RubyGems - bettercap - Versions diffs - 1.1.1 → 1.1.2 - Mend

bettercap 1.1.1 → 1.1.2

Files changed (35) hide show

checksums.yaml +4 -4
data/.gitignore +5 -0
data/LICENSE.md +596 -0
data/README.md +18 -15
data/TODO.md +22 -0
data/bettercap.gemspec +1 -6
data/bin/bettercap +35 -46
data/lib/bettercap.rb +39 -0
data/lib/bettercap/base/ifirewall.rb +11 -5
data/lib/bettercap/base/ispoofer.rb +9 -3
data/lib/bettercap/context.rb +48 -38
data/lib/bettercap/discovery/arp.rb +18 -2
data/lib/bettercap/discovery/base.rb +64 -0
data/lib/bettercap/discovery/icmp.rb +3 -3
data/lib/bettercap/discovery/syn.rb +6 -49
data/lib/bettercap/discovery/udp.rb +23 -58
data/lib/bettercap/factories/firewall_factory.rb +1 -1
data/lib/bettercap/factories/parser_factory.rb +27 -25
data/lib/bettercap/factories/spoofer_factory.rb +19 -13
data/lib/bettercap/firewalls/linux.rb +3 -11
data/lib/bettercap/firewalls/osx.rb +5 -18
data/lib/bettercap/httpd/server.rb +4 -4
data/lib/bettercap/network.rb +87 -74
data/lib/bettercap/proxy/module.rb +1 -1
data/lib/bettercap/proxy/proxy.rb +3 -3
data/lib/bettercap/proxy/request.rb +5 -5
data/lib/bettercap/proxy/response.rb +2 -2
data/lib/bettercap/sniffer/parsers/base.rb +13 -13
data/lib/bettercap/sniffer/sniffer.rb +19 -2
data/lib/bettercap/spoofers/arp.rb +5 -5
data/lib/bettercap/target.rb +18 -18
data/lib/bettercap/version.rb +1 -1
metadata +10 -7
data/LICENSE +0 -225
data/example_proxy_module.rb +0 -21

data/lib/bettercap/discovery/arp.rb CHANGED

@@ -12,9 +12,11 @@ This project is released under the GPL 3 license.
 require 'bettercap/logger'
 require 'bettercap/shell'
 require 'bettercap/target'
+require 'bettercap/discovery/base'
 # Parse the ARP table searching for new hosts.
-class ArpAgent
+class ArpAgent < BaseAgent
   def self.parse( ctx )
     arp     = Shell.arp
     targets = []
@@ -24,7 +26,7 @@ class ArpAgent
     arp.split("\n").each do |line|
       m = /[^\s]+\s+\(([0-9\.]+)\)\s+at\s+([a-f0-9:]+).+#{ctx.ifconfig[:iface]}.*/i.match(line)
       if !m.nil?
-        if m[1] != ctx.gateway and m[1] != ctx.iface[:ip_saddr] and m[2] != 'ff:ff:ff:ff:ff:ff'
+        if m[1] != ctx.gateway and m[1] != ctx.ifconfig[:ip_saddr] and m[2] != 'ff:ff:ff:ff:ff:ff'
           target = Target.new( m[1], m[2] )
           targets << target
           Logger.debug "FOUND  #{target}"
@@ -34,4 +36,18 @@ class ArpAgent
     targets
   end
+  private
+  def send_probe( ip )
+    pkt = PacketFu::ARPPacket.new
+    pkt.eth_saddr     = pkt.arp_saddr_mac = @ifconfig[:eth_saddr]
+    pkt.eth_daddr     = 'ff:ff:ff:ff:ff:ff'
+    pkt.arp_daddr_mac = '00:00:00:00:00:00'
+    pkt.arp_saddr_ip  = @ifconfig[:ip_saddr]
+    pkt.arp_daddr_ip  = ip
+    pkt.to_w( @ifconfig[:iface] )
+  end
 end

