With great power comes great responsibility.
© ares, 2006-2013

 
[Intercepter-NG] offers the following features:

    + Sniffing passwords\hashes of the types:
       ICQ\IRC\AIM\FTP\IMAP\POP3\SMTP\LDAP\BNC\SOCKS\HTTP\WWW\NNTP\CVS\TELNET\MRA\DC++\VNC\MYSQL\ORACLE\NTLM\KRB5\RADIUS
    + Sniffing chat messages of: ICQ\AIM\JABBER\YAHOO\MSN\IRC\MRA
    + Reconstructing files from:  HTTP\FTP\IMAP\POP3\SMTP\SMB

    + Promiscuous-mode\ARP\DHCP\Gateway\Port\Smart Scanning\
    + Capturing packets and post-capture (offline) analyzing\RAW Mode
    + Remote traffic capturing via RPCAP daemon\PCAP Over IP
    + NAT\SOCKS\DHCP
    + ARP\
DNS over ICMP\DHCP\SSL\SSLSTRIP\WPAD\SMBRelay\SSH MiTM
    + DNS\NBNS\LLMNR Spoofing

Works on Windows NT(2K\XP\2k3\Vista\7\8).

Attention please! Project needs your help for improvement.
Submit your suggestions and feature requests to intercepter.mail@gmail.com
Also, it would be cool if someone painted an individual icon pack for Intercepter. 

Download latest versions


[Forum + Wiki + Blog]


Papers
Actuality of SMBRelay in Modern Windows Networks
SMB Hijacking. Kerberos is defeated


 



Videos
(old)
Intercepter Tutorial part 1
Intercepter Tutorial part 2
Sniffing DHCP based networks
ICMP Redirect MiTM
DNS over ICMP Redirect MiTM
Hacking SSL
Stripping SSL
Sniffing ICQ MD5 Login

-----------
(new)
Quick overview of new Intercepter-NG
Exploiting WPAD + Part 2
SMBRelay in modern Windows Networks
Quick overview of new Intercepter-NG Part2
Injecting files to HTTP traffic
Quick overview of new Intercepter-NG Part3
Quick overview of new Intercepter-NG Part4
SSH MiTM with Intercepter-NG
SMB Hijacking with Intercepter-NG




----------------------------------------------------------

News

11.06.2013 - Intercepter-NG v0.9.8

Added:

+ SMB Hijacking
+ NTLM Grabber in WPAD MiTM
+ Built-in brutforce of hashes via JTR
+ More accurate OS detection
+ Port Scanner
+ POP3 NTLM Auth
+ RADIUS Auth
+ Kerberos Auth (rc4-hmac, aes256-cts-hmac-sha1-96)
+ Kerberos Downgrade (aes256->rc4)
+ Custom .exe for smbrelay
+ MAC Whitelist in DHCP MiTM


Updated:

SMBRELAY CODE FIXED!!!
sslstrip moved from 80 to 8080 port
SMBv2 support
IDN support
OUI base updated
Resurrection mode updated
countless improvements and fixes



15.04.2013 - Intercepter-NG v0.9.7

Added:
+ SSH MiTM
+ IP Forward
+ Save\Load Cookies

Updated:
WPAD SOCKS4 -> PROXY

fixes and improvements...

22.03.2013 - Intercepter-NG v0.9.6

Added:
+PPPoE PAP Auth
+NBNS\LLMNR Spoofing
+Replaying sniffed cookies in browser
+PCAP Over IP

Updated:
DNS Spoofing by mask (*)
WPAD socks support HTTP injection
Expert Mode (dns cache ttl, arp scan timeout, stop injection on nbns)

fixes and improvements...


05.12.2012 - Intercepter-NG [Android Edition] 1.0 + Intercepter-NG [Console Edition] 0.5

Completely new [Android Edition] !


18.09.2012 - Intercepter-NG v0.9.5 + Intercepter-NG [Console Edition] 0.4

Added:
SSLStrip: Cookie Killer
DNS Spoofing
MRA MD5 Auth
HTTP Auth Heur
Multiselecting of captures
Support of pcapng (new wireshark format)
Expert Mode
ARP Cage

Updated:
ARP Scan according to netmask
RAW Mode
Resurrection Mode (http proxy support)
HTTP Injection
SSL MiTM + SSLStrip
Countless improvements and fixes
---
manual control of arp poison in CE
and some updates from win version, see CHANGELOG

06.08.2012 - Intercepter-NG v0.9.4 + Intercepter-NG [Console Edition] 0.3

IPv6 support
New feature: http injection
The speed of analysis is now 5 times faster
RAW Mode updated
Improvements and fixes
---
New RAW Mode for Console version and a lot of updates
see CHANGELOG for details

18.06.2012 - Intercepter-NG [Console Edition] 0.2

 + new passwords dissectors
 + grabbing messages ICQ\AIM\JABBER\YAHOO\MSN\IRC\MRA
 + recovering files from SMB
 + resizing support
 + locale support via env variable LC_ALL
 + arp code improved
 + MacOS X build

01.06.2012 - Intercepter-NG v0.9.3 + Intercepter-NG [Console Edition] 0.1

Major update of sslstripping code
UAC Manifest added to .exe
openssl+zlib linked statically
IRC moved to Messengers Mode
New Resurrection Mode - reconstruction of HTTP\FTP\SMB\IMAP\POP3\SMTP files
updated WiFi Mode and improved MiTMs code
RAW mode updated
Cookie grabber added
Intercepter converts Raw IP Data captures to Ethernet frames
a lot of small changes
Visit new Wiki page

New Intercepter Console Edition is available now.
It works on any *nix including IOS and Android.
Special thanks to nimmox for testing and building android version.
Enjoy!



