mirror of
https://github.com/byt3bl33d3r/MITMf.git
synced 2025-07-10 15:23:41 -07:00
This is 1/2 of the work done... lot's of cool stuff!
I've re-written a decent amount of the framework to support dynamic config file updates, revamped the ARP Spoofing 'engine' and changed the way MITMf integrates Responder and Netcreds. - Net-creds is now started by default and no longer a plugin.. It's all about getting those creds after all. - Integrated the Subterfuge Framework's ARPWatch script, it will enable itself when spoofing the whole subnet (also squashed bugs in the original ARP spoofing code) - The spoof plugin now supports specifying a range of targets (e.g. --target 10.10.10.1-15) and multiple targets (e.g. --target 10.10.10.1,10.10.10.2) - An SMB Server is now started by default, MITMf now uses Impacket's SMBserver as supposed to the one built into Responder, mainly for 2 reasons: 1) Impacket is moving towards SMB2 support and is actively developed 2) Impacket's SMB server is fully functional as supposed to Responder's (will be adding a section for it in the config file) 3) Responder's SMB server was unrealiable when used through MITMf (After spending a day trying to figure out why, I just gave up and yanked it out) - Responder's code has been broken down into single importable classes (way easier to manage and read, ugh!) - Started adding dynamic config support to Responder's code and changed the logging messages to be a bit more readable. - POST data captured through the proxy will now only be logged and printed to STDOUT when it's decodable to UTF-8 (this prevents logging encrypted data which is no use) - Responder and the Beefapi script are no longer submodules (they seem to be a pain to package, so i removed them to help a brother out) - Some plugins are missing because I'm currently re-writing them, will be added later - Main plugin class now inharates from the ConfigWatcher class, this way plugins will support dynamic configs natively! \o/
This commit is contained in:
parent
663f38e732
commit
9712eed4a3
92 changed files with 6883 additions and 3349 deletions
171
core/beefapi.py
Normal file
171
core/beefapi.py
Normal file
|
@ -0,0 +1,171 @@
|
|||
#!/usr/bin/env python
|
||||
import requests
|
||||
import json
|
||||
import logging
|
||||
from random import sample
|
||||
from string import lowercase, digits
|
||||
|
||||
logging.getLogger("requests").setLevel(logging.WARNING) #Disables "Starting new HTTP Connection (1)" log message
|
||||
|
||||
class BeefAPI:
|
||||
|
||||
def __init__(self, opts=[]):
|
||||
self.host = "127.0.0.1" or opts.get(host)
|
||||
self.port = "3000" or opts.get(port)
|
||||
self.token = None
|
||||
self.url = "http://%s:%s/api/" % (self.host, self.port)
|
||||
self.login_url = self.url + "admin/login"
|
||||
self.hookurl = self.url + "hooks?token="
|
||||
self.mod_url = self.url + "modules?token="
|
||||
self.log_url = self.url + "logs?token="
|
||||
|
||||
def random_url(self):
|
||||
return "".join(sample(digits + lowercase, 8))
|
||||
|
||||
def login(self, username, password):
|
||||
try:
|
||||
auth = json.dumps({"username": username, "password": password})
|
||||
r = requests.post(self.login_url, data=auth)
|
||||
data = r.json()
|
||||
|
||||
if (r.status_code == 200) and (data["success"]):
|
||||
self.token = data["token"] #Auth token
|
||||
return True
|
||||
elif r.status_code != 200:
|
||||
return False
|
||||
|
||||
except Exception, e:
|
||||
print "beefapi ERROR: %s" % e
|
||||
|
||||
def sessions_online(self):
|
||||
return self.get_sessions("online", "session")
|
||||
|
||||
def sessions_offline(self):
|
||||
return self.get_sessions("offline", "session")
|
||||
|
||||
def session2host(self, session):
|
||||
return self.conversion(session, "ip")
|
||||
|
||||
def session2id(self, session):
|
||||
return self.conversion(session, "id")
|
||||
|
||||
def hook_info(self, hook): #Returns parsed information on a session
|
||||
session = self.conversion(hook, "session")
