- Fixed a bug when ARP spoofing via arp replies

- Amended license
2025-07-15 01:23:54 -07:00 · 2015-03-15 20:22:31 +01:00 · 2015-03-15 20:22:31 +01:00 · 873112c8e7
commit 873112c8e7
parent b5304701a4
14 changed files with 107 additions and 21 deletions
--- a/README.md
+++ b/README.md
@ -54,9 +54,9 @@ Changelog

 - FilePwn plugin re-written to backdoor executables and zip files on the fly by using [the-backdoor-factory](https://github.com/secretsquirrel/the-backdoor-factory) and code from [BDFProxy](https://github.com/secretsquirrel/BDFProxy)

- Added msfrpc.py for interfacing with Metasploits rpc server
+- Added [msfrpc.py](https://github.com/byt3bl33d3r/msfrpc/blob/master/python-msfrpc/msfrpc.py) for interfacing with Metasploits rpc server

- Added beefapi.py for interfacing with BeEF's RESTfulAPI
+- Added [beefapi.py](https://github.com/byt3bl33d3r/beefapi) for interfacing with BeEF's RESTfulAPI

 - Addition of the app-cache poisoning attack by [Krzysztof Kotowicz](https://github.com/koto/sslstrip) (blogpost explaining the attack here http://blog.kotowicz.net/2010/12/squid-imposter-phishing-websites.html)

--- a/libs/banners.py
+++ b/libs/banners.py
@ -1,6 +1,24 @@
 #! /usr/bin/env python2.7
 # -*- coding: utf-8 -*-

+# Copyright (c) 2014-2016 Marcello Salvati
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License as
+# published by the Free Software Foundation; either version 3 of the
+# License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
+# USA
+#
+
 import random

 banner1 = """                                                    
--- a/libs/beefapi.py
+++ b/libs/beefapi.py
@ -1,4 +1,23 @@
 #!/usr/bin/env python2.7
+
+# Copyright (c) 2014-2016 Marcello Salvati
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License as
+# published by the Free Software Foundation; either version 3 of the
+# License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
+# USA
+#
+
 import requests
 import json
 from random import sample
--- a/libs/msfrpc.py
+++ b/libs/msfrpc.py
@ -1,11 +1,24 @@
 #! /usr/bin/env python2.7
-# MSF-RPC - A  Python library to facilitate MSG-RPC communication with Metasploit
-# Ryan Linn  - RLinn@trustwave.com, Marcello Salvati - byt3bl33d3r@gmail.com
-# Copyright (C) 2011 Trustwave
-# This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
-# This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
-# You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>.

+# MSF-RPC - A  Python library to facilitate MSG-RPC communication with Metasploit
+
+# Copyright (c) 2014-2016 Ryan Linn  - RLinn@trustwave.com, Marcello Salvati - byt3bl33d3r@gmail.com
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License as
+# published by the Free Software Foundation; either version 3 of the
+# License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
+# USA
+#

 import requests
 import msgpack
--- a/libs/sslstrip/ClientRequest.py
+++ b/libs/sslstrip/ClientRequest.py
@ -1,4 +1,4 @@
-# Copyright (c) 2004-2009 Moxie Marlinspike
+# Copyright (c) 2014-2016 Moxie Marlinspike, Marcello Salvati
 #
 # This program is free software; you can redistribute it and/or
 # modify it under the terms of the GNU General Public License as
--- a/libs/sslstrip/CookieCleaner.py
+++ b/libs/sslstrip/CookieCleaner.py
@ -1,4 +1,4 @@
-# Copyright (c) 2004-2011 Moxie Marlinspike
+# Copyright (c) 2014-2016 Moxie Marlinspike, Marcello Salvati
 #
 # This program is free software; you can redistribute it and/or
 # modify it under the terms of the GNU General Public License as
--- a/libs/sslstrip/DnsCache.py
+++ b/libs/sslstrip/DnsCache.py
@ -1,3 +1,21 @@
+# Copyright (c) 2014-2016 Moxie Marlinspike, Marcello Salvati
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License as
+# published by the Free Software Foundation; either version 3 of the
+# License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
+# USA
+#
+
 import logging

