class NetGUARD(object):
name = "Network Guardian"
desc = "Defend host, give warnings to sysadmin and log to txt file."
version = "0.9"
# Initialize, create NetGUARD global variables and parse config file
def __init__(self):
# Config File
os.path.abspath("config/NetGUARD.cfg")
self.config = ConfigParser.ConfigParser()
self.config.read("config/netguard.cfg")
# Call Jarvis
self.Jarvis = Jarvis()
# Log file
os.path.abspath("log/NetGUARD.log")
# Jail
self.jail = []
try:
# Network Interface from config
self.interface = self.configmap("NetworkSettings")['interface']
# Gateway IP address from config
self.gateway_ip = self.configmap("NetworkSettings")['gateway_ip']
# Gateway MAC address from config
self.gateway_mac = self.configmap("NetworkSettings")['gateway_mac']
except Exception as e:
print "[-] Check your config file in NetGUARD/config/netguard.cfg"
print "[!] Exception caught: ".format(e)
exit(0)
# My Network Interface MAC_Address
self.mymac = get_mymac(self.interface)
# My LAN IP Address
self.myip = get_myip(self.interface)
# If we are ARP spoofing status
self.myspoof_status = False
# If someone is ARP spoofing status
self.spoof_status = False
# ICMP request for this host - DDoS avoid.
self.icmp_count = 0
# Network ICMP sources in 5s
self.icmpsenders = {}
# TCP != from gateway connections - DDoS avoid.
self.tcp_count = 0
# Network UDP sources in 5s
self.tcpsenders = {}
# UDP != from gateway connections - DDoS avoid.
self.udp_count = 0
# Network UDP sources in 5s
self.udpsenders = {}
# SSH client attempts and brute status
self.ssh_count = 0
self.ssh_brute = False
# MySQL client attempts and brute status
self.sql_count = 0
self.sql_brute = False
# FTP client attempts and brute status
self.ftp_count = 0
self.ftp_brute = False
# Time variables
self.start_time = time.time()
self.current_time = 0
#ICMP time auxiliary
self.itt = 0
self.itt2 = 0
#TCP time auxiliary
self.ttt = 0
self.ttt2 = 0
#UDP time auxiliary
self.utt = 0
self.utt2 = 0
#SSH time auxiliary
self.sst = 0
self.sst2 = 0
#SQL time auxiliary
self.sqt = 0
self.sqt2 = 0
#FTP time auxiliary
self.ftt = 0
self.ftt2 = 0
# Configuration file mapping
def configmap(self, section):
dict = {}
options = self.config.options(section)
for option in options:
try:
dict[option] = self.config.get(section, option)
if dict[option] == -1:
DebugPrint("[!] Skip: {}".format(option))
except:
print "[!] Exception on: %s".format(s)
dict[option] = None
return dict
# Main routine
def main(self, p):
# Ethernet Frame
if p.haslayer(Ether):
# Media Access Control destination
mac_dst = str(p[Ether].dst)
# Media Acess Control source
mac_src = str(p[Ether].src)
# ARP Layer Protection
if p.haslayer(ARP):
# is-at
if p[ARP].op == 2:
# Sender Hardware Address
hardware_src = p[ARP].hwsrc
# Sender Protocol Address
protocol_src = p[ARP].psrc
# Target Hardware Address
hardware_dst = p[ARP].hwdst
# Target Protocol Address
protocol_dst = p[ARP].pdst
# If gateway ARP is-at is normal
if protocol_src == self.gateway_ip and hardware_src == self.gateway_mac:
if self.spoof_status == True:
self.log("Gateway returned to original mac address.")
self.Jarvis.Say(
"The gateway has returned to the original mac.")
self.spoof_status = False
if self.myspoof_status == True:
self.log("This host stop to arp spoof the gateway. \n")
self.Jarvis.Say(
"You stopped to arp spoof the gateway sir.")
self.myspoof_status = False
return
# If the op is: gateway is at and the hardware source diverges from original gateway MAC.
if protocol_src == self.gateway_ip and hardware_src != self.gateway_mac:
# If the person that are doing the ARP spoof is me."
if hardware_src == self.mymac:
if self.myspoof_status == False:
# Log
self.log(
"This host start to arp spoof the gateway. \n")
self.Jarvis.Say(
"You are arp spoofing the gateway sir.")
