def test_SSLStrip_Proxy(self): favicon = True preserve_cache = True killsessions = True listen_port = 10000 from twisted.web import http from twisted.internet import reactor from core.sslstrip.CookieCleaner import CookieCleaner from core.proxyplugins import ProxyPlugins from core.sslstrip.StrippingProxy import StrippingProxy from core.sslstrip.URLMonitor import URLMonitor URLMonitor.getInstance().setFaviconSpoofing(favicon) URLMonitor.getInstance().setCaching(preserve_cache) CookieCleaner.getInstance().setEnabled(killsessions) strippingFactory = http.HTTPFactory(timeout=10) strippingFactory.protocol = StrippingProxy reactor.listenTCP(listen_port, strippingFactory) #ProxyPlugins().all_plugins = plugins t = threading.Thread(name='sslstrip_test', target=reactor.run) t.setDaemon(True) t.start()
def initialize(self, options): self.options = options self.manualiptables = options.manualiptables if not options.manualiptables: if IpTables.getInstance().dns is False: IpTables.getInstance().DNS(self.config['MITMf']['DNS']['port']) URLMonitor.getInstance().setHstsBypass() DNSChef.getInstance().setHstsBypass()
def initialize(self, options): self.options = options self.manualiptables = options.manualiptables ip_address = SystemConfig.getIP(options.interface) if not options.manualiptables: if IpTables.getInstance().dns is False: IpTables.getInstance().DNS(ip_address, self.config['MITMf']['DNS']['port']) URLMonitor.getInstance().setHstsBypass() DNSChef.getInstance().setHstsBypass()
def initialize(self, options): self.options = options from core.sslstrip.URLMonitor import URLMonitor from core.servers.DNS import DNSChef from core.utils import iptables if iptables().dns is False: iptables().DNS(self.config['MITMf']['DNS']['port']) URLMonitor.getInstance().setHstsBypass() DNSChef().setHstsBypass()
def initialize(self, options): self.options = options self.mass_poisoned_browsers = [] from core.sslstrip.URLMonitor import URLMonitor self.urlMonitor = URLMonitor.getInstance() self.urlMonitor.setAppCachePoisoning()
def initialize(self, options): self.options = options self.mass_poisoned_browsers = [] self.urlMonitor = URLMonitor.getInstance() self.urlMonitor.setAppCachePoisoning() try: self.config = options.configfile['AppCachePoison'] except Exception, e: sys.exit("[-] Error parsing config file for AppCachePoison: " + str(e))
class HSTSbypass(Plugin): name = 'SSLstrip+' optname = 'hsts' desc = 'Enables SSLstrip+ for partial HSTS bypass' version = "0.4" tree_output = ["SSLstrip+ by Leonardo Nve running"] has_opts = False def initialize(self, options): self.options = options self.manualiptables = options.manualiptables try: hstsconfig = options.configfile['SSLstrip+'] except Exception, e: sys.exit("[-] Error parsing config for SSLstrip+: " + str(e)) if not options.manualiptables: if IpTables.getInstance().dns is False: IpTables.getInstance().DNS(options.ip_address, options.configfile['MITMf']['DNS']['port']) URLMonitor.getInstance().setHstsBypass(hstsconfig) DNSChef.getInstance().setHstsBypass(hstsconfig)
def initialize(self, options): self.options = options self.mass_poisoned_browsers = [] self.urlMonitor = URLMonitor.getInstance() self.urlMonitor.setAppCachePoisoning()
for line in xrange(0, len(p.tree_info)): print "| |_ {}".format(p.tree_info.pop()) p.initialize(args) if p.tree_info: for line in xrange(0, len(p.tree_info)): print "| |_ {}".format(p.tree_info.pop()) ProxyPlugins.getInstance().addPlugin(p) #Plugins are ready to go, let's rock & roll from core.sslstrip.StrippingProxy import StrippingProxy from core.sslstrip.URLMonitor import URLMonitor URLMonitor.getInstance().setFaviconSpoofing(args.favicon) CookieCleaner.getInstance().setEnabled(args.killsessions) strippingFactory = http.HTTPFactory(timeout=10) strippingFactory.protocol = StrippingProxy reactor.listenTCP(args.listen, strippingFactory) for p in ProxyPlugins.getInstance().plist: p.pluginReactor( strippingFactory ) #we pass the default strippingFactory, so the plugins can use it p.startConfigWatch() if hasattr(p, 'startThread'):
