Institute For Ethical Hacking Course and Ethical Hacking Training in Pune – India
Extreme Hacking | Sadik Shaikh | Cyber Suraksha Abhiyan

Morpheus is a framework tool which automates TCP/UDP packet manipulation tasks by using etter filters to manipulate target requests/responses under MitM attacks replacing the TCP/UDP packet contents by our contents before forward the packet back to the target host.

This tool comes with pre-configured filters but it will allow users to improve them when launching the attack. In the end of the attack morpheus will revert the filter back to is default stage, this will allow users to improve filters at running time without the fear of messing with filter command syntax and spoil the filter.

Requirement:

  • ettercap
  • nmap
  • apache2
  • zenity

Framework limitations:

1º – morpheus will fail if target system its protected againt arp poison atacks
2º – downgrade attacks will fail if browser target as installed only-https addon’s
3º – target system sometimes needs to clear netcache for arp poison to be effective
4º – many attacks described in morpheus may be droped by target HSTS detection sys.
5º – incorrect number of token (///) in TARGET !! morpheus v1.6-Alpha
morpheus by default will run ettercap using IPv6 (USE_IPV6=ACTIVE) like its previous configurated into the ‘settings’ file, if you are receiving this error edit settings
file before running morpheus and set (USE_IPV6=DISABLED) to force ettercap to use IPV4
6º – morpheus needs ettercap to be executed with higth privileges (uid 0 | gid 0). morpheus v1.6-Alpha
correct ettercap configuration display (running as Admin without SSL disectors active) morpheus v1.6-Alpha
By default morpheus (at startup) will replace the original etter.conf/etter.dns files provided by ettercap, at framework exit morpheus will revert files to is original state..

Framework option 1 [firewall]:

firewall [option 1] pre-configurated filter will capture credentials from the follow services:
http,ftp,ssh,telnet (facebook uses https/ssl 🙁 ) report suspicious connections, report common
websocial browsing (facebook,twitter,youtube), report the existence of botnet connections like:
Mocbot IRC Bot, Darkcomet, redirect browser traffic and allow users to block connections (drop,kill) 
"Remmenber: morpheus gives is users the ability to 'add more rules' to filters befor execution"

[morpheus] host:192.168.1.67   [ -> ]  port:23 telnet  
           Source ip addr      flow    destination     rank good

[morpheus] host:192.168.1.67   [ <- ]  port:23 telnet  Destination ip      flow    source port     rank suspicious

 

Note: Filters can be extended using browser languages like: Javascript, CSS, Flash and others.

Related  Download and Install All Kali Linux Tools with Katoolin

Basically firewall filter will act like one offensive and defensive tool analyzing the tcp/udp data flow to report logins, suspicious traffic, brute-force, block target ip and etc.

Disclaimer:

We are not responsible for any damage that you cause. Usage of morpheus without prior mutual consistency can be considered as an illegal activity. It is the final user’s responsibility to obey all applicable local, state and federal laws.

Download now: morpheus

 

www.extremehacking.org
Sadik Shaikh | Cyber Suraksha Abhiyan, Ethical Hacking Training InstituteCEHv9,CHFI,ECSAv9,CAST,ENSA, CCNA, CCNA SECURITY,MCITP,RHCE,CHECKPOINT, ASA FIREWALL,VMWARE,CLOUD,ANDROID,IPHONE,NETWORKING HARDWARE,TRAINING INSTITUTE IN PUNECertified Ethical Hacking,Center For Advanced Security Training in India, ceh v9 course in Pune-India, ceh certification in pune-India, ceh v9 training in Pune-IndiaEthical Hacking Course in Pune-India