# Status
self.myspoof_status = True
else:
return
# If the person is not you
else:
if self.spoof_status == False:
for i in range(0, 3):
self.Jarvis.Say(
"the mac {} is trying to arp spoof the network."
.format(hardware_src.replace(":", " ")))
#os.system("iptables -A INPUT -m mac --mac-source {} -j REJECT".format(hardware_src))
time.sleep(2)
# Log
self.log(
"{} are trying to arp spoof the network. \n".
format(hardware_src))
# Status
self.spoof_status = True
else:
return
# IP Layer Protection
if p.haslayer(IP):
ip_src = str(p[IP].src)
ip_dst = str(p[IP].dst)
ip_chk = p[IP].chksum
ip_len = p[IP].len
#DDoS ICMP Layer Protection
if p.haslayer(ICMP):
type = p[ICMP].type
if ip_src != self.myip and ip_dst == self.myip and type == 8:
if ip_dst not in self.icmpsenders:
# Append new ICMP sender on network
self.icmpsenders.update({ip_src: self.tcp_count})
self.icmp_count += 1
# First time value from 5s delay
if self.icmp_count == 1:
self.itt = time.time()
else:
self.itt2 = time.time()
for ip, count in self.icmpsenders.iteritems():
if count > 500 and ip not in self.jail:
self.log(
"IP - {}/MAC - {} start to perform a ICMP denial of service attack against this host."
.format(ip, mac_dst))
self.Jarvis.Say(
"The IP address {} is performing a ICMP denial of service attack against this host."
.format(ip.replace(".", " ")))
os.system(
"iptables -A INPUT -p icmp -s {} -j DROP".format(
ip, str(dport)))
self.Jarvis.Say(
"Raising the packet shield for the attacker")
self.jail.append(ip)
interval = self.itt2 - self.itt
if interval >= 5:
self.icmp_count = 0
self.icmpsenders.clear()
# DDoS TCP Layer Protection
if p.haslayer(TCP):
sport = p[TCP].sport
dport = p[TCP].dport
if ip_src != self.gateway_ip and ip_src != self.myip and ip_dst == self.myip:
if ip_dst not in self.tcpsenders:
# Append new TCP sender on network
self.tcpsenders.update({ip_src: self.tcp_count})
self.tcp_count += 1
# First time value from 5s delay
if self.tcp_count == 1:
self.ttt = time.time()
else:
# Other time values from 5s delay
self.ttt2 = time.time()
for ip, count in self.tcpsenders.iteritems():
if count > 500 and ip not in self.jail:
self.log(
"IP - {}/MAC - {} start to perform a TCP denial of service attack against this host."
.format(ip, mac_dst))
self.Jarvis.Say(
"The IP address {} is performing a TCP denial of service attack against this host."
.format(ip.replace(".", " ")))
os.system(
"iptables -A INPUT -p tcp -s {} -j DROP".format(
ip, str(dport)))
self.log("Raising the packet shield for the attacker")
self.Jarvis.Say(
"Raising the packet shield for the attacker")
self.jail.append(ip)
interval = self.ttt2 - self.ttt
if interval >= 5:
self.tcp_count = 0
self.tcpsenders.clear()
# DDoS UDP Layer Protection
if p.haslayer(UDP):
sport = p[UDP].sport
if ip_src != self.gateway_ip and ip_src != self.myip and ip_dst == self.myip:
if ip_dst not in self.udpsenders:
self.udpsenders.update({ip_src: self.udp_count})
self.udp_count += 1
if self.tcp_count == 1:
self.utt = time.time()
else:
self.utt2 = time.time()
for ip, count in self.udpsenders.iteritems():
if count > 500 and ip not in self.jail:
self.log(
"IP - {}/MAC - {} start to perform a UDP denial of service attack against this host."
.format(ip_src, mac_dst))
self.Jarvis.Say(
"The IP address {} is performing a UDP denial of service attack against this host."
