- Fixed a bug when ARP spoofing via arp replies

- Amended license

README.md

@@ -54,9 +54,9 @@ Changelog
 
 - FilePwn plugin re-written to backdoor executables and zip files on the fly by using [the-backdoor-factory](https://github.com/secretsquirrel/the-backdoor-factory) and code from [BDFProxy](https://github.com/secretsquirrel/BDFProxy)
 
-- Added msfrpc.py for interfacing with Metasploits rpc server
+- Added [msfrpc.py](https://github.com/byt3bl33d3r/msfrpc/blob/master/python-msfrpc/msfrpc.py) for interfacing with Metasploits rpc server
 
-- Added beefapi.py for interfacing with BeEF's RESTfulAPI
+- Added [beefapi.py](https://github.com/byt3bl33d3r/beefapi) for interfacing with BeEF's RESTfulAPI
 
 - Addition of the app-cache poisoning attack by [Krzysztof Kotowicz](https://github.com/koto/sslstrip) (blogpost explaining the attack here http://blog.kotowicz.net/2010/12/squid-imposter-phishing-websites.html)
 

libs/banners.py

@@ -1,6 +1,24 @@
 #! /usr/bin/env python2.7
 # -*- coding: utf-8 -*-
 
+# Copyright (c) 2014-2016 Marcello Salvati
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License as
+# published by the Free Software Foundation; either version 3 of the
+# License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
+# USA
+#
+
 import random
 
 banner1 = """                                                    

libs/beefapi.py

@@ -1,4 +1,23 @@
 #!/usr/bin/env python2.7
+
+# Copyright (c) 2014-2016 Marcello Salvati
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License as
+# published by the Free Software Foundation; either version 3 of the
+# License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
+# USA
+#
+
 import requests
 import json
 from random import sample

libs/msfrpc.py

@@ -1,11 +1,24 @@
 #! /usr/bin/env python2.7
+
 # MSF-RPC - A  Python library to facilitate MSG-RPC communication with Metasploit
-# Ryan Linn  - RLinn@trustwave.com, Marcello Salvati - byt3bl33d3r@gmail.com
-# Copyright (C) 2011 Trustwave
-# This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
-# This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
-# You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>.
 
+# Copyright (c) 2014-2016 Ryan Linn  - RLinn@trustwave.com, Marcello Salvati - byt3bl33d3r@gmail.com
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License as
+# published by the Free Software Foundation; either version 3 of the
+# License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
+# USA
+#
 
 import requests
 import msgpack

libs/sslstrip/ClientRequest.py

@@ -1,4 +1,4 @@
-# Copyright (c) 2004-2009 Moxie Marlinspike
+# Copyright (c) 2014-2016 Moxie Marlinspike, Marcello Salvati
 #
 # This program is free software; you can redistribute it and/or
 # modify it under the terms of the GNU General Public License as

libs/sslstrip/CookieCleaner.py

@@ -1,4 +1,4 @@
-# Copyright (c) 2004-2011 Moxie Marlinspike
+# Copyright (c) 2014-2016 Moxie Marlinspike, Marcello Salvati
 #
 # This program is free software; you can redistribute it and/or
 # modify it under the terms of the GNU General Public License as

libs/sslstrip/DnsCache.py

@@ -1,3 +1,21 @@
+# Copyright (c) 2014-2016 Moxie Marlinspike, Marcello Salvati
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License as
+# published by the Free Software Foundation; either version 3 of the
+# License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
+# USA
+#
+
 import logging
 
 class DnsCache:    

libs/sslstrip/SSLServerConnection.py

@@ -1,4 +1,4 @@
-# Copyright (c) 2004-2009 Moxie Marlinspike
+# Copyright (c) 2014-2016 Moxie Marlinspike, Marcello Salvati
 #
 # This program is free software; you can redistribute it and/or
 # modify it under the terms of the GNU General Public License as

libs/sslstrip/ServerConnection.py

@@ -1,4 +1,4 @@
-# Copyright (c) 2004-2009 Moxie Marlinspike
+# Copyright (c) 2014-2016 Moxie Marlinspike, Marcello Salvati
 #
 # This program is free software; you can redistribute it and/or
 # modify it under the terms of the GNU General Public License as

