WiFi-Pumpkin v0.8.4 initial commit

Author: mh4x0f

CHANGELOG

@@ -1,3 +1,9 @@
+Version 0.8.4
+-------------
+- added new plugin Pumpkin-Proxy (mitmproxy API)
+- added new notifications for donations
+- fixed theme default QtableView Color hover
+
 Version 0.8.3
 -------------
 - added new design main tool

README.md

@@ -15,9 +15,9 @@ WiFi-Pumpkin is an open source security tool that provides the Rogue access poin
  cd WiFi-Pumpkin
  ./installer.sh --install
 ```
-or download .deb file to install
+or download [.deb](https://github.com/P0cL4bs/WiFi-Pumpkin/releases) file to install
 ``` sh
-sudo dpkg -i wifi-pumpkin-0.8.3-amd64.deb #for arch 64.
+sudo dpkg -i wifi-pumpkin-0.8.4-all.deb
 
 ```
 
@@ -40,6 +40,7 @@ refer to the wiki for [Installation](https://github.com/P0cL4bs/WiFi-Pumpkin/wik
 * Patch Binaries via MITM
 * Karma Attacks (support hostapd-mana)
 * LLMNR, NBT-NS and MDNS poisoner (Responder)
+* Pumpkin-Proxy (ProxyServer (mitmproxy API))
 
 ### Plugins
 | Plugin | Description | 
@@ -52,49 +53,68 @@ refer to the wiki for [Installation](https://github.com/P0cL4bs/WiFi-Pumpkin/wik
 [Responder](https://github.com/lgandx/Responder) | Responder an LLMNR, NBT-NS and MDNS poisoner. Author: Laurent Gaffie
 
 ### Transparent Proxy
- Transparent proxies that you can use to intercept and manipulate HTTP traffic modifying requests and responses, that allow to inject javascripts into the targets visited.  You can easily implement a module to inject data into pages creating a python file in directory "proxy" automatically will be listed on Injector-Proxy tab.
-### Plugins Example
- The following is a sample module that injects some contents into the <head> tag to set blur filter into body html page:
- ``` python
-import logging
-from Plugin import PluginProxy
-from core.utils import setup_logger
-
-class blurpage(PluginProxy):
-    ''' this module proxy set blur into body page html response'''
-    _name          = 'blur_page'
-    _activated     = False
-    _instance      = None
-    _requiresArgs  = False
-
-    @staticmethod
-    def getInstance():
-        if blurpage._instance is None:
-            blurpage._instance = blurpage()
-        return blurpage._instance
-
-    def __init__(self):
-        self.injection_code = []
-
-    def LoggerInjector(self,session):
-        setup_logger('injectionPage', './logs/AccessPoint/injectionPage.log',session)
-        self.logging = logging.getLogger('injectionPage')
+![proxy](https://raw.githubusercontent.com/P0cL4bs/WiFi-Pumpkin/master/docs/proxyscenario.png)
 