 class DnsCache:    
--- a/libs/sslstrip/SSLServerConnection.py
+++ b/libs/sslstrip/SSLServerConnection.py
@ -1,4 +1,4 @@
-# Copyright (c) 2004-2009 Moxie Marlinspike
+# Copyright (c) 2014-2016 Moxie Marlinspike, Marcello Salvati
 #
 # This program is free software; you can redistribute it and/or
 # modify it under the terms of the GNU General Public License as
--- a/libs/sslstrip/ServerConnection.py
+++ b/libs/sslstrip/ServerConnection.py
@ -1,4 +1,4 @@
-# Copyright (c) 2004-2009 Moxie Marlinspike
+# Copyright (c) 2014-2016 Moxie Marlinspike, Marcello Salvati
 #
 # This program is free software; you can redistribute it and/or
 # modify it under the terms of the GNU General Public License as
--- a/libs/sslstrip/ServerConnectionFactory.py
+++ b/libs/sslstrip/ServerConnectionFactory.py
@ -1,4 +1,4 @@
-# Copyright (c) 2004-2009 Moxie Marlinspike
+# Copyright (c) 2014-2016 Moxie Marlinspike, Marcello Salvati
 #
 # This program is free software; you can redistribute it and/or
 # modify it under the terms of the GNU General Public License as
--- a/libs/sslstrip/StrippingProxy.py
+++ b/libs/sslstrip/StrippingProxy.py
@ -1,4 +1,4 @@
-# Copyright (c) 2004-2009 Moxie Marlinspike
+# Copyright (c) 2014-2016 Moxie Marlinspike, Marcello Salvati
 #
 # This program is free software; you can redistribute it and/or
 # modify it under the terms of the GNU General Public License as
--- a/libs/sslstrip/URLMonitor.py
+++ b/libs/sslstrip/URLMonitor.py
@ -1,4 +1,4 @@
-# Copyright (c) 2004-2009 Moxie Marlinspike
+# Copyright (c) 2014-2016 Moxie Marlinspike, Marcello Salvati
 #
 # This program is free software; you can redistribute it and/or
 # modify it under the terms of the GNU General Public License as
@ -78,7 +78,7 @@ class URLMonitor:
        method      = url[0:methodIndex]

        pathIndex   = url.find("/", methodIndex)
-        if (pathIndex == -1):
+        if pathIndex is -1:
            pathIndex = len(url)
            url += "/"

--- a/mitmf.py
+++ b/mitmf.py
@ -1,5 +1,23 @@
 #!/usr/bin/env python2.7

+# Copyright (c) 2014-2016 Moxie Marlinspike, Marcello Salvati
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License as
+# published by the Free Software Foundation; either version 3 of the
+# License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
+# USA
+#
+
 from twisted.web import http
 from twisted.internet import reactor

@ -152,7 +170,7 @@ for p in plugins:
            p.initialize(args)
            load.append(p)
    except Exception, e:
-        print "[-] Error loading plugin: " + str(e) 
+        print "[-] Error loading plugin %s: %s" % (p.name, str(e)) 

 #Plugins are ready to go, start MITMf
 if args.disproxy:
--- a/plugins/Spoof.py
+++ b/plugins/Spoof.py
@ -117,7 +117,7 @@ class Spoof(Plugin):
 		options.add_argument('--shellshock', type=str, metavar='PAYLOAD', dest='shellshock', default=None, help='Trigger the Shellshock vuln when spoofing DHCP, and execute specified command')
 		options.add_argument('--gateway', dest='gateway', help='Specify the gateway IP')
 		options.add_argument('--target', dest='target', default=None, help='Specify a host to poison [default: subnet]')
-		options.add_argument('--arpmode', dest='arpmode', default='req', choices=["req", "rep"], help=' ARP Spoofing mode: requests (req) or replies (rep) [default: req]')
+		options.add_argument('--arpmode',type=str, dest='arpmode', default='req', choices=["req", "rep"], help=' ARP Spoofing mode: requests (req) or replies (rep) [default: req]')
 		#options.add_argument('--summary', action='store_true', dest='summary', default=False, help='Show packet summary and ask for confirmation before poisoning')

 		#added by alexander.georgiev@daloo.de
@ -314,7 +314,7 @@ class _ARP():
 		self.arpmode    = 'req'
 		self.debug      = False
 		self.send       = True
-		self.arp_inter  = 2
+		self.arp_inter  = 3

 	def start(self):
 		if self.gatewaymac is None:
@ -325,10 +325,10 @@ class _ARP():
 			if self.targetmac is None:
 				sys.exit("[-] Error: Could not resolve target's MAC address")

-		if self.arpmode is 'req':
+		if self.arpmode == 'req':
 			pkt = self.build_arp_req()
 		
-		elif self.arpmode is 'rep':
+		elif self.arpmode == 'rep':
 			pkt = self.build_arp_rep()

 		t = threading.Thread(name='arp_spoof', target=self.send_arps, args=(pkt, self.interface, self.debug,))