mirror of
https://github.com/byt3bl33d3r/MITMf.git
synced 2024-10-17 20:50:35 -07:00
589e45b64f
Added a new banner
368 lines
12 KiB
Python
368 lines
12 KiB
Python
#! /usr/bin/env python2.7
|
|
|
|
# BeEF-API - A Python API for BeEF (The Browser Exploitation Framework) http://beefproject.com/
|
|
|
|
# Copyright (c) 2015-2016 Marcello Salvati - byt3bl33d3r@gmail.com
|
|
#
|
|
# This program is free software; you can redistribute it and/or
|
|
# modify it under the terms of the GNU General Public License as
|
|
# published by the Free Software Foundation; either version 3 of the
|
|
# License, or (at your option) any later version.
|
|
#
|
|
# This program is distributed in the hope that it will be useful, but
|
|
# WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
# General Public License for more details.
|
|
#
|
|
# You should have received a copy of the GNU General Public License
|
|
# along with this program; if not, write to the Free Software
|
|
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
|
|
# USA
|
|
#
|
|
|
|
import requests
|
|
import json
|
|
|
|
from UserList import UserList
|
|
|
|
class BeefAPI:
|
|
|
|
def __init__(self, opts=[]):
|
|
self.host = opts.get('host') or "127.0.0.1"
|
|
self.port = opts.get('port') or "3000"
|
|
self.token = None
|
|
self.url = "http://{}:{}/api/".format(self.host, self.port)
|
|
self.login_url = self.url + "admin/login"
|
|
|
|
def login(self, username, password):
|
|
try:
|
|
auth = json.dumps({"username": username, "password": password})
|
|
r = requests.post(self.login_url, data=auth)
|
|
data = r.json()
|
|
|
|
if (r.status_code == 200) and (data["success"]):
|
|
self.token = data["token"] #Auth token
|
|
|
|
self.hooks_url = "{}hooks?token={}".format(self.url, self.token)
|
|
self.modules_url = "{}modules?token={}".format(self.url, self.token)
|
|
self.logs_url = "{}logs?token={}".format(self.url, self.token)
|
|
self.are_url = "{}autorun/rule/".format(self.url)
|
|
self.dns_url = "{}dns/ruleset?token={}".format(self.url, self.token)
|
|
|
|
return True
|
|
elif r.status_code != 200:
|
|
return False
|
|
|
|
except Exception as e:
|
|
print "[BeEF-API] Error logging in to BeEF: {}".format(e)
|
|
|
|
@property
|
|
def hooked_browsers(self):
|
|
r = requests.get(self.hooks_url)
|
|
return Hooked_Browsers(r.json(), self.url, self.token)
|
|
|
|
@property
|
|
def dns(self):
|
|
r = requests.get(self.dns_url)
|
|
return DNS(r.json(), self.url, self.token)
|
|
|
|
@property
|
|
def logs(self):
|
|
logs = []
|
|
r = requests.get(self.logs_url)
|
|
for log in r.json()['logs']:
|
|
logs.append(Log(log))
|
|
return logs
|
|
|
|
@property
|
|
def modules(self):
|
|
modules = ModuleList([])
|
|
r = requests.get(self.modules_url)
|
|
for k,v in r.json().iteritems():
|
|
modules.append(Module(v, self.url, self.token))
|
|
return modules
|
|
|
|
@property
|
|
def are_rules(self):
|
|
return ARE_Rules(self.are_url, self.token)
|
|
|
|
class ModuleList(UserList):
|
|
|
|
def __init__(self, mlist):
|
|
self.data = mlist
|
|
|
|
def findbyid(self, m_id):
|
|
for m in self.data:
|
|
if m_id == m.id:
|
|
return m
|
|
|
|
def findbyname(self, m_name):
|
|
pmodules = ModuleList([])
|
|
for m in self.data:
|
|
if (m.name.lower().find(m_name.lower()) != -1) :
|
|
pmodules.append(m)
|
|
return pmodules
|
|
|
|
class SessionList(UserList):
|
|
|
|
def __init__(self, slist):
|
|
self.data = slist
|
|
|
|
def findbysession(self, session):
|
|
for s in self.data:
|
|
if s.session == session:
|
|
return s
|
|
|
|
def findbyos(self, os):
|
|
res = SessionList([])
|
|
for s in self.data:
|
|
if (s.os.lower().find(os.lower()) != -1):
|
|
res.append(s)
|
|
return res
|
|
|
|
def findbyip(self, ip):
|
|
res = SessionList([])
|
|
for s in self.data:
|
|
if ip == s.ip:
|
|
