- Whole framework now requires root privs

- Added an internal DNS server
- Proxy can now use our custom DNS server (DNSChef) or Twisted's
- Removed priv check from plugins
- DNS spoofing fully re-written
- Iptables rules are now checked and set between plugins

plugins/AppCachePoison.py

@@ -39,7 +39,6 @@ class AppCachePlugin(Plugin):
     implements = ["handleResponse"]
     version    = "0.3"
     has_opts   = False
-    req_root   = False
 
     def initialize(self, options):
         self.options = options

plugins/BeefAutorun.py

@@ -40,7 +40,6 @@ class BeefAutorun(Inject, Plugin):
 	tree_output = []
 	depends     = ["Inject"]
 	version     = "0.3"
-	req_root    = False
 	has_opts    = False
 
 	def initialize(self, options):

plugins/BrowserProfiler.py

@@ -33,7 +33,6 @@ class BrowserProfiler(Inject, Plugin):
     depends    = ["Inject"]
     version    = "0.2"
     has_opts   = False
-    req_root   = False
 
     def initialize(self, options):
         Inject.initialize(self, options)

plugins/CacheKill.py

@@ -29,7 +29,6 @@ class CacheKill(Plugin):
     bad_headers = ['if-none-match', 'if-modified-since']
     version     = "0.1"
     has_opts    = True
-    req_root    = False
 
     def add_options(self, options):
         options.add_argument("--preserve-cookies", action="store_true", help="Preserve cookies (will allow caching in some situations).")

plugins/FilePwn.py

@@ -81,7 +81,6 @@ class FilePwn(Plugin):
     tree_output = ["BDFProxy v0.2 online"]
     version     = "0.2"
     has_opts    = False
-    req_root    = False
 
     def initialize(self, options):
         '''Called if plugin is enabled, passed the options namespace'''

plugins/Inject.py

@@ -35,7 +35,6 @@ class Inject(CacheKill, Plugin):
     optname    = "inject"
     implements = ["handleResponse", "handleHeader", "connectionMade"]
     has_opts   = True
-    req_root   = False
     desc       = "Inject arbitrary content into HTML content"
     version    = "0.2"
     depends    = ["CacheKill"]

plugins/JsKeylogger.py

@@ -30,7 +30,6 @@ class jskeylogger(Inject, Plugin):
     depends    = ["Inject"]
     version    = "0.2"
     has_opts   = False
-    req_root   = False
 
     def initialize(self, options):
         Inject.initialize(self, options)

plugins/Replace.py

@@ -39,7 +39,6 @@ class Replace(CacheKill, Plugin):
 	depends    = ["CacheKill"]
 	version    = "0.1"
 	has_opts   = True
-	req_root   = False
 
 	def initialize(self, options):
 		self.options = options

plugins/Responder.py

@@ -34,7 +34,6 @@ class Responder(Plugin):
     tree_output = ["NBT-NS, LLMNR & MDNS Responder v2.1.2 by Laurent Gaffie online"]
     version     = "0.2"
     has_opts    = True
-    req_root    = True
 
     def initialize(self, options):
         '''Called if plugin is enabled, passed the options namespace'''

plugins/SMBAuth.py

@@ -30,7 +30,6 @@ class SMBAuth(Inject, Plugin):
     depends  = ["Inject"]
     version  = "0.1"
     has_opts = True
-    req_root = False
 
     def initialize(self, options):
         Inject.initialize(self, options)

plugins/SSLstrip+.py

@@ -19,22 +19,20 @@
 #
 
 import sys
-import dns.resolver
 import logging
 
 from plugins.plugin import Plugin
-from core.utils import SystemConfig
+from core.utils import IpTables
 from core.sslstrip.URLMonitor import URLMonitor
-from libs.dnschef.dnschef import start_dnschef
+from libs.dnschef.dnschef import DNSChef
 
 class HSTSbypass(Plugin):
 	name     = 'SSLstrip+'
 	optname  = 'hsts'
 	desc     = 'Enables SSLstrip+ for partial HSTS bypass'
 	version  = "0.4"
-	tree_output   = ["SSLstrip+ by Leonardo Nve running", "DNSChef v0.3 online"]
+	tree_output   = ["SSLstrip+ by Leonardo Nve running"]
 	has_opts = False
-	req_root = True
 
 	def initialize(self, options):
 		self.options = options
@@ -42,10 +40,17 @@ class HSTSbypass(Plugin):
 
 		try:
 			hstsconfig = options.configfile['SSLstrip+']
-			dnsconfig  = options.configfile['Spoof']['DNS']
 		except Exception, e:
 			sys.exit("[-] Error parsing config for SSLstrip+: " + str(e))
 