.format(ip_src.replace(".", " ")))
os.system(
"iptables -A INPUT -p udp -s {} -j DROP".format(
ip_src, str(dport)))
self.log("Raising the packet shield for the attacker")
self.Jarvis.Say(
"Raising the packet shield for the attacker")
self.jail.append(ip)
interval = self.utt2 - self.utt
if interval >= 5:
self.udp_count = 0
self.udpsenders.clear()
# Brute-Force TCP Layer Protection
if p.haslayer(TCP) and p.haslayer(Raw):
flags = {
'F': 'FIN',
'S': 'SYN',
'R': 'RST',
'P': 'PSH',
'A': 'ACK',
'U': 'URG',
'E': 'ECE',
'C': 'CWR'
}
dport = p[TCP].dport
sport = p[TCP].sport
ack = p[TCP].ack
seq = p[TCP].seq
preflag = [flags[x] for x in p.sprintf('%TCP.flags%')]
flag = "/".join(preflag)
chksum = str(p[TCP].chksum)
load = p[Raw].load
# FTP Protection
if sport == 21 and "530" in load and ip_src == self.myip:
if self.ftp_brute == False:
self.log(
"IP - {}/MAC - {} tried to connect with the FTP server with a wrong password."
.format(ip_dst, mac_dst))
self.Jarvis.Say(
"The IP address {} tried to connect with the FTP server with a wrong password."
.format(ip_dst.replace(".", " ")))
self.ftp_count += 1
if self.ftp_count == 1:
# Live minutes
self.ftt = time.time()
else:
self.ftt2 = time.time()
# If 4 ftp_client packets and 4º count time - 1º count time >= 1
if self.ftp_count >= 4:
interval = self.ftt2 - self.ftt
if interval >= 360:
self.ftp_count = 0
else:
self.ftp_brute = True
os.system(
"iptables -A INPUT -p tcp -s {} --dport {} -j REJECT"
.format(ip_dst, str(sport)))
# Log
self.log(
"! IP - {}/MAC - {} is brute forcing the FTP server."
.format(ip_dst, mac_dst))
self.log(
"Raising the packet shield for the attacker")
self.Jarvis.Say(
"The IP {} is brute forcing the FTP server.".
format(ip_dst.replace(".", " ")))
self.Jarvis.Say(
"Raising the packet shield for the attacker")
# Status
self.ftp_count = 0
# MySQL Protection
if sport == 3306 and "denied" in load and ip_src == self.myip:
if self.sql_brute == False:
self.log(
"IP - {}/MAC - {} tried to connect with the SQL server with a wrong password."
.format(ip_dst, mac_dst))
self.Jarvis.Say(
"The IP address {} tried to connect with the SQL server with a wrong password."
.format(ip_dst.replace(".", " ")))
self.sql_count += 1
if self.sql_count == 1:
# Live minutes
self.sqt = time.time()
else:
self.sqt2 = time.time()
# If 4 sql_client packets and 4º count time - 1º count time >= 1
if self.sql_count >= 4:
interval = self.sqt2 - self.sqt
if interval >= 360:
self.sql_count = 0
else:
self.sql_brute = True
os.system(
"iptables -A INPUT -p tcp -s {} --dport {} -j REJECT"
.format(ip_dst, str(sport)))
# Log
self.log(
"! IP - {}/MAC - {} is brute forcing the SQL server."
.format(ip_dst, mac_dst))
self.log(
"Raising the packet shield for the attacker")
self.Jarvis.Say(
"The IP {} is brute forcing the SQL server.".
format(ip_dst.replace(".", " ")))
self.Jarvis.Say(
"Raising the packet shield for the attacker")
# Status
self.sql_count = 0
# SSH Protection
if "SSH" in load and ip_src != self.myip and ip_dst == self.myip:
if self.ssh_brute == False:
self.log(
"IP - {}/MAC - {} open a socket with the SSH server."
.format(ip_src, mac_src))
self.Jarvis.Say(
"The IP address {} open a socket with the SSH server."
.format(ip_dst.replace(".", " ")))
self.ssh_count += 1
if self.ssh_count == 1:
# Live minutes
self.sst = time.time()
else:
self.sst2 = time.time()
# If 4 ssh_client packets and 4º count time - 1º count time >= 1
if self.ssh_count >= 3:
interval = self.sst2 - self.sst
if interval >= 360:
self.ssh_count = 0
self.sst = 0
else:
self.ssh_brute = True
os.system(
"iptables -A INPUT -p tcp -s {} --dport {} -j REJECT"
.format(ip_src, str(dport)))
# Log
self.log(
"! IP - {}/MAC - {} is brute forcing the SSH server."
