WebSploit

websploit is an advanced MITM framework.

Author: The404Hacking

COPYING.GPL

@@ -0,0 +1,9 @@
+Websploit Framework
+
+Licence For:
+------------------
+BackBox
+BackTrack
+BlackBuntu
+And All Hacking And Security Distro
+------------------

LICENCE

@@ -0,0 +1,32 @@
+WebSploit Framework
+
+Project in SourceForge : http://sourceforge.net/projects/websploit
+
+Author : 0x0ptim0us (Fardin Allahverdinazhand)
+Email & Report Bug : [email protected]
+Blog : http://0x0ptim0us.blogspot.com
+
+If your system doesn't have enough copies of the full text of the GNU
+General Public License already, we have provided another one in the
+"COPYING.GPL" file. 
+
+Supported Attack :
+#	[+]Autopwn - Used From Metasploit For Scan and Exploit Target Service
+#	[+]Browser AutoPWN - Exploit Victim Browser
+#	[+]wmap - Scan,Crawler Target Used From Metasploit wmap plugin
+#	[+]format infector - inject reverse & bind payload into file format
+#	[+]MLITM,XSS Phishing - Man Left In The Middle Attack
+#	[+]MITM - Man In The Middle Attack
+#	[+]USB Infection Attack - Create Executable Backdoor For Windows
+#	[+]MFOD Attack - Middle Finger Of Doom Attack
+#	[+]Java Applet Attack Vector 
+#	[+]ARP DOS - ARP Cache Denial Of Service Attack With Random MAC
+#	[+]Directory Scanner - Scan Target Directorys
+#	[+]Apache US - Scan Apache users
+#	[+]PHPMyAdmin - Scan PHPMyAdmin Login Page
+#	[+]Web Killer - Using From The TCPKill For Down Your WebSite On Network
+#	[+]Fake AP - Fake Access Point
+#	[+]FakeUpdate - Fake update attack 
+#   [+]Wifi Jammer - Wifi Jammer Attack
+#   [+]Wifi Dos - Wifi Dos RQ Attack
+#   [+]Wifi Mass De-authentication attack

README.txt

@@ -0,0 +1,21 @@
+#!/usr/bin/env python
+#
+# WebSploit Toolkit Menu module
+# Created By 0x0ptim0us (Fardin Allahverdinazhand)
+# Email : [email protected]
+
+from core import wcolors
+def about():
+	print "\n"
+	print(wcolors.color.RED + "Created By :" + wcolors.color.ENDC)
+	print wcolors.color.CYAN + """
+	Fardin Allahverdinazhand (0x0ptim0us)
+	Location : Iran - Azarbayjan (Turkish)
+	Twitter : @0x0ptim0us
+	Report Bug : [email protected]
+	""" + wcolors.color.ENDC
+	print "\n"
+	print(wcolors.color.RED + "Developer Team Not Available !\n" + wcolors.color.ENDC)
+	
+
+	

