bettercap 1.1.0

data/lib/bettercap/logger.rb

@@ -0,0 +1,53 @@
+=begin
+
+BETTERCAP
+
+Author : Simone 'evilsocket' Margaritelli
+Email  : evilsocket@gmail.com
+Blog   : http://www.evilsocket.net/
+
+This project is released under the GPL 3 license.
+
+=end
+module Logger
+  class << self
+    attr_accessor :logfile, :debug_enabled
+
+    @@semaphore = Mutex.new
+
+    def error(message)
+      write(formatted_message(message, 'E').red)
+    end
+
+    def info(message)
+      write(formatted_message(message, 'I'))
+    end
+
+    def warn(message)
+      write(formatted_message(message, 'W').yellow)
+    end
+
+    def debug(message)
+      if @debug_enabled
+        write(formatted_message(message, 'D').light_black)
+      end
+    end
+
+    def write(message)
+      # make sure that logging is thread safe
+      @@semaphore.synchronize {
+        puts message
+        if !@logfile.nil?
+          f = File.open( @logfile, 'a+t' )
+          f.puts( message.gsub( /\e\[(\d+)(;\d+)*m/, '') + "\n")
+          f.close
+        end
+      }
+    end
+
+    private
+    def formatted_message(message, message_type)
+      "[#{message_type}] #{message}"
+    end
+  end
+end

data/lib/bettercap/monkey/packetfu/utils.rb

@@ -0,0 +1,96 @@
+=begin
+
+BETTERCAP
+
+Author : Simone 'evilsocket' Margaritelli
+Email  : evilsocket@gmail.com
+Blog   : http://www.evilsocket.net/
+
+This project is released under the GPL 3 license.
+
+=end
+
+# PacketFu::Utils.ifconfig is broken under OS X, it does
+# not correctly parse the netmask field due to a wrong
+# regular expression.
+#
+# ORIGINAL: https://github.com/packetfu/packetfu/blob/master/lib/packetfu/utils.rb#L204
+require 'bettercap/logger'
+
+module PacketFu
+  class Utils
+    def self.ifconfig(iface='eth0')
+      ret = {}
+      iface = iface.to_s.scan(/[0-9A-Za-z]/).join
+
+      Logger.debug "ifconfig #{iface}"
+      
+      ifconfig_data = Shell.ifconfig(iface)
+      
+      case RUBY_PLATFORM
+      when /linux/i
+        Logger.debug "Linux ifconfig #{iface}:\n#{ifconfig_data}"
+        
+        if ifconfig_data =~ /#{iface}/i
+          ifconfig_data = ifconfig_data.split(/[\s]*\n[\s]*/)
+        else
+          raise ArgumentError, "Cannot ifconfig #{iface}"
+        end
+        real_iface = ifconfig_data.first
+        ret[:iface] = real_iface.split.first.downcase.gsub(':','')
+        if real_iface =~ /[\s]HWaddr[\s]+([0-9a-fA-F:]{17})/i
+          ret[:eth_saddr] = $1.downcase
+          ret[:eth_src] = EthHeader.mac2str(ret[:eth_saddr])
+        end
+        ifconfig_data.each do |s|
+          case s
+          when /inet [a-z]+:[\s]*([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)(.*[a-z]+:([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+))?/i
+            ret[:ip_saddr] = $1
+            ret[:ip_src] = [IPAddr.new($1).to_i].pack("N")
+            ret[:ip4_obj] = IPAddr.new($1)
+            ret[:ip4_obj] = ret[:ip4_obj].mask($3) if $3
+          when /inet[\s]+([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)(.*Mask[\s]+([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+))?/i
+            ret[:ip_saddr] = $1
+            ret[:ip_src] = [IPAddr.new($1).to_i].pack("N")
+            ret[:ip4_obj] = IPAddr.new($1)
+            ret[:ip4_obj] = ret[:ip4_obj].mask($3) if $3
+          when /inet6 [a-z]+:[\s]*([0-9a-fA-F:\x2f]+)/
+            ret[:ip6_saddr] = $1
+            ret[:ip6_obj] = IPAddr.new($1)
+          end
+        end # linux
+      when /darwin/i
+        Logger.debug "OSX ifconfig #{iface}:\n#{ifconfig_data}"
+        
+        if ifconfig_data =~ /#{iface}/i
+          ifconfig_data = ifconfig_data.split(/[\s]*\n[\s]*/)
+        else
+          raise ArgumentError, "Cannot ifconfig #{iface}"
+        end
+        real_iface = ifconfig_data.first
+        ret[:iface] = real_iface.split(':')[0]
+        ifconfig_data.each do |s|
+          case s
+          when /ether[\s]([0-9a-fA-F:]{17})/i
+            ret[:eth_saddr] = $1
+            ret[:eth_src] = EthHeader.mac2str(ret[:eth_saddr])
+          when /inet[\s]*([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)(.*Mask[\s]+(0x[a-f0-9]+))?/i
+            imask = 0
+            if $3
+              imask = $3.to_i(16).to_s(2).count("1")
+            end
+
+            ret[:ip_saddr] = $1
+            ret[:ip_src] = [IPAddr.new($1).to_i].pack("N")
+            ret[:ip4_obj] = IPAddr.new($1)
+            ret[:ip4_obj] = ret[:ip4_obj].mask(imask) if imask
+          when /inet6[\s]*([0-9a-fA-F:\x2f]+)/
+            ret[:ip6_saddr] = $1
+            ret[:ip6_obj] = IPAddr.new($1)
+          end
+        end # darwin
+      end # RUBY_PLATFORM
+      ret
+    end
+  end
+end