.format(ip_src, mac_src))
self.log(
"Raising the packet shield for the attacker")
self.Jarvis.Say(
"The IP {} is brute forcing the SSH server.".
format(ip_dst.replace(".", " ")))
self.Jarvis.Say(
"Raising the packet shield for the attacker")
# Status
self.ssh_count = 0
self.sst = 0
# Logger
def log(self, message):
file = open("log/NetGUARD.log", "a+")
file.write("\n")
time = datetime.now().strftime('%Y-%m-%d_%H:%M:%S')
file.write(time + ": ")
file.write(message)
file.close()
# Start
def start(self):
try:
pid = os.getpid()
self.log("NetGUARD started")
self.Jarvis.Say(
"Network guardian initialized on process {}.".format(pid))
# Set static ARP with the gateway.
os.system("arp -s {} {}".format(self.gateway_ip, self.gateway_mac))
self.log("Static ARP set with gateway.")
self.Jarvis.Say("Setting static arp with gateway.")
self.Jarvis.Say("I will warn you if i find any threat")
# Start the sniffer.
p = sniff(iface=self.interface, prn=self.main)
time = datetime.now().strftime('%Y-%m-%d_%H:%M:%S')
wrpcap("NetGUARD_{}.pcap".format(time), p)
except Exception as e:
self.log("Problem starting the network monitor")
self.log("Exception: {}".format(e))
self.Jarvis.Say("Problem starting the network monitor")
# Start the sniffer as subprocess.
def backgroundstart(self):
try:
with open("log/NetGUARD.log", "a+") as stdout:
self.p = subprocess.Popen(["python core/NetGUARD.py"],
shell=True,
stdout=stdout,
stderr=stdout)
self.log("NetGUARD in background started.")
return
except Exception as e:
self.log("Problem starting NetGUARD in background")
self.Jarvis.Say(
"Problem starting the network monitor in background")
class Processor(object):
name = "Jarvis-Processor"
desc = "Console to process voice commands"
version = "0.2"
def __init__(self):
self.Jarvis = Jarvis()
def start(self):
try:
self.Jarvis.ser.open()
except Exception as e:
print "[!] Arduino Leonardo not found, features that use keyboard will not work."
try:
self.Jarvis.Say(self.Jarvis.random('greetings'))
while 1:
try:
self.command = self.Jarvis.Listen()
self.message = self.command.split()
self.input_list = [str(a) for a in self.message]
if self.input_list[0] == "exit" or self.input_list[
0] == "quit":
self.Jarvis.Say(self.Jarvis.random('salutes'))
exit()
elif self.input_list[0] == "sleep" or self.input_list[
0] == "stop" or self.input_list[0] == "wait":
self.Jarvis.Say("Call me if you need me sir.")
while 1:
self.wait = self.Jarvis.Listen()
if self.wait == "Jarvis":
self.Jarvis.Say(
self.Jarvis.random('affirmative'))
break
elif self.input_list[0] == "newspaper" or self.input_list[
0] == "news":
self.Jarvis.Say("Here are the news sir.")
self.titles = self.Jarvis.GetNews()
self.Jarvis.SpeakNews(self.titles)
elif self.input_list[0] == "browser":
try:
webbrowser.open("https://www.google.com")
self.Jarvis.Say(self.Jarvis.random('affirmative'))
except Exception as e:
print "[!] Exception caught: {}".format(e)
pass
elif self.input_list[0] == "terminal":
try:
os.system("gnome-terminal")
self.Jarvis.Say(self.Jarvis.random('affirmative'))
except Exception as e:
print "[!] Exception caught: {}".format(e)
pass
elif self.input_list[0] == "search":
try:
search = self.input_list[1:]
real = "".join(search)
url = "https://www.google.com/search?q={}".format(
real)
webbrowser.open(url)
self.Jarvis.Say(self.Jarvis.random('affirmative'))
except Exception as e:
print "[!] Exception caught: {}".format(e)
pass
elif self.input_list[0] == "say" or self.input_list[
0] == "speak":
self.Jarvis.Say(self.input_list[1:])
elif self.input_list[0] == "run":
self.Jarvis.Say(self.Jarvis.random('affirmative'))
os.system("./scripts/{}.sh".format(self.input_list[1]))
elif self.input_list[0] == "input":
try:
self.Jarvis.SerialWrite(self.input_list[1])
self.Jarvis.Say(self.Jarvis.random('affirmative'))
except:
self.Jarvis.Say(
"Feature not working master, plug your Arduino Leonardo then restart the program."
