No description, website, or topics provided.
Clone or download
Latest commit e89669f Dec 10, 2017
Type Name Latest commit message Commit time
Failed to load latest commit information.
LICENSE Initial commit Oct 13, 2017 Update Dec 10, 2017 Initial commit of miner in the middle Oct 13, 2017

Miner In The Middle Author - Anthony Russell @DotNetRussell

Not for illegal use! (unless you own the network or have permission from everyone on it, it's illegal)


Miner in the Middle is a script that allows you to inject javascript miners into everyone on your local network. It does this by arp spoofing the network and waiting for HTTP traffic. Once it sees it, it injects a coinhive javascript miner into the traffic and returns it to the client. The standard mode does this on whatever page the person is browsing. The pop under mode opens their requested page in a new tab and leaves the miner in the old tab. This allows for persistence.


You will first need to make sure that you have MitMf and also Twisted version 15.5.0 To install dependencies run: ./ --install

----To launch a standard miner attack----

The standard network attack arp spoofs the network, then injects a miner into http responses. To launch a standard miner injection attack run: ./ <coinhive api key> <gateway ip> <interface name>

----To launch a popup miner attack----

A popup miner attack will attempt to inject a script into http responses. The script will wait for the user to click a button. When they do it will spawn a popup with their site in it and the origonal window will launch a miner. This is nice for persistence.

First run: ./ --generate <coinhive api key>

and place payload.html into your web server root directory

Second run: ./ -p <gateway ip> <interface name> <web server ip>