core/__init__.py

@@ -0,0 +1,73 @@
+#!/usr/bin/env python
+#
+# WebSploit Framework Header module
+# Created By 0x0ptim0us (Fardin Allahverdinazhand)
+# Email : [email protected]
+
+
+import random
+def main_header():
+	header_1 = r"""
+	 __          __  _               _       _ _   
+	 \ \        / / | |             | |     (_) |  
+	  \ \  /\  / /__| |__  ___ _ __ | | ___  _| |_ 
+	   \ \/  \/ / _ \ '_ \/ __| '_ \| |/ _ \| | __|
+	    \  /\  /  __/ |_) \__ \ |_) | | (_) | | |_ 
+	     \/  \/ \___|_.__/|___/ .__/|_|\___/|_|\__|
+	                          | |                  
+	                          |_|                  """
+
+	header_2 = r"""
+ __      __          __                      ___               __
+/\ \  __/\ \        /\ \                    /\_ \           __/\ \__
+\ \ \/\ \ \ \     __\ \ \____    ____  _____\//\ \     ___ /\_\ \ ,_\
+ \ \ \ \ \ \ \  /'__`\ \ '__`\  /',__\/\ '__`\\ \ \   / __`\/\ \ \ \/
+  \ \ \_/ \_\ \/\  __/\ \ \L\ \/\__, `\ \ \L\ \\_\ \_/\ \L\ \ \ \ \ \_
+   \ `\___x___/\ \____\\ \_,__/\/\____/\ \ ,__//\____\ \____/\ \_\ \__\
+    '\/__//__/  \/____/ \/___/  \/___/  \ \ \/ \/____/\/___/  \/_/\/__/
+                                         \ \_\
+                                          \/_/ 	"""	
+	header_3 = r"""
+	 (  (               )             (             )  
+	 )\))(   '   (   ( /(             )\     (   ( /(  
+	((_)()\ )   ))\  )\()) (   `  )  ((_) (  )\  )\()) 
+	_(())\_)() /((_)((_)\  )\  /(/(   _   )\((_)(_))/  
+	\ \((_)/ /(_))  | |(_)((_)((_)_\ | | ((_)(_)| |_   
+	 \ \/\/ / / -_) | '_ \(_-<| '_ \)| |/ _ \| ||  _|  
+	  \_/\_/  \___| |_.__//__/| .__/ |_|\___/|_| \__|  
+	                          |_|           """
+
+
+
+	header_4 = r"""
+ __    __    ___  ____    _____ ____  _       ___  ____  ______ 
+|  |__|  |  /  _]|    \  / ___/|    \| |     /   \|    ||      |
+|  |  |  | /  [_ |  o  )(   \_ |  o  ) |    |     ||  | |      |
+|  |  |  ||    _]|     | \__  ||   _/| |___ |  O  ||  | |_|  |_|
+|  `  '  ||   [_ |  O  | /  \ ||  |  |     ||     ||  |   |  |  
+ \      / |     ||     | \    ||  |  |     ||     ||  |   |  |  
+  \_/\_/  |_____||_____|  \___||__|  |_____| \___/|____|  |__|  
+                                                                """
+                                                                
+	header_5 = r"""
+db   d8b   db d88888b d8888b. .d8888. d8888b. db       .d88b.  d888888b d888888b 
+88   I8I   88 88'     88  `8D 88'  YP 88  `8D 88      .8P  Y8.   `88'   `~~88~~' 
+88   I8I   88 88ooooo 88oooY' `8bo.   88oodD' 88      88    88    88       88    
+Y8   I8I   88 88~~~~~ 88~~~b.   `Y8b. 88~~~   88      88    88    88       88    
+`8b d8'8b d8' 88.     88   8D db   8D 88      88booo. `8b  d8'   .88.      88    
+ `8b8' `8d8'  Y88888P Y8888P' `8888Y' 88      Y88888P  `Y88P'  Y888888P    YP    """
+ 
+	hdr_num = random.randint(1, 5)
+	if hdr_num ==1:
+		print header_1
+	if hdr_num ==2:
+		print header_2
+	if hdr_num ==3:
+		print header_3
+	if hdr_num ==4:
+		print header_4
+	if hdr_num ==5:
+		print header_5
+
+
+	

core/__init__.pyc

@@ -0,0 +1,25 @@
+#!/usr/bin/env python
+#
+# WebSploit FrameWork Help Module
+# Created By 0x0ptim0us (Fardin Allahverdinazhand)
+# Email : [email protected]
+
+from core import wcolors
+from time import sleep
+def help():
+    print "\n"
+    print (wcolors.color.BLUE + "Commands\t\tDescription" + wcolors.color.ENDC)
+    print (wcolors.color.GREEN + "---------------\t\t----------------" + wcolors.color.ENDC)
+    print "set \t\t\tSet Value Of Options To Modules"
+    print "scan\t\t\tScan Wifi (Wireless Modules)"
+    print "stop\t\t\tStop Attack & Scan (Wireless Modules)"
+    print "run \t\t\tExecute Module"
+    print "use \t\t\tSelect Module For Use"
+    print "os \t\t\tRun Linux Commands(ex : os ifconfig)"
+    print "back\t\t\tExit Current Module"
+    print "show modules\t\tShow Modules of Current Database"
+    print "show options\t\tShow Current Options Of Selected Module"
+    print "upgrade\t\t\tGet New Version"
+    print "update\t\t\tUpdate Websploit Framework "
+    print "about\t\t\tAbout US"
+    print ""