17.04.2012 - Intercepter-NG v0.9.2

New
SMBRelay MiTM with NTLMv2 support (watch video tutorial).
Raw Mode updated (saving .pcap dumps, astronomical time display)
NTLM Challenge+Response grabbing (NTLMSSP). Bruteforce it with C&A.


04.04.2012 - Intercepter-NG v0.9.1

New
WPAD MiTM (watch video tutorials).
Built-in Socks4 server added
RAW Mode updated
Minor fixes


11.11.2011
- Intercepter-NG v0.9
Next generation of Intercepter has come.
Besides a new GUI, countless improvements have been made. 
The whole process of MiTM attacks is now completely automated.

Added
NAT added to Intercepter
Gateway discovering feature
Smart Scan with OS detection
MSN\MRA Parsers updated
Raw Mode is in the style of Wireshark
Loading pcap dumps by Drag&Drop

Removed
MAC Changer and SMTP\POP3 grabber
Gadu-Gadu support


-----------

10.10.2011 - 0x4553-Intercepter v0.8.5
Added:
ICQ MD5 auth
Minor fixes.
WinPcap updated.


01.10.2011
- 0x4553-Intercepter v0.8.4
Added:
SSL Strip
ssl code improved.


26.09.2011 - 0x4553-Intercepter v0.8.3
Added:
SSL MiTM
Rewritten ARP Poison, now routing is performed by nat.
Win7 ARP bug handled.


13.09.2011 - 0x4553-Intercepter v0.8.2
Added:
DNS over ICMP Redirect MiTM


06.09.2011 - 0x4553-Intercepter v0.8.1
Added:
You can configure auto-sniffing with specified interface without manual actions.
Intercepter can read .pcap dumps through console and extract all data in output file
example: ./intercepter -t dump.cap
New MiTM via ICMP redirection messages.
Read help file for details!


23.07.2010 - 0x4553-Intercepter v0.8
New version is out!
Besides little fixes the dhcpd is ready for using.
0x4553-NAT is now the part of Intercepter.
0x4553-NAT - First free symmentric NAT for NT.
Help file updated! Readt it!


-----------


23.06.2009 - 0x4553-Intercepter v0.7.9
Bugs fixed.
Raw sniffer updated.

08.04.2009 - 0x4553-Intercepter v0.7.8
Charsets decoder updated
Raw sniffer now work with UDP

19.11.2008 - 0x4553-Intercepter v0.7.7
Few fixes.
Added:
1. 801.2q(packet encapsulation) support added.
2. RF-Online auth sniffer

07.10.2008 - 0x4553-Intercepter v0.7.6
Bug in HTTP filter fixed.
Added:
1. Null\Loopback(packet encapsulation) support added.


29.07.2008 - 0x4553-Intercepter v0.7.5
A few bugs fixed.


25.07.2008 - Video Tutorials
http://intercepter.nerf.ru/intercepter_tutor1.zip
1. ARP Poison
2. Remote Capture
3. ARP Defender

http://intercepter.nerf.ru/intercepter_tutor2.zip
1. eXtreme mode
2. MAC Changing
3. PCAP Offline Analyzing


11.07.2008 - 0x4553-Intercepter v0.7.4
ARP and routing code rewritten.
Some bugs fixed and now ARP Poisoning much more stable.
Added:
1. Oracle10 AES128 auth sniffer


24.06.2008 - 0x4553-Intercepter v0.7.3
Little fixes.
Added:
1. ARP Defender - arp poison detector (see help)
PS: Intercepter runs on Win9x (see help)

17.06.2008 - 0x4553-Intercepter v0.7.2
A few bugs fixed.
Added:
1. Little modification to grab SVN passwords (basic auth)
2. Debuging feature (see forum for details)

04.06.2008 - 0x4553-Intercepter v0.7.1
Fixed some problems and added 3 features:
1. Window hiding by ctrl+alt+s
2. Autosaving of data
3. Pcap filter in Raw Mode


23.05.2008 - HAPPY 13th BIRTHDAY OF ES.
It became a tradition to give you presents, so here it is. Enjoy!
Demo screenshot.
----------------------------------------------------------

Download
Intercepter-NG 0.9.8
Intercepter-NG 0.9.8(mirror)

Intercepter-NG [Android Edition 1.3]

Intercepter-NG [Console Edition 0.5]



Old version - 0x4553-Intercepter.v085.zip


intercepter.mail@gmail.com