data/lib/bettercap/network.rb

@@ -0,0 +1,131 @@
+=begin
+
+BETTERCAP
+
+Author : Simone 'evilsocket' Margaritelli
+Email  : evilsocket@gmail.com
+Blog   : http://www.evilsocket.net/
+
+This project is released under the GPL 3 license.
+
+=end
+require 'thread'
+
+require 'bettercap/error'
+require 'bettercap/logger'
+require 'bettercap/shell'
+require 'bettercap/target'
+require 'bettercap/factories/firewall_factory'
+require 'bettercap/discovery/icmp'
+require 'bettercap/discovery/udp'
+require 'bettercap/discovery/syn'
+require 'bettercap/discovery/arp'
+
+class Network
+
+  def Network.is_ip?(ip)
+    if /\A(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})\Z/ =~ ip
+      return $~.captures.all? {|i| i.to_i < 256}
+    end
+    false
+  end
+
+  def Network.get_gateway
+    nstat = Shell.execute('netstat -nr')
+
+    Logger.debug "NETSTAT:\n#{nstat}"
+      
+    out = nstat.split(/\n/).select {|n| n =~ /UG/ }
+    gw = out.first.split[1]
+
+    raise BetterCap::Error, 'Could not detect gateway address' unless is_ip?(gw)
+    gw
+  end
+
+  def Network.get_local_ips
+    ips = []
+    
+    Shell.ifconfig.split("\n").each do |line|
+      if line =~ /inet [adr:]*([\d\.]+)/
+        ips << $1
+      end
+    end
+
+    ips
+  end
+
+  def Network.get_alive_targets( ctx, timeout = 5 )
+    if ctx.options[:arpcache] == false
+      icmp = IcmpAgent.new timeout
+      udp = UdpAgent.new ctx.ifconfig, ctx.gateway, ctx.iface[:ip_saddr]
+      syn = SynAgent.new ctx.ifconfig, ctx.gateway, ctx.iface[:ip_saddr]
+
+      syn.wait
+      icmp.wait
+      udp.wait
+    else
+      Logger.debug 'Using current ARP cache.'
+    end
+
+    ArpAgent.parse ctx
+  end
+
+=begin
+  FIXME:
+
+  Apparently on Mac OSX the gem pcaprub ( or libpcap itself ) has
+  a bug, so we can't use 'PacketFu::Utils::arp' since the funtion
+  it's using:
+
+  if cap.save > 0
+    ...
+  end
+
+  won't catch anything, instead we're using cap.stream.each.
+=end
+  def Network.get_hw_address( iface, ip_address, attempts = 2 )
+    hw_address = nil
+
+    attempts.times do
+      arp_pkt = PacketFu::ARPPacket.new
+
+      arp_pkt.eth_saddr     = arp_pkt.arp_saddr_mac = iface[:eth_saddr]
+      arp_pkt.eth_daddr     = 'ff:ff:ff:ff:ff:ff'
+      arp_pkt.arp_daddr_mac = '00:00:00:00:00:00'
+      arp_pkt.arp_saddr_ip  = iface[:ip_saddr]
+      arp_pkt.arp_daddr_ip  = ip_address
+
+      cap_thread = Thread.new do
+        target_mac = nil
+        cap = PacketFu::Capture.new(
+          :iface => iface[:iface],
+          :start => true,
+          :filter => "arp src #{ip_address} and ether dst #{arp_pkt.eth_saddr}"
+        )
+        arp_pkt.to_w(iface[:iface])
+
+        timeout = 0
+
+        while target_mac.nil? && timeout <= 5
+          cap.stream.each do |p|
+            arp_response = PacketFu::Packet.parse(p)
+            target_mac = arp_response.arp_saddr_mac if arp_response.arp_saddr_ip == ip_address
+
+            break unless target_mac.nil?
+          end
+
+          timeout += 0.1
+
+          Logger.debug 'Retrying ...'
+          sleep 0.1
+        end
+        target_mac
+      end
+      hw_address = cap_thread.value
+
+      break unless hw_address.nil?
+    end
+
+    hw_address
+  end
+end