res.append(s)
|
|
return res
|
|
|
|
def findbyid(self, s_id):
|
|
for s in self.data:
|
|
if s.id == s_id:
|
|
return s
|
|
|
|
def findbybrowser(self, browser):
|
|
res = SessionList([])
|
|
for s in self.data:
|
|
if browser == s.name:
|
|
res.append(s)
|
|
return res
|
|
|
|
def findbybrowser_v(self, browser_v):
|
|
res = SessionList([])
|
|
for s in self.data:
|
|
if browser_v == s.version:
|
|
res.append(s)
|
|
return res
|
|
|
|
def findbypageuri(self, uri):
|
|
res = SessionList([])
|
|
for s in self.data:
|
|
if uri in s.page_uri:
|
|
res.append(s)
|
|
return res
|
|
|
|
def findbydomain(self, domain):
|
|
res = SessionList([])
|
|
for s in self.data:
|
|
if domain in s.domain:
|
|
res.append(s)
|
|
return res
|
|
|
|
class ARE_Rule(object):
|
|
|
|
def __init__(self, data, url, token):
|
|
self.url = url
|
|
self.token = token
|
|
|
|
for k,v in data.iteritems():
|
|
setattr(self, k, v)
|
|
|
|
self.modules = json.loads(self.modules)
|
|
|
|
def trigger(self):
|
|
r = requests.get('{}/trigger/{}?token={}'.format(self.url, self.id, self.token))
|
|
return r.json()
|
|
|
|
def delete(self):
|
|
r = requests.get('{}/delete/{}?token={}'.format(self.url, self.id, self.token))
|
|
return r.json()
|
|
|
|
class ARE_Rules(object):
|
|
|
|
def __init__(self, url, token):
|
|
self.url = url
|
|
self.token = token
|
|
|
|
def list(self):
|
|
rules = []
|
|
r = requests.get('{}/list/all?token={}'.format(self.url, self.token))
|
|
data = r.json()
|
|
if (r.status_code == 200) and (data['success']):
|
|
for rule in data['rules']:
|
|
rules.append(ARE_Rule(rule, self.url, self.token))
|
|
|
|
return rules
|
|
|
|
def add(self, rule_path):
|
|
if rule_path.endswith('.json'):
|
|
headers = {'Content-Type': 'application/json; charset=UTF-8'}
|
|
with open(rule_path, 'r') as rule:
|
|
payload = rule.read()
|
|
r = requests.post('{}/add?token={}'.format(self.url, self.token), data=payload, headers=headers)
|
|
return r.json()
|
|
|
|
def trigger(self, rule_id):
|
|
r = requests.get('{}/trigger/{}?token={}'.format(self.url, rule_id, self.token))
|
|
return r.json()
|
|
|
|
def delete(self, rule_id):
|
|
r = requests.get('{}/delete/{}?token={}'.format(self.url, rule_id, self.token))
|
|
return r.json()
|
|
|
|
class Module(object):
|
|
|
|
def __init__(self, data, url, token):
|
|
self.url = url
|
|
self.token = token
|
|
|
|
for k,v in data.iteritems():
|
|
setattr(self, k, v)
|
|
|
|
@property
|
|
def options(self):
|
|
r = requests.get("{}/modules/{}?token={}".format(self.url, self.id, self.token)).json()
|
|
return r['options']
|
|
|
|
@property
|
|
def description(self):
|
|
r = requests.get("{}/modules/{}?token={}".format(self.url, self.id, self.token)).json()
|
|
return r['description']
|
|
|
|
def run(self, session, options={}):
|
|
headers = {"Content-Type": "application/json", "charset": "UTF-8"}
|
|
payload = json.dumps(options)
|
|
r = requests.post("{}/modules/{}/{}?token={}".format(self.url, session, self.id, self.token), headers=headers, data=payload)
|
|
return r.json()
|
|
|
|
def multi_run(self, options={}, hb_ids=[]):
|
|
headers = {"Content-Type": "application/json", "charset": "UTF-8"}
|
|
payload = json.dumps({"mod_id":self.id, "mod_params": options, "hb_ids": hb_ids})
|
|
r = requests.post("{}/modules/multi_browser?token={}".format(self.url, self.token), headers=headers, data=payload)
|
|
return r.json()
|
|
|
|
def results(self, session, cmd_id):
|
|
r = requests.get("{}/modules/{}/{}/{}?token={}".format(self.url, session, self.id, cmd_id, self.token))
|
|
return r.json()
|
|
|
|
class Log(object):
|
|
|
|
def __init__(self, log_dict):
|
|
for k,v in log_dict.iteritems():
|
|
setattr(self, k, v)
|
|
|
|
class DNS_Rule(object):
|
|
|
|
def __init__(self, rule, url, token):
|
|
self.url = url
|
|
