Subterfuge Developer’s Blog

Subterfuge – 2015

Where oh where did all of the progress go!?!? As the development team has gone off in many directions we’ve had to restructure our project goals and timeline. Subterfuge isn’t dead, but we certainly changed the way we do business. Here’s the short and sweet of it:

– What happened to updates: SVN is dead long live .DEB… .DEB is dead long live GIT

When Google Code fell apart a couple years ago we had to scramble to change the way we provided updates and pushed new content. Due to miscommunication with the Kali Linux dev team we moved to the Debian packaging system more colloquially known as apt. Unfortunately, this change almost killed the whole project by completely severing our ability to provide updates to the framework.

In effect this means that old versions of Subterfuge CANNOT receive updates! We’re moving to GitHub. Once that process is complete you’ll be able to download a new version of the framework capable of receiving new content.

– What have you done for me lately!

It looks like many folks missed our March 2015 Subterfuge update. We wanted to start the year off with a bang re-energizing the framework by extending it with new attack options: Subterfuge version 1.0.1. Here’s a breakdown of the new functionality we’ve pushed out in 2015.

  • Subterfuge can now MITM SSL sessions using arbitrary certificates
  • SSLStriping can be selectively enabled or disabled as desired
  • Subterfuge can leverage the Superfish Bug
  • CRITICAL UPDATE: The new version of Django was causing Subterfuge to fail on default installs of Kali Linux. Subterfuge 1.0.1 release with emergency fixes to critical framework files.

– In the pipe 5 by 5

We have BIG plans for Subterfuge 2015 development, but we don’t know exactly when we’ll be able to put out new content or fix existing stability issues. Our transition to GitHub might be a great opportunity for you to get involved. Don’t hesitate to send me an email if you’re interested. See our project roadmap below for more details on the 2015 development plan.

Subterfuge Development Roadmap 2015

In this section we’ll detail out major feature and stability modifications to Subterfuge by version as they are released. We will then finish with a listing of future development goals and (VERY ROUGH) projections regarding release.

Version 1.0.1 – Superfish!

  • Subterfuge can now MITM SSL sessions using arbitrary certificates
  • SSLStriping can be selectively enabled or disabled as desired
  • Subterfuge can leverage the Superfish Bug
  • CRITICAL UPDATE: The new version of Django was causing Subterfuge to fail on default installs of Kali Linux. Subterfuge 1.0.1 release with emergency fixes to critical framework files

Next Expected Release – Version 2.0 – October 2015

Upcoming Content

  • Transition to GitHub
  • POODLE Exploit Module
  • Heartbleed Module
  • SSL v3 Downgrade Module
Be Sociable, Share!
  • Pingback: www.pricedrop.io()

  • Pingback: homepage()

  • Pingback: offer()

  • skimpniff

    I am getting the django issues with 1.0 and kali 2.0. Is there a fix, I have not been able to find one.

    • Matthew Toussain

      Did you use the latest version of Subterfuge from the github: https://github.com/Subterfuge-Framework/Subterfuge ? The most recent build and setup script addresses the Django errors. Haven’t tested on Kali 2.0 yet, but it should be the same.

  • westside

    Hello Matthew! can you help me with subterfuge troublshooting on Kali 2.0 can not setup:

    bash: subterfuge: command not found

  • Pingback: best bank to close your business accounts without notice()

  • Pingback: read more()

  • Pingback: Systemische Coaching Ausbildung St. Gallen()

  • Robin h00D

    even this project get many error this is the best framwork i ever seen
    easy GUI…..thank you

    plz help i am using kali sana 2.0

    Subterfuge courtesy of r00t0v3rr1d3 & 0sm0s1z
    Performing system checks…

    System check identified some issues:

    WARNINGS:
    ?: (1_6.W001) Some project unittests may not execute as expected.
    HINT: Django 1.6 introduced a new default test runner. It looks like this project was generated using Django 1.5 or earlier. You should ensure your tests are all running & behaving as expected. See https://docs.djangoproject.com/en/dev/releases/1.6/#new-test-runner for more information.

    System check identified 1 issue (0 silenced).
    September 27, 2015 – 08:03:04
    Django version 1.7.9, using settings ‘subterfuge.settings’
    Starting development server at http://127.0.0.1:80/
    Quit the server with CONTROL-C.

    • Matthew Toussain

      I don’t see any errors here. Just a lot of warning (normal at the moment)

      What exactly is the problem?

      • Robin h00D

        i don’t know…….i am not getting any cookies.any pws :(
        Fortinet is the firewall used for the wifi…………..
        and when i turn on mimtyproxy it goes back to sslstrip it doesnt save my settings
        i keep this thing for hours but nothing comes up

  • steven monks

    I installed Subterfuge Yesterday on kali linux 2.0 32 gb usb with persistence all went well,
    I then ran it for the first time with the default options and went to my other laptop running
    Windows 10 all up to date, I typed in some passwords and browsed some sites,
    all the passwords showed up in subterfuge and browsing info, ( I was very pleased )
    turned on same machines today and can,t replicate same results
    Subterfuge says its arping but is not receiving anything Any suggestions welcome
    Thanks Steve

  • Pingback: website()

  • Pingback: astaxanthin()

  • Pingback: like it()

  • Pingback: amazon()

  • Pingback: what is aloe vera used for()

  • Pingback: https://www.ejuicemafia.com/products/pancake-man-e-juice-60ml?variant=10531342917()

  • Pingback: m88()

  • Pingback: Best University in Gulf()

  • Pingback: best work at home job online()

  • Pingback: Click Intensity Scam()