-    def setInjectionCode(self, code,session):
-        self.injection_code.append(code)
-        self.LoggerInjector(session)
-
-    def inject(self, data, url):
-        injection_code = '''<head> <style type="text/css">
-        body{
-		filter: blur(2px);
-		-webkit-filter: blur(2px);}
-		</style>'''
-        self.logging.info("Injected: %s" % (url))
-        return data.replace('<head>',injection_code )
+ Transparent proxies(mitmproxy) that you can use to intercept and manipulate HTTP traffic modifying requests and responses, that allow to inject javascripts into the targets visited.  You can easily implement a module to inject data into pages creating a python file in directory "plugins/extension/" automatically will be listed on Pumpkin-Proxy tab.
+#### Plugins Example Dev
 
+ ``` python
+from mitmproxy.models import decoded # for decode content html
+from plugins.extension.plugin import PluginTemplate
+
+class Nameplugin(PluginTemplate):
+    meta = {
+        'Name'      : 'Nameplugin',
+        'Version'   : '1.0',
+        'Description' : 'Brief description of the new plugin',
+        'Author'    : 'by dev'
+    }
+    def __init__(self):
+        for key,value in self.meta.items():
+            self.__dict__[key] = value
+        # if you want set arguments check refer wiki more info. 
+        self.ConfigParser = False # No require arguments 
+
+    def request(self, flow):
+        print flow.__dict__
+        print flow.request.__dict__ 
+        print flow.request.headers.__dict__ # request headers
+        host = flow.request.pretty_host # get domain on the fly requests 
+        versionH = flow.request.http_version # get http version 
+        
+        # get redirect domains example
+        # pretty_host takes the "Host" header of the request into account,
+        if flow.request.pretty_host == "example.org":
+            flow.request.host = "mitmproxy.org"
+            
+        # get all request Header example 
+        self.send_output.emit("\n[{}][HTTP REQUEST HEADERS]".format(self.Name))
+        for name, valur in flow.request.headers.iteritems():
+            self.send_output.emit('{}: {}'.format(name,valur))
+            
+        print flow.request.method # show method request 
+        # the model printer data
+        self.send_output.emit('[NamePlugin]:: this is model for save data logging')
+
+    def response(self, flow):
+        print flow.__dict__
+        print flow.response.__dict__
+        print flow.response.headers.__dict__ #convert headers for python dict
+        print flow.response.headers['Content-Type'] # get content type
+         
+        #every HTTP response before it is returned to the client
+        with decoded(flow.response):
+            print flow.response.content # content html
+            flow.response.content.replace('</body>','<h1>injected</h1></body>') # replace content tag 
+       
+        del flow.response.headers["X-XSS-Protection"] # remove protection Header
+        
+        flow.response.headers["newheader"] = "foo" # adds a new header
+        #and the new header will be added to all responses passing through the proxy
 ```
- 
+#### About plugins
+[plugins](https://github.com/P0cL4bs/WiFi-Pumpkin/wiki/Plugins) on the wiki 
+
 ### Screenshots
 [Screenshot](https://github.com/P0cL4bs/WiFi-Pumpkin/wiki/Screenshots) on the wiki 
 

core/config/app/config.ini

@@ -69,21 +69,23 @@ range=10.0.0.20/10.0.0.50
 
 [dockarea]
 advanced=true
-dock_credencials=true
+dock_credencials=false
 dock_urlmonitor=true
 dock_bdfproxy=false
 dock_dns2proxy=false
 dock_responder=false
+dock_PumpkinProxy=true
 
 [plugins]
 noproxy=false
 netcreds_plugin=true
-dns2proxy_plugin=true
+dns2proxy_plugin=false
 sergioproxy_plugin=false
 bdfproxy_plugin=false
 responder_plugin=false
-bdfproxy_config=plugins/BDFProxy-ng/bdfproxy.cfg
-responder_config=plugins/Responder/Responder.conf
+pumpkinproxy_plugin=true
+bdfproxy_config=plugins/external/BDFProxy-ng/bdfproxy.cfg
+responder_config=plugins/external/Responder/Responder.conf
 
 [iptables]
 iptables_0_masq=iptables -P FORWARD ACCEPT

core/config/app/proxy.ini

@@ -0,0 +1,38 @@
+[plugins]
+dnsspoof=false
+sslstrip=false
+jskeylogger=false
+stickycookie=false
+downloadspoof=false
+js_inject=false
+html_inject=false
+dump_post_data=false
+upsidedownternet=false
+beef=false
+replaceImages=false
+inverted_internet=false
+shakepage=false
+
+[set_dnsspoof]
+domain_0={'facebook.com':'10.0.0.1'}
+domain_1={'teste.com':'10.0.0.1'}
+domain_2={'example.com':'10.0.0.1'}
+domain_3={'website.com':'10.0.0.1'}
+
+[set_js_inject]
+url=http://example.com/foo.js
+
+[set_replaceImages]
+path=icons/logo.png
+
+[set_beef]
+hook=http://172.16.149.141:3000/hook.js
+
+[set_html_inject]
+content_path=file.html
+
+[set_downloadspoof]
+backdoorExePath=plguins/extension/tmp/exe/backdoor.exe
+backdoorPDFpath=plguins/extension/tmp/pdf/backdoor.pdf
+backdoorWORDpath=plguins/extension/tmp/doc/backdoor.doc
+backdoorXLSpath=plguins/extension/tmp/xls/backdoor.xls