for line in p.tree_output: print "| |_ %s" % line except Exception, e: print "[-] Error loading plugin %s: %s" % (p.name, str(e)) #Plugins are ready to go, start MITMf if args.disproxy: ProxyPlugins.getInstance().setPlugins(load) else: from core.sslstrip.StrippingProxy import StrippingProxy from core.sslstrip.URLMonitor import URLMonitor from libs.dnschef.dnschef import DNSChef URLMonitor.getInstance().setFaviconSpoofing(args.favicon) URLMonitor.getInstance().setResolver(args.configfile['MITMf']['DNS']['resolver']) URLMonitor.getInstance().setResolverPort(args.configfile['MITMf']['DNS']['port']) DNSChef.getInstance().setCoreVars(args.configfile['MITMf']['DNS']) if args.configfile['MITMf']['DNS']['tcp'].lower() == 'on': DNSChef.getInstance().startTCP() else: DNSChef.getInstance().startUDP() CookieCleaner.getInstance().setEnabled(args.killsessions) ProxyPlugins.getInstance().setPlugins(load) strippingFactory = http.HTTPFactory(timeout=10) strippingFactory.protocol = StrippingProxy
from core.packetfilter import PacketFilter pfilter = PacketFilter(options.filter) print "|_ PacketFilter online" print " |_ Applying filter {} to incoming packets".format(options.filter) try: pfilter.start() except KeyboardInterrupt: pfilter.stop() shutdown() else: from core.sslstrip.CookieCleaner import CookieCleaner from core.sslstrip.StrippingProxy import StrippingProxy from core.sslstrip.URLMonitor import URLMonitor URLMonitor.getInstance().setFaviconSpoofing(options.favicon) URLMonitor.getInstance().setCaching(options.preserve_cache) CookieCleaner.getInstance().setEnabled(options.killsessions) strippingFactory = http.HTTPFactory(timeout=10) strippingFactory.protocol = StrippingProxy reactor.listenTCP(options.listen_port, strippingFactory) for plugin in plugins: if vars(options)[plugin.optname] is True: plugin.reactor(strippingFactory) print "|_ Sergio-Proxy v0.2.1 online" print "|_ SSLstrip v0.9 by Moxie Marlinspike online"
for line in xrange(0, len(p.tree_info)): print "| |_ {}".format(p.tree_info.pop()) p.initialize(args) if p.tree_info: for line in xrange(0, len(p.tree_info)): print "| |_ {}".format(p.tree_info.pop()) ProxyPlugins.getInstance().addPlugin(p) #Plugins are ready to go, let's rock & roll from core.sslstrip.StrippingProxy import StrippingProxy from core.sslstrip.URLMonitor import URLMonitor URLMonitor.getInstance().setFaviconSpoofing(args.favicon) CookieCleaner.getInstance().setEnabled(args.killsessions) strippingFactory = http.HTTPFactory(timeout=10) strippingFactory.protocol = StrippingProxy reactor.listenTCP(args.listen, strippingFactory) for p in ProxyPlugins.getInstance().plist: p.pluginReactor(strippingFactory) #we pass the default strippingFactory, so the plugins can use it p.startConfigWatch() t = threading.Thread(name='{}-thread'.format(p.name), target=p.startThread, args=(args,)) t.setDaemon(True) t.start()
pfilter = PacketFilter(options.filter) print "|_ PacketFilter online" for filter in options.filter: print " |_ Applying filter {} to incoming packets".format(filter) try: pfilter.start() except KeyboardInterrupt: pfilter.stop() shutdown() else: from core.sslstrip.CookieCleaner import CookieCleaner from core.sslstrip.StrippingProxy import StrippingProxy from core.sslstrip.URLMonitor import URLMonitor URLMonitor.getInstance().setFaviconSpoofing(options.favicon) URLMonitor.getInstance().setCaching(options.preserve_cache) CookieCleaner.getInstance().setEnabled(options.killsessions) strippingFactory = http.HTTPFactory(timeout=10) strippingFactory.protocol = StrippingProxy reactor.listenTCP(options.listen_port, strippingFactory) for plugin in plugins: if vars(options)[plugin.optname] is True: plugin.reactor(strippingFactory) print "|_ Sergio-Proxy v0.2.1 online" print "|_ SSLstrip v0.9 by Moxie Marlinspike online"