core/about.py

@@ -0,0 +1,17 @@
+#!/usr/bin/env python
+#
+# WebSploit FrameWork Menu module
+# Created By 0x0ptim0us (Fardin Allahverdinazhand)
+# Email : [email protected]
+
+from core import wcolors
+
+def main_info():
+	ston = wcolors.color.BLUE + "[" + wcolors.color.ENDC
+	print ""
+	print "\t\t--=" + ston + wcolors.color.GREEN + "WebSploit Advanced MITM Framework" + wcolors.color.ENDC
+	print "\t+---**---==" + ston + "Version :" + wcolors.color.RED + "3.0.0" + wcolors.color.ENDC
+	print "\t+---**---==" + ston + "Codename :" + wcolors.color.RED + "Katana" + wcolors.color.ENDC
+	print "\t+---**---==" + ston + "Available Modules : " + wcolors.color.GREEN + "20" + wcolors.color.ENDC
+	print "\t\t--=" + ston + "Update Date : [" + wcolors.color.RED + "r3.0.0-000 20.9.2014" + wcolors.color.ENDC + "]"
+	print "\n\n"

core/about.pyc

@@ -0,0 +1,20 @@
+#!/usr/bin/env python
+#
+# WebSploit FrameWork Menu module
+# Created By 0x0ptim0us (Fardin Allahverdinazhand)
+# Email : [email protected]
+
+from core import wcolors
+
+def main_info():
+	ston = wcolors.color.BLUE + "[" + wcolors.color.ENDC
+	print ""
+	print "\t\t--=" + ston + "WebSploit FrameWork"
+	print "\t+---**---==" + ston + "Version :" + wcolors.color.RED + "2.0.1" + wcolors.color.ENDC
+	print "\t+---**---==" + ston + "Web Modules : " + wcolors.color.GREEN + "4" + wcolors.color.ENDC
+	print "\t+---**---==" + ston + "Network Modules : " + wcolors.color.GREEN + "7" + wcolors.color.ENDC
+	print "\t+---**---==" + ston + "Exploit Modules : " + wcolors.color.GREEN + "3" + wcolors.color.ENDC
+	print "\t+---**---==" + ston + "Created By :" + wcolors.color.CYAN + "Fardin Allahverdinazhand (0x0ptim0us)" + wcolors.color.ENDC
+	print "\t+---**---==" + ston + "Report Bug :" + wcolors.color.CYAN + "[email protected]" + wcolors.color.ENDC
+	print "\t\t--=" + ston + "Twitter    :" + wcolors.color.CYAN + "@0x0ptim0us" + wcolors.color.ENDC
+	print "\n\n"

core/header.py

@@ -0,0 +1,42 @@
+#!/usr/bin/env python
+#
+#Websploit FrameWork Database Module
+# Created By 0x0ptim0us (Fardin Allahverdinazhand)
+# Email : [email protected]
+
+from core import wcolors
+from time import sleep
+def modules_database():
+    print ""
+    print (wcolors.color.BLUE + "Web Modules\t\t\tDescription" + wcolors.color.ENDC)
+    print (wcolors.color.GREEN + "-------------------\t\t---------------------" + wcolors.color.ENDC)
+    print "web/apache_users\t\tScan Directory Of Apache Users"
+    print "web/dir_scanner\t\t\tDirectory Scanner"
+    print "web/wmap\t\t\tInformation Gathering From Victim Web Using (Metasploit Wmap)"
+    print "web/pma\t\t\t\tPHPMyAdmin Login Page Scanner"
+    print "web/cloudflare_resolver\t\tCloudFlare Resolver"
+    print "\n"
+    print (wcolors.color.BLUE + "Network Modules\t\t\tDescription" + wcolors.color.ENDC)
+    print (wcolors.color.GREEN + "-------------------\t\t---------------------" + wcolors.color.ENDC)
+    print "network/arp_dos\t\t\tARP Cache Denial Of Service Attack"
+    print "network/mfod\t\t\tMiddle Finger Of Doom Attack"
+    print "network/mitm\t\t\tMan In The Middle Attack"
+    print "network/mlitm\t\t\tMan Left In The Middle Attack"
+    print "network/webkiller\t\tTCP Kill Attack"
+    print "network/fakeupdate\t\tFake Update Attack Using DNS Spoof"
+    print "network/arp_poisoner\t\tArp Poisoner"
+    print "\n"
+    print (wcolors.color.BLUE + "Exploit Modules\t\t\tDescription" + wcolors.color.ENDC)
+    print (wcolors.color.GREEN + "-------------------\t\t---------------------" + wcolors.color.ENDC)
+    print "exploit/autopwn\t\t\tMetasploit Autopwn Service"
+    print "exploit/browser_autopwn\t\tMetasploit Browser Autopwn Service"
+    print "exploit/java_applet\t\tJava Applet Attack (Using HTML)"
+    print "\n"
+    print (wcolors.color.BLUE + "Wireless / Bluetooth Modules\tDescription" + wcolors.color.ENDC)
+    print (wcolors.color.GREEN + "-------------------\t\t---------------------" + wcolors.color.ENDC)
+    print "wifi/wifi_jammer\t\tWifi Jammer"
+    print "wifi/wifi_dos\t\t\tWifi Dos Attack"
+    print "wifi/wifi_honeypot\t\tWireless Honeypot(Fake AP)"
+    print "wifi/mass_deauth\t\tMass Deauthentication Attack"
+    print "bluetooth/bluetooth_pod\t\tBluetooth Ping Of Death Attack"
+    print "\n"