|
||||
url = self.hookurl + self.token
|
||||
r = requests.get(url).json()
|
||||
|
||||
try:
|
||||
states = ["online", "offline"]
|
||||
for state in states:
|
||||
for v in r["hooked-browsers"][state].items():
|
||||
if v[1]["session"] == session:
|
||||
return v[1]
|
||||
except IndexError:
|
||||
pass
|
||||
|
||||
def hook_info_all(self, hook):
|
||||
session = self.conversion(hook, "session")
|
||||
url = self.url + "hooks/%s?token=%s" % (session, self.token)
|
||||
return requests.get(url).json()
|
||||
|
||||
def hook_logs(self, hook):
|
||||
session = self.conversion(hook, "session")
|
||||
url = self.url + "logs/%s?token=%s" % (session, self.token)
|
||||
return requests.get(url).json()
|
||||
|
||||
def hosts_online(self):
|
||||
return self.get_sessions("online", "ip")
|
||||
|
||||
def hosts_offline(self):
|
||||
return self.get_sessions("offline", "ip")
|
||||
|
||||
def host2session(self, host):
|
||||
return self.conversion(host, "session")
|
||||
|
||||
def host2id(self, host):
|
||||
return self.conversion(host, "id")
|
||||
|
||||
def ids_online(self):
|
||||
return self.get_sessions("online", "id")
|
||||
|
||||
def ids_offline(self):
|
||||
return self.get_sessions("offline", "id")
|
||||
|
||||
def id2session(self, id):
|
||||
return self.conversion(id, "session")
|
||||
|
||||
def id2host(self, id):
|
||||
return self.conversion(id, "ip")
|
||||
|
||||
def module_id(self, name): #Returns module id
|
||||
url = self.mod_url + self.token
|
||||
try:
|
||||
r = requests.get(url).json()
|
||||
for v in r.values():
|
||||
if v["name"] == name:
|
||||
return v["id"]
|
||||
except Exception, e:
|
||||
print "beefapi ERROR: %s" % e
|
||||
|
||||
def module_name(self, id): #Returns module name
|
||||
url = self.mod_url + self.token
|
||||
try:
|
||||
r = requests.get(url).json()
|
||||
for v in r.values():
|
||||
if v["id"] == id:
|
||||
return v["name"]
|
||||
except Exception, e:
|
||||
print "beefapi ERROR: %s" % e
|
||||
|
||||
def module_run(self, hook, mod_id, options={}): #Executes a module on a specified session
|
||||
try:
|
||||
session = self.conversion(hook, "session")
|
||||
headers = {"Content-Type": "application/json", "charset": "UTF-8"}
|
||||
payload = json.dumps(options)
|
||||
url = self.url + "modules/%s/%s?token=%s" % (session, mod_id, self.token)
|
||||
return requests.post(url, headers=headers, data=payload).json()
|
||||
except Exception, e:
|
||||
print "beefapi ERROR: %s" % e
|
||||
|
||||
def module_results(self, hook, mod_id, cmd_id):
|
||||
session = self.conversion(hook, "session")
|
||||
url = self.mod_url + "%s/%s/%s?token=%s" % (session, mod_id, cmd_id, self.token)
|
||||
return requests.get(url).json()
|
||||
|
||||
def modules_list(self):
|
||||
return requests.get(self.mod_url + self.token).json()
|
||||
|
||||
def module_info(self, id):
|
||||
url = self.url + "modules/%s?token=%s" % (id, self.token)
|
||||
return requests.get(url).json()
|
||||
|
||||
def logs(self):
|
||||
return requests.get(self.log_url + self.token).json()
|
||||
|
||||
def conversion(self, value, return_value): #Helper function for all conversion functions
|
||||
url = self.hookurl + self.token
|
||||
try:
|
||||
r = requests.get(url).json()
|
||||
states = ["online", "offline"]
|
||||
for state in states:
|
||||
for v in r["hooked-browsers"][state].items():
|
||||
for r in v[1].values():
|
||||
if str(value) == str(r):
|
||||
return v[1][return_value]
|
||||
|
||||
except Exception, e:
|
||||
print "beefapi ERROR: %s" % e
|
||||
|
||||
except IndexError:
|
||||
pass
|
||||
|
||||
def get_sessions(self, state, value): #Helper function
|
||||
try:
|
||||
hooks = []
|
||||
r = requests.get(self.hookurl + self.token).json()
|
||||
for v in r["hooked-browsers"][state].items():
|
||||
hooks.append(v[1][value])
|
||||
|
||||
return hooks
|
||||
except Exception, e:
|
||||
print "beefapi ERROR: %s" % e
|
Loading…
Add table
Add a link
Reference in a new issue