libs/sslstrip/ServerConnectionFactory.py

@@ -1,4 +1,4 @@
-# Copyright (c) 2004-2009 Moxie Marlinspike
+# Copyright (c) 2014-2016 Moxie Marlinspike, Marcello Salvati
 #
 # This program is free software; you can redistribute it and/or
 # modify it under the terms of the GNU General Public License as

libs/sslstrip/StrippingProxy.py

@@ -1,4 +1,4 @@
-# Copyright (c) 2004-2009 Moxie Marlinspike
+# Copyright (c) 2014-2016 Moxie Marlinspike, Marcello Salvati
 #
 # This program is free software; you can redistribute it and/or
 # modify it under the terms of the GNU General Public License as

libs/sslstrip/URLMonitor.py

@@ -1,4 +1,4 @@
-# Copyright (c) 2004-2009 Moxie Marlinspike
+# Copyright (c) 2014-2016 Moxie Marlinspike, Marcello Salvati
 #
 # This program is free software; you can redistribute it and/or
 # modify it under the terms of the GNU General Public License as
@@ -78,7 +78,7 @@ def addSecureLink(self, client, url):
         method      = url[0:methodIndex]
 
         pathIndex   = url.find("/", methodIndex)
-        if (pathIndex == -1):
+        if pathIndex is -1:
             pathIndex = len(url)
             url += "/"
 

mitmf.py

@@ -1,5 +1,23 @@
 #!/usr/bin/env python2.7
 
+# Copyright (c) 2014-2016 Moxie Marlinspike, Marcello Salvati
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License as
+# published by the Free Software Foundation; either version 3 of the
+# License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
+# USA
+#
+
 from twisted.web import http
 from twisted.internet import reactor
 
@@ -152,7 +170,7 @@
             p.initialize(args)
             load.append(p)
     except Exception, e:
-        print "[-] Error loading plugin: " + str(e) 
+        print "[-] Error loading plugin %s: %s" % (p.name, str(e)) 
 
 #Plugins are ready to go, start MITMf
 if args.disproxy:

plugins/Spoof.py

@@ -117,7 +117,7 @@ def add_options(self, options):
 		options.add_argument('--shellshock', type=str, metavar='PAYLOAD', dest='shellshock', default=None, help='Trigger the Shellshock vuln when spoofing DHCP, and execute specified command')
 		options.add_argument('--gateway', dest='gateway', help='Specify the gateway IP')
 		options.add_argument('--target', dest='target', default=None, help='Specify a host to poison [default: subnet]')
-		options.add_argument('--arpmode', dest='arpmode', default='req', choices=["req", "rep"], help=' ARP Spoofing mode: requests (req) or replies (rep) [default: req]')
+		options.add_argument('--arpmode',type=str, dest='arpmode', default='req', choices=["req", "rep"], help=' ARP Spoofing mode: requests (req) or replies (rep) [default: req]')
 		#options.add_argument('--summary', action='store_true', dest='summary', default=False, help='Show packet summary and ask for confirmation before poisoning')
 
 		#added by alexander.georgiev@daloo.de
@@ -314,7 +314,7 @@ def __init__(self, gateway, interface, mac):
 		self.arpmode    = 'req'
 		self.debug      = False
 		self.send       = True
-		self.arp_inter  = 2
+		self.arp_inter  = 3
 
 	def start(self):
 		if self.gatewaymac is None:
@@ -325,10 +325,10 @@ def start(self):
 			if self.targetmac is None:
 				sys.exit("[-] Error: Could not resolve target's MAC address")
 
-		if self.arpmode is 'req':
+		if self.arpmode == 'req':
 			pkt = self.build_arp_req()
 
-		elif self.arpmode is 'rep':
+		elif self.arpmode == 'rep':
 			pkt = self.build_arp_rep()
 
 		t = threading.Thread(name='arp_spoof', target=self.send_arps, args=(pkt, self.interface, self.debug,))