)
pass
elif self.input_list[0] == "editor":
self.Jarvis.Say("Starting edition mode sir.")
while 1:
self.editmode = self.Jarvis.Listen()
self.mesg = self.editmode
#self.msg = "".join(self.mesg)
if self.mesg is not None:
try:
self.Jarvis.SerialWrite(self.mesg)
self.Jarvis.Say(
self.Jarvis.random('affirmative'))
except:
self.Jarvis.Say(
"Feature not working, plug you Arduino Leonardo then restart the program."
)
break
else:
pass
if self.editmode == "exit":
self.Jarvis.Say("Stoping edition mode sir.")
break
else:
print '[!] Input a valid option, enter "help" to see valid commands.'
self.Jarvis.Say("i heard, {}".format(self.command))
self.Jarvis.Say(self.Jarvis.random('dntunderstand'))
except IndexError:
pass
except AttributeError:
pass
except KeyboardInterrupt:
print "\n[*] User requested shutdown"
self.Jarvis.Say(self.Jarvis.random('salutes'))
exit()
except Exception as e:
print "[!] Exception caught: {}".format(e)
class Processor(object):
name = "Interface-Processor"
desc = "Console to process commands"
version = "0.5"
def __init__(self):
#Jarvis
self.Jarvis = Jarvis()
#Variables
self.targets = None
self.file = None
self.interface = None
self.gateway = None
self.port = 80
self.domain = None
self.redirect = None
self.script = None
self.filter = None
self.arpmode = "rep"
#Status manager
self.jarvis_status = 0
self.arpspoof_status = False
self.inject_status = False
self.dnsspoof_status = False
self.mitmdrop_status = 0
def start(self):
try:
while 1:
completer = Completer("pythem")
console = termcolor.colored("pythem>", "red", attrs=["bold"])
self.command = raw_input("{} ".format(console))
self.argv = self.command.split()
self.input_list = [str(a) for a in self.argv]
try:
if self.input_list[0] == "help":
print_help()
elif self.command == "jarvis":
self.Jarvis.start('core/processor.py')
self.jarvis_status = 1
elif self.input_list[0] == "jarvis":
if self.input_list[1] == "log":
try:
jarvislog = self.input_list[2]
try:
os.system(
"tail -f log/jarvis{}.txt".format(
jarvislog))
except Exception as e:
print "[!] Exception caught: {}".format(e)
pass
except IndexError:
print "[+] Jarvis log system."
print "[.] Error log - type: err"
print "[.] Output log - type: out"
try:
jarvislog = raw_input("[+] Select: ")
os.system(
"tail -f log/jarvis{}.txt".format(
jarvislog))
except KeyboardInterrupt:
pass
except Exception as e:
print "[!] Exception caught: {}".format(e)
pass
elif self.input_list[1] == "help":
jarvis_help(self.Jarvis.version)
elif self.input_list[1] == "say":
try:
message = self.input_list[2]
all_msg = " ".join(self.input_list[2:])
self.Jarvis.Say(all_msg)
except IndexError:
try:
message = raw_input("[+] Jarvis speaker: ")
self.Jarvis.Say(message)
except KeyboardInterrupt:
pass
except Exception as e:
print "[!] Exception caught: {}".format(e)
elif self.input_list[1] == "read":
try:
file = self.input_list[2]
self.Jarvis.Read(file)
except IndexError:
if self.file is not None:
self.Jarvis.Read(self.file)
else:
file = "[+] Set file path:"
pass
except TypeError:
print "[!] You probably forgot to set a wordlist file path."
