Skip to content
Permalink
Browse files

Control Plugin Enhancements (#149)

Enhance the control plugin to add features that are useful to real-world penetration tests. This includes:

- Track everyone who visits the phishing domain for click counts
- Track which victims have their sessions terminated (This included adding a TerminateUser hook for plugins)
-Also fixed an apparent bug where the check for termination function was comparing to the Phish URL instead of the real URL
- Add a page to view captured cookies in JSON format for easy import into browsers (This included modifying the Cookie struct to track additional information)
- View number of victims, credentials captured, and terminated sessions all on the control page
- Add the ability to change the control URL from "SayHello2Modlishka"
- Add the ability to add a username/password to the control URL

Kudos go to https://github.com/dan-sra for his contribution!
  • Loading branch information...
dan-sra authored and drk1wi committed Jun 20, 2019
1 parent 7dc67be commit 5a129c8b8358095813514de02cf330a84c9646bf
Showing with 290 additions and 33 deletions.
  1. +7 −1 README.md
  2. +2 −1 core/proxy.go
  3. +261 −25 plugin/control.go
  4. +11 −0 plugin/core_plugin.go
  5. +9 −6 runtime/func.go
@@ -89,7 +89,13 @@ Compile the binary and you are ready to go:

-config string
JSON configuration file. Convenient instead of using command line switches.


-controlCreds string
Username and password to protect the credentials page. user:pass format

-controlURL string
URL to view captured credentials and settings. (default "SayHello2Modlishka")

-credParams string
Credential regexp with matching groups. e.g. : baase64(username_regex),baase64(password_regex)

@@ -243,7 +243,8 @@ func (httpResponse *HTTPResponse) PatchHeaders(p *ReverseProxy) {
}

if p.Terminate {
log.Infof("Terminating session")
log.Infof("Terminating session for %s", p.RequestContext.UserID)
p.RequestContext.InvokeTerminateUserHooks(p.RequestContext.UserID)

// Set Terminator Cookie
value := runtime.TERMINATE_SESSION_COOKIE_NAME + "=" + runtime.TERMINATE_SESSION_COOKIE_VALUE +

0 comments on commit 5a129c8

Please sign in to comment.
You can’t perform that action at this time.