Skip to content
This repository


Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

a portable, unified and lightweight interface for mitm applications.

tree: f9aacae5b5

Fetching latest commit…


Cannot retrieve the latest commit at this time

Octocat-spinner-32 doc
Octocat-spinner-32 modules
Octocat-spinner-32 os-confs
Octocat-spinner-32 src
Octocat-spinner-32 AUTHORS
Octocat-spinner-32 CMakeLists.txt
Octocat-spinner-32 COPYING
Octocat-spinner-32 ChangeLog
Octocat-spinner-32 NEWS
Octocat-spinner-32 README

Janus is a portable, unified and lightweight interface for mitm applications.

It acts like a deamon and offers two simple stream sockets, one for input and one for the output traffic manipulations. Over this sockets, before a packet, it's always appended it's size (16bit), and Janus expects to receive data back with this precise format. The code is a portable and optimized rewrite of a first idea implemented in SniffJoke software written by Claudio Agosti. Janus overrides the actual routing table, creating a fake gateway with the aim to block packets after the kernel (on outgoing traffic) and before the kernel (on incoming traffic). Janus registers a fake arp entry with the aim to block packets after the kernel (on outgouing traffic) and before the kernel (on incoming traffic)


found your operating system between those implemented in os-confs/
starting janus, with the correct symlink /etc/janus/current-os poiting to your selected os-confs file, contains the appropriate checks.

If you're using a package, could have provided itself with the appropriate dependencies.

Below is an example of Janus usage starting from this initial routing table:

root@linux# ifconfig eth0
eth0     Link encap:Ethernet  HWaddr 00:24:d6:64:65:4d
          inet addr:  Bcast:  Mask:
          inet6 addr: fe80::224:d6ff:fe63:664c/64 Scope:Link
          RX packets:142050 errors:0 dropped:0 overruns:0 frame:0
          TX packets:139827 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:70261831 (67.0 MiB)  TX bytes:19672354 (18.7 MiB)

root@linux# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface         UG    0      0        0 eth0   U     0      0        0 eth0   U     0      0        0 eth1 UGH   0      0        0 eth0 UGH   0      0        0 eth1

root@linux# arp -n
Address                  HWtype  HWaddress           Flags Mask         Iface             ether   00:18:84:82:d6:2e   CM                 eth0

Example of Janus usage:

root@linux# janus
Janus connection diverter is starting with the following parameters:
. connection is waiting in port 30201 is serving incoming traffic, 10203 outgoing
Janus is now going in foreground, use SIGTERM to stop it.

root@linux# route -n
Address                  HWtype  HWaddress           Flags Mask          Iface             ether   00:24:d6:64:65:4d   CM                  eth0

Client POC

% This is a proof of concept written in Erlang that implements a simple Janus Client.
% It shows how simple is the Janus interface executing a simple packet-echo.
% Usage: erl -compile janus_client_poc && erl --noshell -s janus_client_poc start


start() ->
    JanusHost = "",
    JanusPort1 = 10203,
    JanusPort2 = 30201,
    spawn(fun() -> connect(JanusHost, JanusPort1) end),
    spawn(fun() -> connect(JanusHost, JanusPort2) end).

connect(Host, Port) ->
    {ok, Socket} = gen_tcp:connect(Host, Port, [{active,false}, {packet,0}]),

echo_loop(Socket) ->
    case gen_tcp:recv(Socket, 0) of
        {ok, Data} ->
            % potential packet mangling activity
            io:format("Hello, World!~n"),
            gen_tcp:send(Socket, Data),
        {error, _} ->

Installed files (paths may vary on your system)

Janus binary /usr/local/sbin/janus

Janus man page /usr/local/man/man1/janus.1

Official Janus page:

GPG public keys

$ gpg --keyserver --recv-key D9A950DE
$ gpg --fingerprint --list-keys D9A950DE
pub   1024D/D9A950DE 2009-05-10 [expires: 2014-05-09]
      Key fingerprint = C1ED 5C8F DB6A 1C74 A807  5695 91EC 9BB8 D9A9 50DE
uid                  Giovanni Pellerano <>
sub   4096g/50A7F150 2009-05-10 [expires: 2014-05-09]

$ gpg --keyserver --recv-key C6765430
$ gpg --fingerprint --list-keys C6765430
pub   1024D/C6765430 2009-08-25 [expires: 2011-08-25]
      Key fingerprint = 341F 1A8C E2B4 F4F4 174D  7C21 B842 093D C676 5430
uid                  vecna <>
uid                  vecna <>
sub   3072g/E8157737 2009-08-25 [expires: 2011-08-25]
Something went wrong with that request. Please try again.