updated Readme, added finish() to SJ plugin

README.md

@@ -1,4 +1,4 @@
-MITMf V0.7
+MITMf V0.8
 ==========
 
 Framework for Man-In-The-Middle attacks
@@ -12,6 +12,7 @@ Availible plugins:
 - BeEFAutorun - Autoruns BeEF modules based on clients OS or browser type
 - AppCachePoison - Perform app cache poison attacks 
 - AirPwn - Monitor traffic on an 802.11 network and respond with arbitrary content as configured
+- SessionHijacking - Performs sessions hijacking attacks, and stores cookies in a firefox profile
 - BrowserProfiler - Attempts to enumerate all browser plugins of connected clients
 - CacheKill - Kills page caching by modifying headers
 - FilePwn - Backdoor executables being sent over http using bdfactory
@@ -28,6 +29,8 @@ So far the most significant changes have been:
 
 - Addition of the AirPwn plugin (Python port of the original project), which also supports the DNSpwn attack
 
+- Addition of the SessionHijacking plugin, which uses code from FireLamb (https://github.com/sensepost/mana/tree/master/firelamb) to store cookies in a Firefox profile 
+
 - Spoof plugin now supports ICMP, ARP and DHCP spoofing along with DNS tampering
   (DNS tampering code was stolen from https://github.com/DanMcInerney/dnsspoof/)
 

mitmf.py

@@ -13,7 +13,7 @@ import argparse
 from plugins import *
 plugin_classes = plugin.Plugin.__subclasses__()
 
-mitmf_version = "0.7"
+mitmf_version = "0.8"
 sslstrip_version = "0.9"
 sergio_version = "0.2.1"
 

plugins/SessionHijacker.py

@@ -1,8 +1,6 @@
-#Almost all of the Firefox related code was stolen from Glenn's Firelamb.
+#Almost all of the Firefox related code was stolen from Firelamb https://github.com/sensepost/mana/tree/master/firelamb
-#glenn@sensepost.com
  
 from plugins.plugin import Plugin
-from sslstrip.URLMonitor import URLMonitor
 from libs.publicsuffix import PublicSuffixList
 from urlparse import urlparse
 import os
@@ -10,7 +8,7 @@ import sys
 import time
 import logging
 import sqlite3
-import threading
+#import threading
 
 class SessionHijacker(Plugin):
 	name = "Session Hijacker"
@@ -22,8 +20,6 @@ class SessionHijacker(Plugin):
 	def initialize(self, options):
 		'''Called if plugin is enabled, passed the options namespace'''
 		self.options = options
-		self.log_clients = options.clients
-		self.urlMonitor = URLMonitor.getInstance()
 		self.psl = PublicSuffixList()
 		self.firefox = options.firefox
 		self.save_dir = "./logs"
@@ -122,3 +118,6 @@ class SessionHijacker(Plugin):
 
 	def add_options(self, options):
 		options.add_argument('--firefox', dest='firefox', action='store_true', default=False, help='Create a firefox profile with captured cookies')
+
+	def finish(self):
+		print "[*] To load a session run: 'firefox -profile <client-ip> logs/<client-ip>'"

sslstrip/ServerConnection.py

@@ -54,7 +54,7 @@ class ServerConnection(HTTPClient):
 
     def sendRequest(self):
         if self.command == 'GET':
-            logging.info("%s Sending Request: %s %s"  % (self.client.getClientIP(), self.command, self.headers['host']))
+            logging.info("%s Sending Request: %s"  % (self.client.getClientIP(), self.headers['host']))
         self.plugins.hook()
         self.sendCommand(self.command, self.uri)