This is 1/2 of the work done... lot's of cool stuff!

I've re-written a decent amount of the framework to support dynamic config file updates, revamped the ARP Spoofing 'engine' and changed the way MITMf integrates Responder and Netcreds. - Net-creds is now started by default and no longer a plugin.. It's all about getting those creds after all. - Integrated the Subterfuge Framework's ARPWatch script, it will enable itself when spoofing the whole subnet (also squashed bugs in the original ARP spoofing code) - The spoof plugin now supports specifying a range of targets (e.g. --target 10.10.10.1-15) and multiple targets (e.g. --target 10.10.10.1,10.10.10.2) - An SMB Server is now started by default, MITMf now uses Impacket's SMBserver as supposed to the one built into Responder, mainly for 2 reasons: 1) Impacket is moving towards SMB2 support and is actively developed 2) Impacket's SMB server is fully functional as supposed to Responder's (will be adding a section for it in the config file) 3) Responder's SMB server was unrealiable when used through MITMf (After spending a day trying to figure out why, I just gave up and yanked it out) - Responder's code has been broken down into single importable classes (way easier to manage and read, ugh!) - Started adding dynamic config support to Responder's code and changed the logging messages to be a bit more readable. - POST data captured through the proxy will now only be logged and printed to STDOUT when it's decodable to UTF-8 (this prevents logging encrypted data which is no use) - Responder and the Beefapi script are no longer submodules (they seem to be a pain to package, so i removed them to help a brother out) - Some plugins are missing because I'm currently re-writing them, will be added later - Main plugin class now inharates from the ConfigWatcher class, this way plugins will support dynamic configs natively! \o/
2025-07-10 23:33:39 -07:00 · 2015-04-27 18:33:55 +02:00 · 2015-04-27 18:33:55 +02:00 · 9712eed4a3
commit 9712eed4a3
parent 663f38e732
92 changed files with 6883 additions and 3349 deletions
--- a/core/beefapi.py
+++ b/core/beefapi.py
@ -0,0 +1,171 @@
+#!/usr/bin/env python
+import requests
+import json
+import logging
+from random import sample
+from string import lowercase, digits
+
+logging.getLogger("requests").setLevel(logging.WARNING)  #Disables "Starting new HTTP Connection (1)" log message
+
+class BeefAPI:
+
+	def __init__(self, opts=[]):
+		self.host = "127.0.0.1" or opts.get(host)
+		self.port = "3000" or opts.get(port)
+		self.token = None
+		self.url = "http://%s:%s/api/" % (self.host, self.port)
+		self.login_url = self.url + "admin/login"
+		self.hookurl = self.url + "hooks?token="
+		self.mod_url = self.url + "modules?token="
+		self.log_url = self.url + "logs?token="
+
+	def random_url(self):
+		return "".join(sample(digits + lowercase, 8))
+
+	def login(self, username, password):
+		try:
+			auth = json.dumps({"username": username, "password": password})
+			r = requests.post(self.login_url, data=auth)
+			data = r.json()
+
+			if (r.status_code == 200) and (data["success"]):
+				self.token = data["token"]  #Auth token
+				return True
+			elif r.status_code != 200:
+				return False
+
+		except Exception, e:
+			print "beefapi ERROR: %s" % e
+
+	def sessions_online(self):
+		return self.get_sessions("online", "session")
+
+	def sessions_offline(self):
+		return self.get_sessions("offline", "session")
+
+	def session2host(self, session):
+		return self.conversion(session, "ip")
+
+	def session2id(self, session):
+		return self.conversion(session, "id")
+
+	def hook_info(self, hook):  #Returns parsed information on a session
+		session = self.conversion(hook, "session")
+		url = self.hookurl + self.token
+		r = requests.get(url).json()
+
+		try:
+			states = ["online", "offline"]
+			for state in states:
+				for v in r["hooked-browsers"][state].items():
+					if v[1]["session"] == session:
+						return v[1]
+		except IndexError:
+			pass
+
+	def hook_info_all(self, hook):
+		session = self.conversion(hook, "session")
+		url = self.url + "hooks/%s?token=%s" % (session, self.token)
+		return requests.get(url).json()
+
+	def hook_logs(self, hook):
+		session = self.conversion(hook, "session")
+		url = self.url + "logs/%s?token=%s" % (session, self.token)
+		return requests.get(url).json()
+
+	def hosts_online(self):
+		return self.get_sessions("online", "ip")
+
+	def hosts_offline(self):
+		return self.get_sessions("offline", "ip")
+
+	def host2session(self, host):
+		return self.conversion(host, "session")
+
+	def host2id(self, host):
+		return self.conversion(host, "id")
+
+	def ids_online(self):
+		return self.get_sessions("online", "id")
+
+	def ids_offline(self):
+		return self.get_sessions("offline", "id")
+
+	def id2session(self, id):
+		return self.conversion(id, "session")
+
+	def id2host(self, id):
+		return self.conversion(id, "ip")
+
+	def module_id(self, name):  #Returns module id
+		url = self.mod_url + self.token
+		try:
+			r = requests.get(url).json()
+			for v in r.values():
+				if v["name"] == name:
+					return v["id"]
+		except Exception, e:
+			print "beefapi ERROR: %s" % e
+
+	def module_name(self, id):  #Returns module name
+		url = self.mod_url + self.token
+		try:
+			r = requests.get(url).json()
+			for v in r.values():
+				if v["id"] == id:
+					return v["name"]
+		except Exception, e:
+			print "beefapi ERROR: %s" % e
+
+	def module_run(self, hook, mod_id, options={}):  #Executes a module on a specified session
+		try:
+			session = self.conversion(hook, "session")
+			headers = {"Content-Type": "application/json", "charset": "UTF-8"}
+			payload = json.dumps(options)
+			url = self.url + "modules/%s/%s?token=%s" % (session, mod_id, self.token)
+			return requests.post(url, headers=headers, data=payload).json()
+		except Exception, e:
+			print "beefapi ERROR: %s" % e
+
+	def module_results(self, hook, mod_id, cmd_id):
+		session = self.conversion(hook, "session")
+		url = self.mod_url + "%s/%s/%s?token=%s" % (session, mod_id, cmd_id, self.token)
+		return requests.get(url).json()
+
+	def modules_list(self):
+		return requests.get(self.mod_url + self.token).json()
+
+	def module_info(self, id):
+		url = self.url + "modules/%s?token=%s" % (id, self.token)
+		return requests.get(url).json()
+
+	def logs(self):
+		return requests.get(self.log_url + self.token).json()
+
+	def conversion(self, value, return_value):  #Helper function for all conversion functions 
+		url = self.hookurl + self.token
+		try:
+			r = requests.get(url).json()
+			states = ["online", "offline"]
+			for state in states:
+				for v in r["hooked-browsers"][state].items():
+					for r in v[1].values():
+						if str(value) == str(r):
+							return v[1][return_value]
+
+		except Exception, e:
+			print "beefapi ERROR: %s" % e
+
+		except IndexError:
+			pass
+
+	def get_sessions(self, state, value):  #Helper function
+		try:
+			hooks = []
+			r = requests.get(self.hookurl + self.token).json()
+			for v in r["hooked-browsers"][state].items():
+				hooks.append(v[1][value])
+
+			return hooks
+		except Exception, e:
+			print "beefapi ERROR: %s" % e