Universal MITM Web Server: CopyCat
Universal MITM Web Server CopyCat is a Node.js based universal MITM web server. Used with DNS spoofing or another redirect attack, this server will act as a MITM for web traffic between the victim and a real server. Most often we see DNS spoofing used to redirect victims to an attackers server hosting a static clone of the spoofed domain’s login page. But this server will forward all traffic between the victim and the spoofed domain allowing an attacker to sit in as the MITM while the victim interacts with the real domain. This also allows the attacker to inject scripts and manipulate the victim’s interactions with the intended web server. All urls are hijacked inside the HTML response from the server causing all traffic to be rerouted back through the server (provided you have a redirect attack for those domains as well). This is currently only configured to work with fake subdomains of real domains. If the server you are trying to spoof uses HSTS with the includeSubdomains argument t...