pass
except KeyboardInterrupt:
pass
except Exception as e:
print "[!] Exception caught: {}".format(e)
else:
self.Jarvis.start('core/processor.py')
self.jarvis_status = 1
elif self.command == "exit" or self.command == "quit":
if self.jarvis_status == 1:
self.Jarvis.Say(self.Jarvis.random('salutes'))
self.Jarvis.stop()
exit()
else:
exit()
elif self.input_list[0] == "set" or self.input_list[
0] == "SET":
if self.input_list[1] == "interface":
try:
self.interface = self.input_list[2]
except IndexError:
try:
self.interface = raw_input(
"[+] Enter the interface: ")
except KeyboardInterrupt:
pass
elif self.input_list[1] == "port":
try:
self.port = int(self.input_list[2])
except IndexError:
try:
self.port = input(
"[+] Enter the default port: ")
except KeyboardInterrupt:
pass
elif self.input_list[1] == "domain":
try:
self.domain = self.input_list[2]
except IndexError:
try:
self.domain = raw_input(
"[+] Domain to be spoofed: ")
except KeyboardInterrupt:
pass
elif self.input_list[1] == "redirect":
try:
self.redirect = self.input_list[2]
except IndexError:
try:
self.redirect = raw_input(
"[+] IP address to redirect DNS queries: "
)
except KeyboardInterrupt:
pass
elif self.input_list[1] == "script":
try:
self.script = self.input_list[2]
except IndexError:
try:
self.script = raw_input(
"[+]Script url/path: ")
except KeyboardInterrupt:
pass
elif self.input_list[1] == "gateway":
try:
self.gateway = self.input_list[2]
except IndexError:
try:
self.gateway = raw_input(
"[+] Enter the gateway: ")
except KeyboardInterrupt:
pass
elif self.input_list[1] == "target":
try:
self.targets = self.input_list[2]
except IndexError:
try:
self.targets = raw_input(
"[+] Enter the target(s): ")
except KeyboardInterrupt:
pass
elif self.input_list[1] == "file":
try:
self.file = self.input_list[2]
except IndexError:
try:
self.file = raw_input(
"[+] Enter the path to the file: ")
except KeyboardInterrupt:
pass
elif self.input_list[1] == "arpmode":
try:
self.arpmode = self.input_list[2]
except IndexError:
try:
self.arpmode = raw_input(
"[+] Enter the arpmode: ")
except KeyboardInterrupt:
pass
elif self.input_list[1] == "filter":
try:
self.filter = self.input_list[2]
except IndexError:
try:
self.filter = raw_input(
"[+] Enter the sniffer filter: ")
except KeyboardInterrupt:
pass
else:
print "[!] Select a valid variable to set."
elif self.input_list[0] == "print":
if self.input_list[1] == "interface":
print "[+] Network Interface: {}".format(
self.interface)
elif self.input_list[1] == "port":
print "[+] Default port: {}".format(self.port)
elif self.input_list[1] == "domain":
print "[+] Domain: {}".format(self.domain)
elif self.input_list[1] == "redirect":
print "[+] Redirecting to: {}".format(
self.redirect)
elif self.input_list[1] == "script":
print "[+] Script url/path: {}".format(self.script)
elif self.input_list[1] == "gateway":
print "[+] Gateway IP Address: {}".format(
self.gateway)
elif self.input_list[1] == "target":
print "[+] Target(s): {}".format(self.targets)
elif self.input_list[1] == "file":
print "[+] File path: {}".format(self.file)
elif self.input_list[1] == "arpmode":
print "[+] ARP spoofing mode: {}".format(
self.arpmode)
else:
print "[-] Select a valid variable name."
elif self.input_list[0] == "scan":
try:
mode = self.input_list[1]
if self.targets is not None and self.interface is not None:
from modules.scanner import Scanner
self.scan = Scanner(self.targets,
self.interface, mode)
self.scan.start()
else:
print "[!] You probably forgot to set the interface or a valid IP address/range."
except IndexError:
try:
print "[*] Select one scan mode, options = tcp/arp/manual"
mode = raw_input("[+] Scan mode: ")
except KeyboardInterrupt:
pass
if self.targets is not None and self.interface is not None:
from modules.scanner import Scanner
self.scan = Scanner(self.targets,
self.interface, mode)
self.scan.start()
else:
print "[!] You probably forgot to set the interface or a valid IP address/range."
pass
except KeyboardInterrupt:
pass
except Exception as e:
print "[!] Exception caught: {}".format(e)
pass
elif self.input_list[0] == "arpspoof":
try:
if self.input_list[1] == "start":
from modules.arpoisoner import ARPspoof
myip = get_myip(self.interface)
mymac = get_mymac(self.interface)
self.arpspoof_status = True
self.spoof = ARPspoof(self.gateway,
self.targets,
self.interface,
self.arpmode, myip,
mymac)
self.spoof.start()
print "[+] ARP spoofing initialized."
elif self.input_list[1] == "stop":
self.spoof.stop()
self.arpspoof_status = False
print "[+] ARP spoofing finalized."