core/header.pyc

@@ -0,0 +1,14 @@
+#!/usr/bin/env python
+#
+# WebSploit FrameWork Update Module
+# Created By 0x0ptim0us (Fardin Allahverdinazhand)
+# Email : [email protected]
+
+import os
+import subprocess
+from core import wcolors
+from time import sleep
+
+def update():
+    print(wcolors.color.BLUE + "[*] Use wsf-update.py script for update, you can find this script in installation folder [/usr/share/websploit]" + wcolors.color.ENDC)
+    pass

core/help.py

@@ -0,0 +1,19 @@
+#!/usr/bin/env python
+#
+# WebSploit FrameWork Update Module
+# Created By 0x0ptim0us (Fardin Allahverdinazhand)
+# Email : [email protected]
+
+import os
+import subprocess
+from core import wcolors
+from time import sleep
+
+def update():
+    print(wcolors.color.GREEN + "[*]Updating Websploit framework, Please Wait ..." + wcolors.color.ENDC)
+    sleep(2)
+    subprocess.Popen("git init", stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True).wait()
+    sleep(2)
+    os.system("git pull https://github.com/websploit/update.git")
+    print(wcolors.color.GREEN + "[*]Update was completed successfully." + wcolors.color.ENDC)
+    sleep(1)

core/help.pyc

@@ -0,0 +1,29 @@
+#!/usr/bin/env python
+#
+#Websploit FrameWork Upgrade Module
+# Created By 0x0ptim0us (Fardin Allahverdinazhand)
+# Email : [email protected]
+
+import os
+import urllib
+from time import sleep
+from core import wcolors
+import webbrowser
+
+def upgrade():
+    print(wcolors.color.BOLD + wcolors.color.BLUE + "[*]Checking For New Version, Please Wait ..." + wcolors.color.ENDC)
+    try:
+        cu = urllib.urlopen("http://sourceforge.net/projects/websploit/files/")
+        res = cu.read()
+        if 'WebSploit Framework V.3.0.1' in res:
+            print(wcolors.color.GREEN + "[*]New Version Available")
+            sleep(2)
+            print("[*]Download Latest Version : https://sourceforge.net/projects/websploit/files/latest/download?source=files" + wcolors.color.ENDC)
+            print(wcolors.color.CYAN + "[*]Starting Browser To Download Location, Please Wait ..." + wcolors.color.ENDC)
+            sleep(2)
+            webbrowser.open("https://sourceforge.net/projects/websploit/files/latest/download?source=files")
+        else:
+            print(wcolors.color.BOLD + wcolors.color.RED + "[*]New Version Not Available, This Is Latest Version Of The WebSploit Framework." + wcolors.color.ENDC)
+            sleep(4)
+    except(IOError):
+        print(wcolors.color.BOLD + wcolors.color.RED + "[*]Connection Timeout, Check Your Internet Connection!" + wcolors.color.ENDC)

core/menu.py

@@ -0,0 +1,23 @@
+#!/usr/bin/env python
+# WebSploit Toolkit
+# Idea By Dave Kennedy
+# Created By Fardin Allahverdinazhand (0x0ptim0us)
+class color:
+	PURPLE = '\033[95m'
+	CYAN = '\033[96m'
+	DARKCYAN = '\033[36m'
+	BLUE = '\033[94m'
+	GREEN = '\033[92m'
+	YELLOW = '\033[93m'
+	RED = '\033[91m'
+	BOLD = '\033[1m'
+	UNDERL = '\033[4m'
+	ENDC = '\033[0m'
+	backBlack = '\033[40m'
+	backRed = '\033[41m'
+	backGreen = '\033[42m'
+	backYellow = '\033[43m'
+	backBlue = '\033[44m'
+	backMagenta = '\033[45m'
+	backCyan = '\033[46m'
+	backWhite = '\033[47m'