AppCachePoison is now a plugin and cleaned dir tree

config_files/app_cache_poison.cfg

@@ -4,10 +4,10 @@
 ; generic settings for tampering engine
 
 enabled=True
-tamper_class=app_cache_poison.AppCachePoison
+tamper_class=libs.AppCachePoisonClass
 ;all settings below are specific for AppCachePoison
 
-templates_path=app_cache_poison/templates
+templates_path=config_files/app_cache_poison_templates
 ;enable_only_in_useragents=Chrome|Firefox
 
 ; when visiting first url matching following expression we will embed iframes with all tamper URLs

libs/AppCachePoisonClass.py

@@ -1,26 +1,8 @@
-# Copyright (c) 2004-2009 Moxie Marlinspike, Krzysztof Kotowicz
-#
-# This program is free software; you can redistribute it and/or
-# modify it under the terms of the GNU General Public License as
-# published by the Free Software Foundation; either version 3 of the
-# License, or (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful, but
-# WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-# General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
-# USA
-#
-
 import logging, re, os.path, time
 from datetime import date
 from sslstrip.DummyResponseTamperer import DummyResponseTamperer
 
-class AppCachePoison(DummyResponseTamperer):
+class AppCachePoisonClass(DummyResponseTamperer):
 
     '''
     AppCachePosion performs HTML5 AppCache poisioning attack - see http://blog.kotowicz.net/2010/12/squid-imposter-phishing-websites.html

mitmf.py

@@ -5,7 +5,6 @@ from twisted.internet import reactor
 
 from sslstrip.StrippingProxy import StrippingProxy
 from sslstrip.URLMonitor import URLMonitor
-from sslstrip.ResponseTampererFactory import ResponseTampererFactory
 from sslstrip.CookieCleaner import CookieCleaner
 from sslstrip.ProxyPlugins import ProxyPlugins
 
@@ -25,17 +24,15 @@ if __name__ == "__main__":
     parser = argparse.ArgumentParser(description="MITMf v%s - Framework for MITM attacks" % mitmf_version,epilog="Use wisely, young Padawan.",fromfile_prefix_chars='@')
     #add sslstrip options
     sgroup = parser.add_argument_group("sslstrip","Options for sslstrip library")
-    sgroup.add_argument("-w","--write",type=argparse.FileType('w'),metavar="filename", default=sys.stdout,help="Specify file to log to (stdout by default).")
+    sgroup.add_argument("-w", "--write", type=argparse.FileType('w'), metavar="filename", default=sys.stdout, help="Specify file to log to (stdout by default).")
-    sgroup.add_argument("--log-level",type=str,choices=['debug','info'],default="info",help="Specify a log level [default: info]")
+    sgroup.add_argument("--log-level", type=str,choices=['debug','info'], default="info", help="Specify a log level [default: info]")
     slogopts = sgroup.add_mutually_exclusive_group()   
-    slogopts.add_argument("-p","--post",action="store_true",help="Log only SSL POSTs. (default)")
+    slogopts.add_argument("-p", "--post", action="store_true",help="Log only SSL POSTs. (default)")
-    slogopts.add_argument("-s","--ssl",action="store_true",help="Log all SSL traffic to and from server.")
+    slogopts.add_argument("-s", "--ssl", action="store_true", help="Log all SSL traffic to and from server.")
-    slogopts.add_argument("-a","--all",action="store_true",help="Log all SSL and HTTP traffic to and from server.")
+    slogopts.add_argument("-a", "--all", action="store_true", help="Log all SSL and HTTP traffic to and from server.")
-    sgroup.add_argument("-l","--listen",type=int,metavar="port",default=10000,help="Port to listen on (default 10000)")
+    sgroup.add_argument("-l", "--listen", type=int, metavar="port", default=10000, help="Port to listen on (default 10000)")
-    sgroup.add_argument("-f","--favicon",action="store_true",help="Substitute a lock favicon on secure requests.")
+    sgroup.add_argument("-f", "--favicon", action="store_true", help="Substitute a lock favicon on secure requests.")
-    sgroup.add_argument("-k","--killsessions",action="store_true",help="Kill sessions in progress.")
+    sgroup.add_argument("-k", "--killsessions", action="store_true", help="Kill sessions in progress.")
-    tgroup = parser.add_argument_group("Options for app-cache poisoning")
-    tgroup.add_argument("-t", "--tamper",type=argparse.FileType('r'),help="Config file for app-cache poisoning")
 
     #Initialize plugins
     plugins = []
@@ -77,10 +74,9 @@ if __name__ == "__main__":
     except NotImplementedError:
         print "Plugin %s lacked initialize function." % p.name
 
-    #Plugins are ready to go, start MITM
+    #Plugins are ready to go, start MITMf
     URLMonitor.getInstance().setFaviconSpoofing(args.favicon)
     CookieCleaner.getInstance().setEnabled(args.killsessions)
-    ResponseTampererFactory.buildTamperer(args.tamper)
     ProxyPlugins.getInstance().setPlugins(load)
 
     strippingFactory              = http.HTTPFactory(timeout=10)

plugins/AppCachePoison.py

@@ -0,0 +1,21 @@
+from plugins.plugin import Plugin
+from sslstrip.ResponseTampererFactory import ResponseTampererFactory
+
+class AppCachePlugin(Plugin):
+    name = "App Cache Poison"
+    optname = "app"
+    desc = "Performs App Cache Poisoning attacks"
+    has_opts = True
+    def initialize(self,options):
+        '''Called if plugin is enabled, passed the options namespace'''
+        self.options = options
+        self.config_file = options.tampercfg
+
+        if self.config_file == None:
+            self.config_file = "./config_files/app_cache_poison.cfg"
+
+        print "[*] App Cache Poison plugin online"
+        ResponseTampererFactory.buildTamperer(self.config_file)
+
+    def add_options(self, options):
+        options.add_argument("--tampercfg", type=file, help="Specify a config file")

plugins/FilePwn.py

@@ -45,7 +45,7 @@ class FilePwn(Plugin):
         #NOT USED NOW
         #self.supportedBins = ('MZ', '7f454c46'.decode('hex'))
         
-        self.userConfig = ConfigObj('filepwn.cfg')
+        self.userConfig = ConfigObj('./config_files/filepwn.cfg')
         self.FileSizeMax = self.userConfig['targets']['ALL']['FileSizeMax']
         self.WindowsIntelx86 = self.userConfig['targets']['ALL']['WindowsIntelx86']
         self.WindowsIntelx64 = self.userConfig['targets']['ALL']['WindowsIntelx64']

plugins/JavaPwn.py

@@ -1,12 +1,12 @@
 from plugins.plugin import Plugin
 from plugins.BrowserProfiler import BrowserProfiler
 from time import sleep
+import libs.msfrpc
 import string
 import random
 import threading
 import logging
 import sys, os
-import msfrpc
 
 class JavaPwn(BrowserProfiler, Plugin):
     name = "JavaPwn"