Dviide is a javascript mitm/xss framework built in node.js with easily writable modules.
To initialize the server and listeners:
git clone https://github.com/idiidk/dviide-framework.git
cd dviide-framework
npm install
node backend.jsA file called config.json is located at the root of the repository, edit this file first to provide the ip of your server. To infect clients inject the inject.js file into their browser. You will then see a connection on the backend.
Remember I was talking about modules? Well they are easy to write and implement. Some sample modules can be found in the /dviide/modules folder. The basics of a module are:
- A
this.namestring - This just specifies the module name called back to the server. - A
this.startfunction() - This function is called when the module is injected.
To return data to the server call:
//More callback types coming soon...
dviide.callbackText('data');
If you want access to things such as the ip and port of the server just take a look at the dviide class in inject.js.
Do you want to write your own custom commands? Well you can! A command consists of the following functions:
- A
this.prefixstring - This is what will be typed to call your command. - A
this.callfunction(args, mh) - This is the function that will be called upon execution of your module. The args variable conatins an array with the arguments passed to your module. The mh variable contains a ModuleHelper object to interface with the framework. To learn more about this object you should take a look at the backend class for the ModuleHelper.
By default the backend listens on port 3000 for incoming client connections. It also runs a small webserver on port 3030 which just serves the inject.js file.