17) x86_64 GNU/Linux

root@kali:~/Tools/mitm6/mitm6# mitm6
Traceback (most recent call last):
File "/usr/local/bin/mitm6", line 11, in
load_entry_point('mitm6==0.2.2', 'console_scripts', 'mitm6')()
File "/usr/local/lib/python2.7/dist-packages/mitm6/mitm6.py", line 340, in main
config = Config(args)
File "/usr/local/lib/python2.7/dist-packages/mitm6/mitm6.py", line 72, in init
self.selfptr = ipaddress.ip_address(str(self.selfaddr)).reverse_pointer + '.'
AttributeError: 'IPv6Address' object has no attribute 'reverse_pointer'

builtins.IndexError: list index out of range`

Not sure what might be happening here or if it's causing a problem

Traceback (most recent call last):
  File "/usr/local/bin/mitm6", line 33, in <module>
    sys.exit(load_entry_point('mitm6==0.3.0', 'console_scripts', 'mitm6')())
  File "/usr/local/lib/python3.11/dist-packages/mitm6-0.3.0-py3.11.egg/mitm6/mitm6.py", line 409, in main

  File "/usr/lib/python3/dist-packages/twisted/internet/base.py", line 1315, in run
    self.mainLoop()
  File "/usr/lib/python3/dist-packages/twisted/internet/base.py", line 1325, in mainLoop
    reactorBaseSelf.runUntilCurrent()
--- <exception caught here> ---
  File "/usr/lib/python3/dist-packages/twisted/internet/base.py", line 964, in runUntilCurrent
    f(*a, **kw)
  File "/usr/local/lib/python3.11/dist-packages/mitm6-0.3.0-py3.11.egg/mitm6/mitm6.py", line 296, in parsepacket

builtins.IndexError: list index out of range```

Troubleshooting Unhandled Error: list index out of range

Hi, running into an issue on the new Kali instance where mitm6 (from source and pip) are spitting out unhandled errors. I've attempted to ensure all the requirements are installed, adequate versions, and compared to other machines where things seem to be working.

Any thoughts or pointers as to what might be happening, I'm exhausting my ideas. --debug and -v flags don't seem to return any additional data of value.

Linux kali 5.2.0-kali3-amd64 #1 SMP Debian 5.2.17-1kali2 (2019-10-17) x86_64 GNU/Linux

Starting mitm6 using the following configuration:
Primary adapter: eth0 [28:92:xx:xx:70:5a]
IPv4 address: 192.168.xx.68
IPv6 address: fe80::xxxx:xxxx:xxxx:705a
Warning: Not filtering on any domain, mitm6 will reply to all DNS queries.
Unless this is what you want, specify at least one domain with -d
Unhandled Error
Traceback (most recent call last):
  File "/usr/local/bin/mitm6", line 8, in <module>
    sys.exit(main())
  File "/usr/local/lib/python3.7/dist-packages/mitm6/mitm6.py", line 377, in main
    reactor.run()
  File "/usr/local/lib/python3.7/dist-packages/twisted/internet/base.py", line 1283, in run
    self.mainLoop()
  File "/usr/local/lib/python3.7/dist-packages/twisted/internet/base.py", line 1292, in mainLoop
    self.runUntilCurrent()
--- <exception caught here> ---
  File "/usr/local/lib/python3.7/dist-packages/twisted/internet/base.py", line 886, in runUntilCurrent
    f(*a, **kw)
  File "/usr/local/lib/python3.7/dist-packages/mitm6/mitm6.py", line 275, in parsepacket
    print('IPv6 address %s is now assigned to %s' % (p[DHCP6OptIA_NA].ianaopts[0].addr, pcdict[p.src]))
builtins.IndexError: list index out of range

PIP install logs for reference and version info.