data/lib/bettercap/discovery/base.rb ADDED

@@ -0,0 +1,64 @@
+=begin
+BETTERCAP
+Author : Simone 'evilsocket' Margaritelli
+Email  : evilsocket@gmail.com
+Blog   : http://www.evilsocket.net/
+This project is released under the GPL 3 license.
+=end
+require 'bettercap/logger'
+# Base class for discovery agents.
+class BaseAgent
+  def initialize( ifconfig, gw_ip, local_ip )
+    @local_ip = local_ip
+    @ifconfig = ifconfig
+    @queue    = Queue.new
+    net = ip = @ifconfig[:ip4_obj]
+    # loop each ip in our subnet and push it to the queue
+    while net.include?ip
+      # rescanning the gateway could cause an issue when the
+      # gateway itself has multiple interfaces ( LAN, WAN ... )
+      if ip != gw_ip and ip != local_ip
+        @queue.push ip
+      end
+      ip = ip.succ
+    end
+    # spawn the workers! ( tnx to https://blog.engineyard.com/2014/ruby-thread-pool )
+    @workers = (0...4).map do
+      Thread.new do
+        begin
+          while ip = @queue.pop(true)
+            Logger.debug "#{self.class.name} : Probing #{ip} ..."
+            send_probe ip.to_s
+          end
+        rescue Exception => e
+          Logger.debug "#{self.class.name} : #{ip} -> #{e.message}"
+        end
+      end
+    end
+  end
+  def wait
+    begin
+      @workers.map(&:join)
+    rescue Exception => e
+      Logger.debug "#{self.class.name}.wait: #{e.message}"
+    end
+  end
+  private
+  def send_probe( ip )
+    Logger.warn "#{self.class.name} not implemented!"
+  end
+end

data/lib/bettercap/discovery/icmp.rb CHANGED

@@ -16,15 +16,15 @@ require 'bettercap/factories/firewall_factory'
 # Send a broadcast ping trying to filling the ARP table.
 class IcmpAgent
   def initialize( timeout = 5 )
-    @thread = Thread.new do
+    @thread = Thread.new {
       FirewallFactory.get_firewall.enable_icmp_bcast(true)
       if RUBY_PLATFORM =~ /darwin/
         ping = Shell.execute("ping -i #{timeout} -c 2 255.255.255.255")
-      elsif RUBY_PLATFORM =~ /linux/
+      elsif RUBY_PLATFORM =~ /linux/
         ping = Shell.execute("ping -i #{timeout} -c 2 -b 255.255.255.255")
       end
-    end
+    }
   end
   def wait

data/lib/bettercap/discovery/syn.rb CHANGED

@@ -9,57 +9,13 @@ Blog   : http://www.evilsocket.net/
 This project is released under the GPL 3 license.
 =end
-require 'bettercap/logger'
+require 'bettercap/discovery/base'
 # Send SYN probes trying to filling the ARP table.
-class SynAgent
-  def initialize( ifconfig, gw_ip, local_ip )
-    @local_ip = local_ip
-    @ifconfig = ifconfig
-    @queue    = Queue.new
-    net = ip = @ifconfig[:ip4_obj]
-    # loop each ip in our subnet and push it to the queue
-    while net.include?ip
-      # rescanning the gateway could cause an issue when the
-      # gateway itself has multiple interfaces ( LAN, WAN ... )
-      if ip != gw_ip and ip != local_ip
-        @queue.push ip
-      end
-      ip = ip.succ
-    end
-    # spawn the workers! ( tnx to https://blog.engineyard.com/2014/ruby-thread-pool )
-    @workers = (0...4).map do
-      Thread.new do
-        begin
-          while ip = @queue.pop(true)
-            Logger.debug "SYN Probing #{ip} ..."
-            pkt = get_packet ip.to_s
-            pkt.to_w( @ifconfig[:iface] )
-          end
-        rescue Exception => e
-          Logger.debug "#{ip} -> #{e.message}"
-        end
-      end
-    end
-  end
-  def wait
-    begin
-      @workers.map(&:join)
-    rescue Exception => e
-      Logger.debug "SynAgent.wait: #{e.message}"
-    end
-  end
+class SynAgent < BaseAgent
   private
-  def get_packet( destination )
+  def send_probe( ip )
     pkt = PacketFu::TCPPacket.new
     pkt.ip_v      = 4
     pkt.ip_hl     = 5
@@ -69,7 +25,7 @@ class SynAgent
     pkt.ip_ttl    = 115
     pkt.ip_proto  = 6	# TCP
     pkt.ip_saddr  = @local_ip
-    pkt.ip_daddr  = destination
+    pkt.ip_daddr  = ip
     pkt.payload   = "\xC\x0\xF\xF\xE\xE"
     pkt.tcp_flags.ack  = 0
     pkt.tcp_flags.fin  = 0
@@ -82,7 +38,8 @@ class SynAgent
     pkt.tcp_hlen       = 5
     pkt.tcp_dst        = rand(1024..65535)
     pkt.recalc
-    pkt
+    pkt.to_w( @ifconfig[:iface] )
   end
 end