-		URLMonitor.getInstance().setHstsBypass(hstsconfig)
+		if not options.manualiptables:
+			if IpTables.getInstance().dns is False:
+				IpTables.getInstance().DNS(options.ip_address, options.configfile['MITMf']['DNS']['port'])
 
-		start_dnschef(options, dnsconfig, hstsconfig)
+		URLMonitor.getInstance().setHstsBypass(hstsconfig)
+		DNSChef.getInstance().setHstsBypass(hstsconfig)
+
+	def finish(self):
+		if not self.manualiptables:
+			if IpTables.getInstance().dns is True:
+				IpTables.getInstance().Flush()

plugins/SessionHijacker.py

@@ -41,7 +41,6 @@ class SessionHijacker(Plugin):
 	implements = ["cleanHeaders"] #["handleHeader"]
 	version    = "0.1"
 	has_opts   = True
-	req_root   = False
 
 	def initialize(self, options):
 		'''Called if plugin is enabled, passed the options namespace'''

plugins/Sniffer.py

@@ -45,7 +45,6 @@ class Sniffer(Plugin):
 	implements  = ["sendRequest"]
 	version     = "0.1"
 	has_opts    = False
-	req_root    = True
 
 	def initialize(self, options):
 		self.options = options

plugins/Spoof.py

@@ -21,11 +21,11 @@
 import logging
 import sys
 
-from core.utils import SystemConfig
+from core.utils import SystemConfig, IpTables
 from core.sslstrip.DnsCache import DnsCache
 from core.wrappers.protocols import _ARP, _DHCP, _ICMP
 from plugins.plugin import Plugin
-from libs.dnschef.dnschef import start_dnschef
+from libs.dnschef.dnschef import DNSChef
 
 logging.getLogger("scapy.runtime").setLevel(logging.ERROR)  #Gets rid of IPV6 Error when importing scapy
 from scapy.all import *
@@ -35,14 +35,12 @@ class Spoof(Plugin):
 	optname     = "spoof"
 	desc        = "Redirect/Modify traffic using ICMP, ARP, DHCP or DNS"
 	version     = "0.6"
-	tree_output = []
 	has_opts    = True
-	req_root    = True
 
 	def initialize(self, options):
 		'''Called if plugin is enabled, passed the options namespace'''
 		self.options = options
-		self.dnscfg = options.configfile['Spoof']['DNS']
+		self.dnscfg = options.configfile['MITMf']['DNS']
 		self.dhcpcfg = options.configfile['Spoof']['DHCP']
 		self.target = options.target
 		self.manualiptables = options.manualiptables
@@ -91,10 +89,10 @@ class Spoof(Plugin):
 		if options.dns:
 
 			if not options.manualiptables:
-				SystemConfig.iptables.DNS(options.ip_address, self.dnscfg['port'])
+				if IpTables.getInstance().dns is False:
+					IpTables.getInstance().DNS(options.ip_address, self.dnscfg['port'])
 
-			self.tree_output.append("DNSChef v0.3 online")
-			start_dnschef(options, self.dnscfg)
+			DNSChef.getInstance().loadRecords(self.dnscfg)
 
 		if not options.arp and not options.icmp and not options.dhcp and not options.dns:
 			sys.exit("[-] Spoof plugin requires --arp, --icmp, --dhcp or --dns")
@@ -102,7 +100,8 @@ class Spoof(Plugin):
 		SystemConfig.setIpForwarding(1)
 
 		if not options.manualiptables:
-			SystemConfig.iptables.HTTP(options.listen)
+			if IpTables.getInstance().http is False:
+				IpTables.getInstance().HTTP(options.listen)
 
 		for protocol in self.protocolInstances:
 			protocol.start()
@@ -124,6 +123,6 @@ class Spoof(Plugin):
 			protocol.stop()
 
 		if not self.manualiptables:
-			SystemConfig.iptables.Flush()
+			IpTables.getInstance().Flush()
 
 		SystemConfig.setIpForwarding(0)

plugins/Upsidedownternet.py

@@ -32,7 +32,6 @@ class Upsidedownternet(Plugin):
     implements = ["handleResponse", "handleHeader"]
     version    = "0.1"
     has_opts   = False
-    req_root   = False
 
     def initialize(self, options):
         from PIL import Image, ImageFile

plugins/plugin.py

@@ -10,7 +10,6 @@ class Plugin(object):
     desc       = ""
     implements = []
     has_opts   = False
-    req_root   = False
 
     def __init__(self):
         '''Called on plugin instantiation. Probably don't need this'''