elif self.input_list[1] == "status":
if self.arpspoof_status:
stat = "running"
else:
stat = "down"
print "[*] ARP spoofing status: {}".format(
stat)
else:
print "[!] Select a valid option, call help to check syntax."
except TypeError:
print "[!] You probably forgot to set interface or gateway."
except IndexError:
print "[!] You probably forgot to type start or stop after arpspoof."
except AttributeError:
pass
except Exception as e:
print "[!] Exception caught: {}".format(e)
elif self.input_list[0] == "dnsspoof":
try:
if self.input_list[1] == "start":
if not self.arpspoof_status:
print "[!] You probably forgot to start an ARP spoofing."
continue
if self.domain != None:
domain = self.domain
else:
try:
domain = raw_input(
"[!] Type all to spoof all domains\n[+] Domain to be spoofed: "
)
self.domain = domain
except KeyboardInterrupt:
pass
if self.redirect != None:
redirect = self.redirect
else:
myip = get_myip(self.interface)
opt = raw_input(
"[+] Default address to redirect is:{} do you want to change?[y/n]"
.format(myip))
if opt == "y" or opt == "Y" or opt == "yes" or opt == "YES":
try:
redirect = raw_input(
"[+] IP address to be redirected: "
)
except KeyboardInterrupt:
pass
else:
redirect = myip
from modules.dnspoisoner import DNSspoof
self.dnsspoof = DNSspoof(redirect)
self.dnsspoof.start(domain, None)
print "[+] DNS spoofing initialized"
self.dnsspoof_status = True
elif self.input_list[1] == "stop":
self.dnsspoof.stop()
print "[+] DNS spoofing finalized"
elif self.input_list[1] == "status":
if self.dnsspoof_status:
stat = "running"
else:
stat = "down"
print "[*] DNS spoofing status: {}".format(
stat)
else:
print "[!] Select a valid option, call help to check syntax."
except IndexError:
print "[!] You probably forgot to type start or stop after dnsspoof."
except Exception as e:
print "[!] Exception caught: {}".format(e)
elif self.input_list[0] == "inject":
try:
if self.input_list[1] == "start":
myip = get_myip(self.interface)
try:
from modules.inject import Inject
self.inject = Inject(
myip, self.port, self.script)
self.inject_status = True
self.inject.server()
except AttributeError:
print "\n[!] Select a valid script source path or url."
except Exception as e:
print "[!] Exception caught: {}".format(e)
elif self.input_list[1] == "stop":
try:
self.inject.stop()
self.inject_status = False
except Exception as e:
print "[!] Exception caught: {}".format(e)
elif self.input_list[1] == "status":
if self.inject_status:
stat = "running"
else:
stat = "down"
print "[*] Script injection status: {}".format(
stat)
else:
print "[!] You need to specify start, stop or status after the inject module call."
except IndexError:
print "[!] You probably forgot to start or stop the inject module."
except TypeError:
print "[!] You probably forgot to start an arpspoof attack ."
except Exception as e:
print "[!] Exception caught: {}".format(e)
elif self.input_list[0] == "dos":
from modules.jammer import Jam
self.dos = Jam()
try:
if self.input_list[1] == "mitmdrop":
if self.arpspoof_status:
try:
myip = get_myip(self.interface)
self.dos.mitmdropstart(myip)
self.mitmdrop_status = 1
except Exception as e:
print "[!] Exception caught: {}".format(
e)
else:
print "[!] You need to start a arpspoof on a target (IP/Range) to start mitmdrop."
elif self.input_list[1] == "stop":
if self.mitmdrop_status == 1:
self.dos.mitmdropstop()
else:
print "[!] You need to start a DoS attack before call stop."
else:
print "[!] Select a valid option, type help to check syntax."
except IndexError:
print "[!] You probably forgot to specify the type of DoS to use."