Collecting mitm6
  Using cached https://files.pythonhosted.org/packages/b3/4a/41f2b53f280ae0323c608887ae63c6496a10d4351c6adaee41c26eda4d70/mitm6-0.2.2-py3-none-any.whl
Processing /root/.cache/pip/wheels/95/bf/51/905b3e84ec4ca910ce4ae92173c7334623105a265bdd1d9438/scapy-2.4.3-py2.py3-none-any.whl
Processing /root/.cache/pip/wheels/23/8f/f3/7054578f04c904f70757c5c85a6e2823baa69d42365526e93d/netifaces-0.10.9-cp37-cp37m-linux_x86_64.whl
Collecting twisted
  Using cached https://files.pythonhosted.org/packages/06/28/2a433e147de68c8416aa0179c45e67b67161f5c0f24aaaf1723f6229f574/Twisted-19.10.0-cp37-cp37m-manylinux1_x86_64.whl
Collecting hyperlink>=17.1.1
  Using cached https://files.pythonhosted.org/packages/7f/91/e916ca10a2de1cb7101a9b24da546fb90ee14629e23160086cf3361c4fb8/hyperlink-19.0.0-py2.py3-none-any.whl
Requirement already satisfied: attrs>=17.4.0 in /usr/lib/python3/dist-packages (from twisted->mitm6) (18.2.0)
Collecting PyHamcrest>=1.9.0
  Using cached https://files.pythonhosted.org/packages/9a/d5/d37fd731b7d0e91afcc84577edeccf4638b4f9b82f5ffe2f8b62e2ddc609/PyHamcrest-1.9.0-py2.py3-none-any.whl
Collecting incremental>=16.10.1
  Using cached https://files.pythonhosted.org/packages/f5/1d/c98a587dc06e107115cf4a58b49de20b19222c83d75335a192052af4c4b7/incremental-17.5.0-py2.py3-none-any.whl
Collecting constantly>=15.1
  Using cached https://files.pythonhosted.org/packages/b9/65/48c1909d0c0aeae6c10213340ce682db01b48ea900a7d9fce7a7910ff318/constantly-15.1.0-py2.py3-none-any.whl
Collecting zope.interface>=4.4.2
  Using cached https://files.pythonhosted.org/packages/40/e7/7e1060c2826d6b8c25bebbd1c96177f4b85ecfe3e2478d31acf9eaca3a11/zope.interface-4.7.1-cp37-cp37m-manylinux2010_x86_64.whl
Collecting Automat>=0.3.0
  Using cached https://files.pythonhosted.org/packages/e5/11/756922e977bb296a79ccf38e8d45cafee446733157d59bcd751d3aee57f5/Automat-0.8.0-py2.py3-none-any.whl
Collecting idna>=2.5
  Using cached https://files.pythonhosted.org/packages/14/2c/cd551d81dbe15200be1cf41cd03869a46fe7226e7450af7a6545bfc474c9/idna-2.8-py2.py3-none-any.whl
Collecting six
  Using cached https://files.pythonhosted.org/packages/65/26/32b8464df2a97e6dd1b656ed26b2c194606c16fe163c695a992b36c11cdf/six-1.13.0-py2.py3-none-any.whl
Collecting setuptools
  Using cached https://files.pythonhosted.org/packages/54/28/c45d8b54c1339f9644b87663945e54a8503cfef59cf0f65b3ff5dd17cf64/setuptools-42.0.2-py2.py3-none-any.whl
Installing collected packages: scapy, netifaces, idna, hyperlink, six, setuptools, PyHamcrest, incremental, constantly, zope.interface, Automat, twisted, mitm6
Successfully installed Automat-0.8.0 PyHamcrest-1.9.0 constantly-15.1.0 hyperlink-19.0.0 idna-2.8 incremental-17.5.0 mitm6-0.2.2 netifaces-0.10.9 scapy-2.4.3 setuptools-42.0.2 six-1.13.0 twisted-19.10.0 zope.interface-4.7.1

ImportError: cannot import name 'reactor'

I have an installed twisted v 17.1.0 however i'm geting the following error:

mitm6 
Traceback (most recent call last):
  File "/usr/lib/python-exec/python3.6/mitm6", line 11, in <module>
    load_entry_point('mitm6==0.2.2', 'console_scripts', 'mitm6')()
  File "/usr/lib64/python3.6/site-packages/pkg_resources/__init__.py", line 487, in load_entry_point
    return get_distribution(dist).load_entry_point(group, name)
  File "/usr/lib64/python3.6/site-packages/pkg_resources/__init__.py", line 2728, in load_entry_point
    return ep.load()
  File "/usr/lib64/python3.6/site-packages/pkg_resources/__init__.py", line 2346, in load
    return self.resolve()
  File "/usr/lib64/python3.6/site-packages/pkg_resources/__init__.py", line 2352, in resolve
    module = __import__(self.module_name, fromlist=['__name__'], level=0)
  File "/usr/lib64/python3.6/site-packages/mitm6/mitm6.py", line 3, in <module>
    from twisted.internet import reactor
ImportError: cannot import name 'reactor'

can you specify what is the minimum version of twisted is required?

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.