Commit graph

10 commits

Author SHA1 Message Date
byt3bl33d3r
ba14ed8687 This commit refactors ARP and DHCP poisoning:
DHCP poisoning now works on Windows, additionaly it's been optimized for performance improvements
ARP poisoning has been optimized with and internal cache and some algo improvements

cve-details-parser.py has been added to the utils/ directory to help adding exploits to the BrowserSniper config file

I'm currently working on adding to the filepwn plugin all of the missing options that bdfproxy stand-alone has
2015-07-25 02:49:41 +02:00
byt3bl33d3r
5e2f30fb89 This is a vewwwy big commit
- The inject plugin now uses beautifulsoup4 to actually parse HTML and add content to it as supposed to using regexes
- The logging of the whole framework has been compleatly overhauled
- plugindetect.js now includes os.js from the metasploit framework for os and browser detection, let's us fingerprint hosts even if UA is lying!
- New plugin HTA Drive-by has been added, prompts the user for a plugin update and makes them download an hta app which contains a powershell payload
- the API of the plugins has been simplified
- Improvements and error handling to user-agent parsing
- Some misc bugfixes
2015-07-18 20:14:07 +02:00
byt3bl33d3r
ff0ada2a39 Revamped logging , plugins will be re-added later once refactored 2015-07-14 17:40:19 +02:00
byt3bl33d3r
e985d42a8a The new changes caused an exception when unpacking the tuple, fixed it 2015-05-23 00:37:08 +02:00
byt3bl33d3r
840e202e5b handleStatus() is now hooked through serverResponseStatus, were now able to modify the server response code and message
added the SMBTrap plugin
2015-05-22 20:16:47 +02:00
byt3bl33d3r
79025dc77e Initial working PoC for the Ferret-NG plugin that will replace the SessionHijacker plugin: it will capture cookies and trasparently feed them to the proxy it starts up on port 10010 (by default), this way we just have to connect to the proxy, browse to the same website as the victim and we will automatically hijack their session! \o/
The way MITMf hooks SSLstrip's functions has been modified to improve plugin code readability, additionally corrected some useless function hooks that were placed in early framework realeases and never removed.

Replace plugin has been given it's own section in the config file

currently the BeedAutorun and Javapwn plugins have to be cleaned up...

BrowserProfile plugin's Pinlady code has been updated to the latest version (v0.9.0) and will now detect Flash player's version

Javapwn plugin will be renamed to BrowserPwn and will support Flash exploits too , as supposed to only Java exploits

Since we now have a built in SMB server, removed options to specify a host in the SMBauth plugin

Tweaked the output of some plugins
2015-05-11 03:13:45 +02:00
byt3bl33d3r
70ec5a2bbc All plugins are now modified to support dynamic config file changes
Responder functionality fully restored
2015-05-05 19:04:01 +02:00
byt3bl33d3r
dfa9c9d65e Added debug logging to ProxyPlugins, it will now print a traceback if errors occur in hooked functions 2015-05-05 00:39:59 +02:00
byt3bl33d3r
5d07551a50 WPAD Poisoner back online, removed options in config file and rellative code for choosing which DNS server to use. (there really was not point in keeping it)
the --basic and --force options and the EXE serving in the Responder plugin have been removed, until I can find a better way of implementing them.
Modified and re-added the JS-keylogger and SMBauth plugins
2015-05-04 23:13:21 +02:00
byt3bl33d3r
9086525c90 Version bump
Minor code optimizations
2015-03-30 18:04:24 +02:00
Renamed from libs/sergioproxy/ProxyPlugins.py (Browse further)