data/lib/bettercap/proxy/module.rb

@@ -0,0 +1,39 @@
+=begin
+
+BETTERCAP
+
+Author : Simone 'evilsocket' Margaritelli
+Email  : evilsocket@gmail.com
+Blog   : http://www.evilsocket.net/
+
+This project is released under the GPL 3 license.
+
+=end
+require 'bettercap/logger'
+
+module Proxy
+
+class Module
+  @@modules = []
+
+  def self.modules
+    @@modules
+  end
+
+  # we're enabled by default, yo!
+  def is_enabled?
+    true
+  end
+
+  def self.register_modules
+    Object.constants.each do |klass|
+      const = Kernel.const_get(klass)
+      if const.respond_to?(:superclass) and const.superclass == self
+        Logger.debug "Registering module #{const}"
+        @@modules << const.new
+      end
+    end
+  end
+end
+
+end

data/lib/bettercap/proxy/proxy.rb

@@ -0,0 +1,262 @@
+=begin
+
+BETTERCAP
+
+Author : Simone 'evilsocket' Margaritelli
+Email  : evilsocket@gmail.com
+Blog   : http://www.evilsocket.net/
+
+This project is released under the GPL 3 license.
+
+=end
+
+require 'socket'
+require 'uri'
+
+require 'bettercap/logger'
+require 'bettercap/network'
+
+module Proxy
+
+class Proxy
+  def initialize address, port, &processor
+    @socket      = nil
+    @address     = address
+    @port        = port
+    @main_thread = nil
+    @running     = false
+    @processor   = processor
+    @local_ips   = []
+
+    begin
+      @local_ips = Socket.ip_address_list.collect { |x| x.ip_address }
+    rescue
+      Logget.warn 'Could not get local ips using Socket module, using Network.get_local_ips method.'
+
+      @local_ips = Network.get_local_ips
+    end
+  end
+
+  def start
+    begin
+      @socket = TCPServer.new( @address, @port )
+      @main_thread = Thread.new &method(:server_thread)
+    rescue Exception => e
+      Logger.error "Error starting proxy: #{e.inspect}"
+      @socket.close unless @socket.nil?
+    end
+  end
+
+  def stop
+    begin
+      Logger.info 'Stopping proxy ...'
+
+      if @socket and @running
+        @running = false        
+        @socket.close
+      end
+    rescue
+    end
+  end
+
+  private
+
+  def server_thread
+    Logger.info "Proxy started on #{@address}:#{@port} ...\n"
+
+    @running = true
+
+    begin
+      while @running do
+        Thread.new @socket.accept, &method(:client_thread)
+      end
+    rescue Exception => e
+      if @running
+        Logger.warn "Error while accepting connection: #{e.inspect}"
+      end
+    ensure
+      @socket.close unless @socket.nil?
+    end
+  end
+
+  def binary_streaming from, to, opts = {}
+
+    total_size = 0
+
+    # if response|request object is available and a content length as well
+    # use it to speed up data streaming with precise data size
+    if not opts[:response].nil?
+      to.write opts[:response].to_s
+
+      total_size = opts[:response].content_length unless opts[:response].content_length.nil?
+    elsif not opts[:request].nil?
+
+      total_size = opts[:request].content_length unless opts[:request].content_length.nil?
+    end
+
+    buff = ""
+    read = 0
+
+    if total_size
+      chunk_size = 1024
+    else
+      chunk_size = [ 1024, total_size ].min
+    end
+
+    if chunk_size > 0
+      loop do
+        from.read chunk_size, buff
+
+        # nothing more to read?
+        break unless buff.size > 0
+
+        to.write buff
+
+        read += buff.size
+
+        # collect into the proper object
+        if not opts[:request].nil? and opts[:request].is_post?
+          opts[:request] << buff
+        end
+
+        # we've done reading?
+        break unless read != total_size