elif self.input_list[0] == "sniff":
from modules.sniffer import Sniffer
try:
hasfilter = self.input_list[1]
self.filter = " ".join(self.input_list[1:])
if self.filter == "http":
self.filter = "port 80"
elif self.filter == "dns":
self.filter = "port 53"
self.sniff = Sniffer(self.interface, self.filter)
self.sniff.start()
except IndexError:
try:
self.filter = raw_input(
"[+] Enter the filter: ")
if self.filter == "http":
self.filter = "port 80"
elif self.filter == "dns":
self.filter = "port 53"
if not self.filter:
self.filter = None
self.sniff = Sniffer(self.interface,
self.filter)
self.sniff.start()
except KeyboardInterrupt:
pass
elif self.command == "pforensic":
try:
completer = None
completer = Completer("pforensic")
from modules.pforensic import PcapReader
self.pcapread = PcapReader(self.file)
self.pcapread.start()
except KeyboardInterrupt:
pass
except TypeError:
print "[!] You probably forgot to set the .pcap file"
pass
except Exception as e:
print "[!] Exception caught: {}".format(e)
pass
elif self.input_list[0] == "xploit":
try:
from modules.exploit import Exploit
if self.targets is not None and self.input_list[
1] == "tcp":
self.xploit = Exploit(self.targets,
self.input_list[1])
self.xploit.start()
elif self.file is not None and self.input_list[
1] == "stdin":
self.xploit = Exploit(self.file,
self.input_list[1])
self.xploit.start()
else:
print "[!] You need to set or stdin or tcp as argument."
print "[!] You need to set or a file or a target to xploit."
except IndexError:
try:
print "[*] Select one xploit mode, options = stdin/tcp"
mode = raw_input("[+] Exploit mode: ")
if mode == "stdin" or mode == "tcp":
from modules.exploit import Exploit
if self.targets is not None:
self.xploit = Exploit(
self.targets, mode)
self.xploit.start()
elif self.file is not None:
self.xploit = Exploit(self.file, mode)
self.xploit.start()
else:
print "[!] You need to set or a file or a target to xploit."
else:
print "[!] Select a valid xploit mode, stdin or tcp"
except KeyboardInterrupt:
pass
except TypeError:
print "[!] You probably forgot to set the file"
pass
except KeyboardInterrupt:
pass
except Exception as e:
print "[!] Exception caught: {}".format(e)
pass
elif self.command == "cookiedecode":
try:
cookiedecode()
except KeyboardInterrupt:
pass
except Exception as e:
print "[!] Exception caught: {}".format(e)
pass
elif self.input_list[0] == "decode":
try:
print decode(self.input_list[1])
except KeyboardInterrupt:
pass
elif self.input_list[0] == "encode":
try:
print encode(self.input_list[1])
except KeyboardInterrupt:
pass
elif self.input_list[0] == "geoip":
try:
self.targets = self.input_list[1]
from modules.geoip import Geoip
path = "config/GeoLiteCity.dat"
iptracker = Geoip(self.targets, path)
except IndexError:
if self.targets is not None:
from modules.geoip import Geoip
path = "config/GeoLiteCity.dat"
iptracker = Geoip(self.targets, path)
else:
print "[!] You probably forgot to set a target"
except Exception as e:
print "[!] Exception caught: {}".format(e)
pass
elif self.input_list[0] == "brute":
if self.input_list[1] == "ssh":
try:
username = raw_input(
"[+] Enter the username to bruteforce: ")
from modules.ssh_bruter import SSHbrutus
brutus = SSHbrutus(self.targets, username,
self.file)
brutus.start()
except KeyboardInterrupt:
brutus.stop()
pass
except TypeError:
print "[!] You probably forgot to set the wordlist file path."
pass
elif self.input_list[1] == "url":
try:
url = 'url'
from modules.web_bruter import WEBbrutus
brutus = WEBbrutus(self.targets, self.file)
brutus.start(url)
except KeyboardInterrupt:
brutus.stop(url)
pass
except TypeError:
print "[!] You probably forgot to set the wordlist file path."
pass
elif self.input_list[1] == "form":
try:
form = 'form'
from modules.web_bruter import WEBbrutus
brutus = WEBbrutus(self.targets, self.file)
brutus.start(form)
except KeyboardInterrupt:
brutus.stop(form)
pass
except TypeError:
print "[!] You probably forgot to set the wordlist file path."
pass
else:
print "[!] Select a valid type of brute-force type help to check."
else:
try:
os.system("{}".format(self.command))
pass
except Exception as e:
print "[!] Select a valid option, type help to check syntax."
pass
except IndexError:
pass
except Exception as e:
print "Exception caught: {}".format(e)
except KeyboardInterrupt:
print "\n[*] User requested shutdown."
exit()