core/config/commits/Lcommits.cfg

@@ -1,4 +1,12 @@
 master:
+[
+  {	Version: '0.8.4'}
+  { changelog : 'added new plugin Pumpkin-Proxy (mitmproxy API)' },
+  { changelog : 'added new notifications for donations' },
+  { changelog : 'fixed theme default QtableView Color hover' },
+]
+
+WiFiPumpkin083:
 [
   {	Version: '0.8.3'}
   { changelog : 'added new design main tool' },

core/helpers/about.py

@@ -35,6 +35,8 @@ def __init__(self,parent = None):
         self.scroll.setWidget(self.scrollwidget)
 
         self.formMode = QFormLayout()
+        self.formMode.addRow(QLabel('<a href="https://github.com/mitmproxy/mitmproxy"><strong>@mitmproxy</strong></a>'))
+        self.formMode.addRow(QLabel('ProxyServer tranparent HTTP proxy <br>'))
         self.formMode.addRow(QLabel('<a href="https://github.com/TimSchumi"><strong>@TimSchumi</strong></a>'))
         self.formMode.addRow(QLabel('Debian package build for WiFi-Pumpkin <br>'))
         self.formMode.addRow(QLabel('<a href="https://github.com/psychomario"><strong>@psychomario</strong></a>'))
@@ -95,8 +97,9 @@ def Qui_update(self):
         self.tabwid = QTabWidget(self)
         self.TabAbout = QWidget(self)
         self.TabVersion = QWidget(self)
-        self.TabTranks  = QWidget()
+        self.TabTranks  = QWidget(self)
         self.TabChangelog = QWidget(self)
+        self.TabDonate   = QWidget(self)
         self.btn_exit = QPushButton("Close")
         self.btn_exit.setFixedWidth(90)
         self.btn_exit.setIcon(QIcon('icons/cancel.png'))
@@ -106,6 +109,7 @@ def Qui_update(self):
         self.formVersion = QFormLayout()
         self.formTranks = QFormLayout()
         self.formChange = QFormLayout()
+        self.formDonate = QFormLayout()
 
         # About section
         self.formAbout.addRow(self.desc)
@@ -121,6 +125,20 @@ def Qui_update(self):
         self.formAbout.addRow(QLabel('<center>{}</center>'.format(self.author[-14:])))
         self.TabAbout.setLayout(self.formAbout)
 
+        #Donate section
+        self.formDonate.addRow(QLabel('Open source project require developer time.<br>'
+        ' You need dev time to fix bugs, you need dev time<br> to add features,'
+        " thank you for your contribution! "))
+        self.imagePay =  QLabel()
+        self.imagePay.setPixmap(QPixmap('icons/donatepay.gif'))
+        self.formDonate.addRow(QLabel(''))
+        self.formDonate.addRow(QLabel('Support Donations:'))
+        self.formDonate.addRow(self.imagePay)
+        self.formDonate.addRow(QLabel('Paypal:'),QLabel('<a href="https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick'
+        '&hosted_button_id=PUPJEGHLJPFQL">WiFi-Pumpkin project - Paypal Donataion </a>'))
+        self.formDonate.addRow(QLabel('BTC:'),QLabel('<a href="1HBXz6XX3LcHqUnaca5HRqq6rPUmA3pf6f">1HBXz6XX3LcHqUnaca5HRqq6rPUmA3pf6f</a>'))
+        self.TabDonate.setLayout(self.formDonate)
+
         # Version Section
         self.formVersion.addRow(QLabel('<strong>Version: {}</strong><br>'.format(self.version)))
         self.formVersion.addRow(QLabel('Using:'))
@@ -147,6 +165,7 @@ def Qui_update(self):
         self.tabwid.addTab(self.TabVersion,'Version')
         self.tabwid.addTab(self.TabChangelog,'ChangeLog')
         self.tabwid.addTab(self.TabTranks,'TranksTo')
+        self.tabwid.addTab(self.TabDonate, 'Donate')
         self.form.addRow(self.tabwid)
         self.form2.addSpacing(240)
         self.form2.addWidget(self.btn_exit)