self.token = token
|
|
|
|
for k,v in rule.iteritems():
|
|
setattr(self, k, v)
|
|
|
|
def delete(self):
|
|
r = requests.delete("{}/dns/rule/{}?token={}".format(self.url, self.id, self.token))
|
|
return r.json()
|
|
|
|
class DNS(object):
|
|
|
|
def __init__(self, data, url, token):
|
|
self.data = data
|
|
self.url = url
|
|
self.token = token
|
|
|
|
@property
|
|
def ruleset(self):
|
|
ruleset = []
|
|
r = requests.get("{}/dns/ruleset?token={}".format(self.url, self.token))
|
|
for rule in r.json()['ruleset']:
|
|
ruleset.append(DNS_Rule(rule, self.url, self.token))
|
|
return ruleset
|
|
|
|
def add(self, pattern, resource, response=[]):
|
|
headers = {"Content-Type": "application/json", "charset": "UTF-8"}
|
|
payload = json.dumps({"pattern": pattern, "resource": resource, "response": response})
|
|
r = requests.post("{}/dns/rule?token={}".format(self.url, self.token), headers=headers, data=payload)
|
|
return r.json()
|
|
|
|
def delete(self, rule_id):
|
|
r = requests.delete("{}/dns/rule/{}?token={}".format(self.url, rule_id, self.token))
|
|
return r.json()
|
|
|
|
class Hooked_Browsers(object):
|
|
|
|
def __init__(self, data, url, token):
|
|
self.data = data
|
|
self.url = url
|
|
self.token = token
|
|
|
|
@property
|
|
def online(self):
|
|
sessions = SessionList([])
|
|
for k,v in self.data['hooked-browsers']['online'].iteritems():
|
|
sessions.append(Session(v['session'], self.data, self.url, self.token))
|
|
return sessions
|
|
|
|
@property
|
|
def offline(self):
|
|
sessions = SessionList([])
|
|
for k,v in self.data['hooked-browsers']['offline'].iteritems():
|
|
sessions.append(Session(v['session'], self.data, self.url, self.token))
|
|
return sessions
|
|
|
|
class Session(object):
|
|
|
|
def __init__(self, session, data, url, token):
|
|
self.session = session
|
|
self.data = data
|
|
self.url = url
|
|
self.token = token
|
|
|
|
self.domain = self.get_property('domain')
|
|
self.id = self.get_property('id')
|
|
self.ip = self.get_property('ip')
|
|
self.name = self.get_property('name') #Browser name
|
|
self.os = self.get_property('os')
|
|
self.page_uri = self.get_property('page_uri')
|
|
self.platform = self.get_property('platform') #Ex. win32
|
|
self.port = self.get_property('port')
|
|
self.version = self.get_property('version') #Browser version
|
|
|
|
@property
|
|
def details(self):
|
|
r = requests.get('{}/hooks/{}?token={}'.format(self.url, self.session, self.token))
|
|
return r.json()
|
|
|
|
@property
|
|
def logs(self):
|
|
logs = []
|
|
r = requests.get('{}/logs/{}?token={}'.format(self.url, self.session, self.token))
|
|
for log in r.json()['logs']:
|
|
logs.append(Log(log))
|
|
return logs
|
|
|
|
def update(self, options={}):
|
|
headers = {"Content-Type": "application/json", "charset": "UTF-8"}
|
|
payload = json.dumps(options)
|
|
r = requests.post("{}/hooks/update/{}?token={}".format(self.url, self.session, self.token), headers=headers, data=payload)
|
|
return r.json()
|
|
|
|
def run(self, module_id, options={}):
|
|
headers = {"Content-Type": "application/json", "charset": "UTF-8"}
|
|
payload = json.dumps(options)
|
|
r = requests.post("{}/modules/{}/{}?token={}".format(self.url, self.session, module_id, self.token), headers=headers, data=payload)
|
|
return r.json()
|
|
|
|
def multi_run(self, options={}):
|
|
headers = {"Content-Type": "application/json", "charset": "UTF-8"}
|
|
payload = json.dumps({"hb": self.session, "modules":[options]})
|
|
r = requests.post("{}/modules/multi_module?token={}".format(self.url, self.token), headers=headers, data=payload)
|
|
return r.json()
|
|
|
|
def get_property(self, key):
|
|
for k,v in self.data['hooked-browsers'].iteritems():
|
|
for l,s in v.iteritems():
|
|
if self.session == s['session']:
|
|
return s[key]
|