diff --git a/config/mitmf.conf b/config/mitmf.conf index 469f737..b14446b 100644 --- a/config/mitmf.conf +++ b/config/mitmf.conf @@ -64,7 +64,7 @@ [[[TXT]]] # Queries for text records *.thesprawl.org=fake message - [[[PTR]]] # PTR queries + [[[PTR]]] # PTR queries *.2.0.192.in-addr.arpa=fake.com [[[SOA]]] #FORMAT: mname rname t1 t2 t3 t4 t5 diff --git a/libs/dnschef b/libs/dnschef index 88a9c08..fbc5ec3 160000 --- a/libs/dnschef +++ b/libs/dnschef @@ -1 +1 @@ -Subproject commit 88a9c08a9be5ee921d3d8eeeb16d421c9b5df0af +Subproject commit fbc5ec324b6045db2f6cc62662ab51d3ff979ec8 diff --git a/mitmf.py b/mitmf.py index d8a5c80..5fbc63d 100755 --- a/mitmf.py +++ b/mitmf.py @@ -163,17 +163,21 @@ load = [] for p in plugins: try: + if vars(args)[p.optname] is True: + print "|_ %s v%s" % (p.name, p.version) + if hasattr(p, 'tree_output') and p.tree_output: + for line in p.tree_output: + print "| |_ %s" % line + p.tree_output.remove(line) + if getattr(args, p.optname): p.initialize(args) load.append(p) if vars(args)[p.optname] is True: - print "|_ %s v%s" % (p.name, p.version) - - if p.output: - for line in p.output: + if hasattr(p, 'tree_output') and p.tree_output: + for line in p.tree_output: print "| |_ %s" % line - p.output.remove(line) except Exception, e: print "[-] Error loading plugin %s: %s" % (p.name, str(e)) diff --git a/plugins/BeefAutorun.py b/plugins/BeefAutorun.py index dd18032..7422eae 100644 --- a/plugins/BeefAutorun.py +++ b/plugins/BeefAutorun.py @@ -34,13 +34,14 @@ requests_log.setLevel(logging.WARNING) mitmf_logger = logging.getLogger('mitmf') class BeefAutorun(Inject, Plugin): - name = "BeEFAutorun" - optname = "beefauto" - desc = "Injects BeEF hooks & autoruns modules based on Browser and/or OS type" - depends = ["Inject"] - version = "0.3" - req_root = False - has_opts = False + name = "BeEFAutorun" + optname = "beefauto" + desc = "Injects BeEF hooks & autoruns modules based on Browser and/or OS type" + tree_output = [] + depends = ["Inject"] + version = "0.3" + req_root = False + has_opts = False def initialize(self, options): self.options = options @@ -68,7 +69,7 @@ class BeefAutorun(Inject, Plugin): if not beef.login(beefconfig['user'], beefconfig['pass']): sys.exit("[-] Error logging in to BeEF!") - self.output.append("Mode: %s" % self.Mode) + self.tree_output.append("Mode: %s" % self.Mode) t = threading.Thread(name="autorun", target=self.autorun, args=(beef,)) t.setDaemon(True) diff --git a/plugins/FilePwn.py b/plugins/FilePwn.py index 9fe9308..e73bfe8 100644 --- a/plugins/FilePwn.py +++ b/plugins/FilePwn.py @@ -74,13 +74,14 @@ from configobj import ConfigObj mitmf_logger = logging.getLogger('mitmf') class FilePwn(Plugin): - name = "FilePwn" - optname = "filepwn" - desc = "Backdoor executables being sent over http using bdfactory" - implements = ["handleResponse"] - version = "0.2" - has_opts = False - req_root = False + name = "FilePwn" + optname = "filepwn" + desc = "Backdoor executables being sent over http using bdfactory" + implements = ["handleResponse"] + tree_output = ["BDFProxy v0.2 online"] + version = "0.2" + has_opts = False + req_root = False def initialize(self, options): '''Called if plugin is enabled, passed the options namespace''' diff --git a/plugins/JavaPwn.py b/plugins/JavaPwn.py index 416c377..f4a0bfb 100644 --- a/plugins/JavaPwn.py +++ b/plugins/JavaPwn.py @@ -38,12 +38,13 @@ requests_log.setLevel(logging.WARNING) mitmf_logger = logging.getLogger('mitmf') class JavaPwn(BrowserProfiler, Plugin): - name = "JavaPwn" - optname = "javapwn" - desc = "Performs drive-by attacks on clients with out-of-date java browser plugins" - depends = ["Browserprofiler"] - version = "0.3" - has_opts = False + name = "JavaPwn" + optname = "javapwn" + desc = "Performs drive-by attacks on clients with out-of-date java browser plugins" + tree_output = [] + depends = ["Browserprofiler"] + version = "0.3" + has_opts = False def initialize(self, options): '''Called if plugin is enabled, passed the options namespace''' @@ -73,7 +74,7 @@ class JavaPwn(BrowserProfiler, Plugin): msf = msfrpc.Msfrpc({"host": self.rpcip}) #create an instance of msfrpc libarary msf.login('msf', self.rpcpass) version = msf.call('core.version')['version'] - self.output.append("Connected to Metasploit v%s" % version) + self.tree_output.append("Connected to Metasploit v%s" % version) except Exception: sys.exit("[-] Error connecting to MSF! Make sure you started Metasploit and its MSGRPC server") diff --git a/plugins/Responder.py b/plugins/Responder.py index 90f3965..6fb98e0 100644 --- a/plugins/Responder.py +++ b/plugins/Responder.py @@ -28,29 +28,26 @@ from core.sslstrip.DnsCache import DnsCache from twisted.internet import reactor class Responder(Plugin): - name = "Responder" - optname = "responder" - desc = "Poison LLMNR, NBT-NS