core/helpers/report.py

@@ -60,7 +60,7 @@ def get_all_items_Unchecked(self):
     def convertIt(self,printer):
         # generate file pdf
         self.ExportPDF.print_(printer)
-        QMessageBox.information(self, 'WiFi Pumpkin Report PDF', 'file PDF has been generated with success.')
+        QMessageBox.information(self, 'WiFi Pumpkin Report PDF', 'file PDF has been generated successfully.')
 
     def exportFilesSystem(self):
         # export HTML or pdf file
@@ -89,7 +89,7 @@ def exportFilesSystem(self):
             if len(filename[0]) != 0:
                 with open(str(filename[0]),'w') as filehtml:
                     filehtml.write(contents['HTML']),filehtml.close()
-                QMessageBox.information(self, 'WiFi Pumpkin Report HTML', 'file has been saved with success.')
+                QMessageBox.information(self, 'WiFi Pumpkin Report HTML', 'file logs has been saved successfully.')
 
         elif self.checkPDF.isChecked():
             filename = QFileDialog.getSaveFileNameAndFilter(self,

core/helpers/update.py

@@ -138,7 +138,7 @@ def RcheckCommits(self,commits):
             item.setSizeHint(QSize(20,20))
             self.LCommits.addItem(item)
             return self.btnCheck.setEnabled(True)
-        elif 'new Version available WiFi-Pumpkin v' in commits:
+        elif 'New version available WiFi-Pumpkin v' in commits:
             reply = QMessageBox.question(self, 'Update Information',
                 '{}, would you like to update??'.format(commits), QMessageBox.Yes |
                 QMessageBox.No, QMessageBox.No)
@@ -159,7 +159,7 @@ def RcheckCommits(self,commits):
         elif '::updated' in commits:
             self.pb.update_bar(100)
             QMessageBox.information(self,'Update Information',
-            "Already up-to-date. You're required to restart the tool to apply this update.")
+            "Already up-to-date. Please restart WiFi-Pumpkin to apply this update.")
             self.btnUpdate.setDisabled(True)
         else:
             self.LOutput.addItem(commits)

core/loaders/master/github.py

@@ -83,7 +83,7 @@ def NewVersionUpdate(self):
 
     def checkUpdate(self,Version):
         if self.commit_update['Version'] != Version:
-            return self.emit(SIGNAL('Activated ( QString )'),'new Version available WiFi-Pumpkin v'
+            return self.emit(SIGNAL('Activated ( QString )'),'New version available WiFi-Pumpkin v'
             +self.commit_update['Version'])
         if self.commit_update['size'] > self.commit_local['size']:
             for commit in self.commit_update['lines'][self.commit_local['size']:]:

core/loaders/models/PackagesUI.py

@@ -2,6 +2,7 @@
 from PyQt4.QtCore import *
 from core.utils import Refactor,set_monitor_mode
 from subprocess import Popen,PIPE
+from core.utility.collection import SettingsINI
 from core.utility.settings import frm_Settings
 from modules.servers.PhishingManager import frm_PhishingManager
 from core.utility.threads import ThreadPopen,ThreadScan,ProcessThread,ThreadFastScanIP