This commit refactors ARP and DHCP poisoning:

DHCP poisoning now works on Windows, additionaly it's been optimized for performance improvements ARP poisoning has been optimized with and internal cache and some algo improvements cve-details-parser.py has been added to the utils/ directory to help adding exploits to the BrowserSniper config file I'm currently working on adding to the filepwn plugin all of the missing options that bdfproxy stand-alone has
2025-08-20 13:33:30 -07:00 · 2015-07-25 02:49:41 +02:00 · 2015-07-25 02:49:41 +02:00 · ba14ed8687
commit ba14ed8687
parent 5e2f30fb89
35 changed files with 1082 additions and 676 deletions
--- a/core/sslstrip/ClientRequest.py
+++ b/core/sslstrip/ClientRequest.py
@ -160,11 +160,8 @@ class ClientRequest(Request):
            log.debug("Sending spoofed favicon response")
            self.sendSpoofedFaviconResponse()

-        elif (self.urlMonitor.isSecureLink(client, url) or ('securelink' in headers)):
-            if 'securelink' in headers:
-                del headers['securelink']
-            
-            log.debug("Sending request via SSL ({})".format((client,url)))
+        elif self.urlMonitor.isSecureLink(client, url):
+            log.debug("Sending request via SSL/TLS: {}".format(url))
            self.proxyViaSSL(address, self.method, path, postData, headers, self.urlMonitor.getSecurePort(client, url))
        
        else:
--- a/core/sslstrip/ServerConnection.py
+++ b/core/sslstrip/ServerConnection.py
@ -104,8 +104,6 @@ class ServerConnection(HTTPClient):
    def connectionMade(self):
        log.debug("HTTP connection made.")

-        self.clientInfo["clientip"] = self.client.getClientIP()
-
        try:
            user_agent = parse(self.headers['user-agent'])

@ -120,6 +118,8 @@ class ServerConnection(HTTPClient):
            self.clientInfo["browser"]  = "Other"
            self.clientInfo["browserv"] = "Other"

+        self.clientInfo["clientip"] = self.client.getClientIP()
+
        self.plugins.hook()
        self.sendRequest()
        self.sendHeaders()
@ -206,8 +206,8 @@ class ServerConnection(HTTPClient):
        data = self.replaceSecureLinks(data)
        data = self.plugins.hook()['data']

-        log.debug("Read from server {} bytes of data:\n{}".format(len(data), data))
-        #log.debug("Read from server {} bytes of data".format(len(data)))
+        #log.debug("Read from server {} bytes of data:\n{}".format(len(data), data))
+        log.debug("Read from server {} bytes of data".format(len(data)))

        if (self.contentLength != None):
            self.client.setHeader('Content-Length', len(data))