and MDNS requests" - version = "0.2" - has_opts = True - req_root = True + name = "Responder" + optname = "responder" + desc = "Poison LLMNR, NBT-NS and MDNS requests" + tree_output = ["NBT-NS, LLMNR & MDNS Responder v2.1.2 by Laurent Gaffie online"] + version = "0.2" + has_opts = True + req_root = True def initialize(self, options): '''Called if plugin is enabled, passed the options namespace''' self.options = options self.interface = options.interface - RESP_VERSION = "2.1.2" - try: config = options.configfile['Responder'] except Exception, e: sys.exit('[-] Error parsing config for Responder: ' + str(e)) - self.output.append("NBT-NS, LLMNR & MDNS Responder v%s by Laurent Gaffie online" % RESP_VERSION) - if options.Analyse: - self.output.append("Responder is in analyze mode. No NBT-NS, LLMNR, MDNS requests will be poisoned") + self.tree_output.append("Responder is in analyze mode. No NBT-NS, LLMNR, MDNS requests will be poisoned") start_responder(options, config) diff --git a/plugins/SSLstrip+.py b/plugins/SSLstrip+.py index 3286623..09819ba 100644 --- a/plugins/SSLstrip+.py +++ b/plugins/SSLstrip+.py @@ -25,12 +25,14 @@ import logging from plugins.plugin import Plugin from core.utils import SystemConfig from core.sslstrip.URLMonitor import URLMonitor +from libs.dnschef.dnschef import start_dnschef class HSTSbypass(Plugin): name = 'SSLstrip+' optname = 'hsts' desc = 'Enables SSLstrip+ for partial HSTS bypass' version = "0.4" + tree_output = ["SSLstrip+ by Leonardo Nve running", "DNSChef v0.3 online"] has_opts = False req_root = True @@ -39,17 +41,11 @@ class HSTSbypass(Plugin): self.manualiptables = options.manualiptables try: - config = options.configfile['SSLstrip+'] + hstsconfig = options.configfile['SSLstrip+'] + dnsconfig = options.configfile['Spoof']['DNS'] except Exception, e: sys.exit("[-] Error parsing config for SSLstrip+: " + str(e)) - self.output.append("SSLstrip+ by Leonardo Nve running") + URLMonitor.getInstance().setHstsBypass(hstsconfig) - URLMonitor.getInstance().setHstsBypass(config) - - #def finish(self): - # if _DNS.checkInstance() is True: - # _DNS.getInstance().stop() - - # if not self.manualiptables: - # SystemConfig.iptables.Flush() + start_dnschef(options, dnsconfig, hstsconfig) diff --git a/plugins/Sniffer.py b/plugins/Sniffer.py index 658f747..c2d14f8 100644 --- a/plugins/Sniffer.py +++ b/plugins/Sniffer.py @@ -38,13 +38,14 @@ import os mitmf_logger = logging.getLogger('mitmf') class Sniffer(Plugin): - name = "Sniffer" - optname = "sniffer" - desc = "Sniffs for various protocol login and auth attempts" - implements = ["sendRequest"] - version = "0.1" - has_opts = False - req_root = True + name = "Sniffer" + optname = "sniffer" + desc = "Sniffs for various protocol login and auth attempts" + tree_output = ["Net-Creds online"] + implements = ["sendRequest"] + version = "0.1" + has_opts = False + req_root = True def initialize(self, options): self.options = options @@ -66,9 +67,7 @@ class Sniffer(Plugin): sys.exit("[-] Sniffer plugin requires root privileges") n = NetCreds() - #if not self.parse: - self.output.append("Net-Creds online") t = threading.Thread(name="sniffer", target=n.start, args=(self.interface,)) t.setDaemon(True) t.start() diff --git a/plugins/Spoof.py b/plugins/Spoof.py index dd79111..330a8ea 100644 --- a/plugins/Spoof.py +++ b/plugins/Spoof.py @@ -31,12 +31,13 @@ logging.getLogger("scapy.runtime").setLevel(logging.ERROR) #Gets rid of IPV6 Er from scapy.all import * class Spoof(Plugin): - name = "Spoof" - optname = "spoof" - desc = "Redirect/Modify traffic using ICMP, ARP, DHCP or DNS" - version = "0.6" - has_opts = True - req_root = True + name = "Spoof" + optname = "spoof" + desc = "Redirect/Modify traffic using ICMP, ARP, DHCP or DNS" + version = "0.6" + tree_output = [] + has_opts = True + req_root = True def initialize(self, options): '''Called if plugin is enabled, passed the options namespace''' @@ -92,8 +93,8 @@ class Spoof(Plugin): if not options.manualiptables: SystemConfig.iptables.DNS(options.ip_address, self.dnscfg['port']) + self.tree_output.append("DNSChef v0.3 online") start_dnschef(options, self.dnscfg) - self.output.append("DNSChef v0.3 online") if not options.arp and not options.icmp and not options.dhcp and not options.dns: sys.exit("[-] Spoof plugin requires --arp, --icmp, --dhcp or --dns") diff --git a/plugins/plugin.py b/plugins/plugin.py index d3e8e95..0e4a23d 100644 --- a/plugins/plugin.py +++ b/plugins/plugin.py @@ -9,7 +9,6 @@ class Plugin(object): optname = "generic" desc = "" implements = [] - output = [] has_opts = False req_root = False diff --git a/requirements.txt b/requirements.txt index 8616a47..f057153 100644 --- a/requirements.txt +++ b/requirements.txt @@ -9,4 +9,4 @@ pyyaml ua-parser Pillow pefile -capstone +dnslib \ No newline at end of file