+      end
+    end
+  end
+
+  def html_streaming request, response, from, to
+    buff = ""
+    loop do
+      from.read 1024, buff
+
+      break unless buff.size > 0
+
+      response << buff
+    end
+
+    @processor.call( request, response )
+
+    # Response::to_s will patch the headers if needed
+    to.write response.to_s
+  end
+
+  def log_stream client, request, response
+    client_s   = "[#{client}]"
+    verb_s     = request.verb
+    request_s  = "http://#{request.host}#{request.url}"
+    response_s = "( #{response.content_type} )"
+    request_s  = request_s.slice(0..50) + "..." unless request_s.length <= 50
+
+    verb_s = verb_s.light_blue
+
+    if response.code[0] == '2'
+      response_s += " [#{response.code}]".green
+    elsif response.code[0] == '3'
+      response_s += " [#{response.code}]".light_black
+    elsif response.code[0] == '4'
+      response_s += " [#{response.code}]".yellow
+    elsif response.code[0] == '5'
+      response_s += " [#{response.code}]".red
+    else
+      response_s += " [#{response.code}]"
+    end
+
+    Logger.write "#{client_s} #{verb_s} #{request_s} #{response_s}"
+  end
+
+  def is_self_request? request
+    @local_ips.include? IPSocket.getaddress(request.host)
+  end
+
+  def rickroll_lamer client
+    client.write "HTTP/1.1 302 Found\n"
+    client.write "Location: https://www.youtube.com/watch?v=dQw4w9WgXcQ\n\n"
+  end
+
+  def client_thread client
+    client_port, client_ip = Socket.unpack_sockaddr_in(client.getpeername)
+    Logger.debug "New connection from #{client_ip}:#{client_port}"
+
+    server = nil
+    request = Request.new
+
+    begin
+      # read the first line
+      request << client.readline
+
+      loop do
+        line = client.readline
+        request << line
+
+        if line.chomp == ""
+          break
+        end
+      end
+
+      raise "Couldn't extract host from the request." unless request.host
+
+      # someone is having fun with us =)
+      if is_self_request? request
+
+        Logger.warn "#{client_ip} is connecting to us directly."
+
+        rickroll_lamer client
+
+      else
+
+        server = TCPSocket.new( request.host, request.port )
+
+        server.write request.to_s
+
+        # this is probably a POST request, collect incoming data
+        if request.content_length > 0
+          Logger.debug "Getting #{request.content_length} bytes from client"
+
+          binary_streaming client, server, :request => request
+        end
+
+        Logger.debug 'Reading response ...'
+
+        response = Response.new
+
+        # read all response headers
+        loop do
+          line = server.readline
+
+          response << line
+
+          break unless not response.headers_done
+        end
+
+        if response.is_textual?
+          log_stream client_ip, request, response
+
+          Logger.debug 'Detected textual response'
+
+          html_streaming request, response, server, client
+        else
+          Logger.debug "[#{client_ip}] -> #{request.host}#{request.url} [#{response.code}]"
+
+          Logger.debug 'Binary streaming'
+
+          binary_streaming server, client, :response => response
+        end
+
+        Logger.debug "#{client_ip}:#{client_port} served."
+      end
+
+    rescue Exception => e
+      if request.host
+        Logger.debug "Error while serving #{request.host}#{request.url}: #{e.inspect}"
+        Logger.debug e.backtrace
+      end
+    ensure
+      client.close
+      server.close unless server.nil?
+    end
+  end
+end
+
+
+end