NTU NS 2016 final project. Perform a Man in the Middle attack to a old Apache httpd 2.4.1. It's a implementation of logjam
-
Ubuntu Server 16.04 LTS
-
VM disk size > 4GB
-
apache2 2.4.18
sudo apt-get -y install python-software-properties && \ sudo apt-get -y install software-properties-common && \ sudo apt-get -y install gcc make build-essential libssl-dev libffi-dev python-dev
- install apache httpd
- configure ssl setting
- set up sample site
- logjam to apache
sudo ./run.sh
This will REMOVE OLD apache2 and /var/www/html
-
To download a vulnerable browser: check browser history wiki.
-
old vulnerable firefox (I Can't install old osx version QQ)
-
Remember to close auto update of these old browser
sudo ./MitM.py
-
Create MitM listening port 81
./read_handshake.py
-
read handshake protocol