data/lib/bettercap/discovery/udp.rb CHANGED

@@ -9,66 +9,31 @@ Blog   : http://www.evilsocket.net/
 This project is released under the GPL 3 license.
 =end
-require 'bettercap/logger'
+require 'bettercap/discovery/base'
 # Send UDP probes trying to filling the ARP table.
-class UdpAgent
-  def initialize( ifconfig, gw_ip, local_ip )
-    @ifconfig = ifconfig
-    @port = 137
-    @message =
-      "\x82\x28\x00\x00\x00" +
-      "\x01\x00\x00\x00\x00" +
-      "\x00\x00\x20\x43\x4B" +
-      "\x41\x41\x41\x41\x41" +
-      "\x41\x41\x41\x41\x41" +
-      "\x41\x41\x41\x41\x41" +
-      "\x41\x41\x41\x41\x41" +
-      "\x41\x41\x41\x41\x41" +
-      "\x41\x41\x41\x41\x41" +
-      "\x00\x00\x21\x00\x01"
-    @queue = Queue.new
-    net = ip = @ifconfig[:ip4_obj]
-    # loop each ip in our subnet and push it to the queue
-    while net.include?ip
-      # rescanning the gateway could cause an issue when the
-      # gateway itself has multiple interfaces ( LAN, WAN ... )
-      if ip != gw_ip and ip != local_ip
-        @queue.push ip
-      end
-      ip = ip.succ
-    end
-    # spawn the workers! ( tnx to https://blog.engineyard.com/2014/ruby-thread-pool )
-    @workers = (0...4).map do
-      Thread.new do
-        begin
-          while ip = @queue.pop(true)
-            Logger.debug "Probing #{ip} ..."
-            # send netbios udp packet, just to fill ARP table
-            sd = UDPSocket.new
-            sd.send( @message, 0, ip.to_s, @port )
-            sd = nil
-            # TODO: Parse response for hostname?
-          end
-        rescue Exception => e
-          Logger.debug "#{ip} -> #{e.message}"
-        end
-      end
-    end
-  end
-  def wait
-    begin
-      @workers.map(&:join)
-    rescue Exception => e
-      Logger.debug "UdpAgent.wait: #{e.message}"
-    end
+class UdpAgent < BaseAgent
+  private
+  def send_probe( ip )
+    port = 137
+    message =
+        "\x82\x28\x00\x00\x00" +
+        "\x01\x00\x00\x00\x00" +
+        "\x00\x00\x20\x43\x4B" +
+        "\x41\x41\x41\x41\x41" +
+        "\x41\x41\x41\x41\x41" +
+        "\x41\x41\x41\x41\x41" +
+        "\x41\x41\x41\x41\x41" +
+        "\x41\x41\x41\x41\x41" +
+        "\x41\x41\x41\x41\x41" +
+        "\x00\x00\x21\x00\x01"
+    # send netbios udp packet, just to fill ARP table
+    sd = UDPSocket.new
+    sd.send( message, 0, ip.to_s, port )
+    sd = nil
+    # TODO: Parse response for hostname?
   end
 end

data/lib/bettercap/factories/firewall_factory.rb CHANGED

@@ -16,7 +16,7 @@ require 'bettercap/firewalls/linux'
 class FirewallFactory
   @@instance = nil
-  def FirewallFactory.get_firewall
+  def self.get_firewall
     return @@instance unless @@instance.nil?
     if RUBY_PLATFORM =~ /darwin/

data/lib/bettercap/factories/parser_factory.rb CHANGED

@@ -16,38 +16,40 @@ require 'bettercap/logger'
 class ParserFactory
   @@path = File.dirname(__FILE__) + '/../sniffer/parsers/'
-  def ParserFactory.available
-    avail = []
-    Dir.foreach( @@path ) do |file|
-      if file =~ /.rb/ and file != 'base.rb'
-        avail << file.gsub('.rb','').upcase
+  class << self
+    def available
+      avail = []
+      Dir.foreach( @@path ) do |file|
+        if file =~ /.rb/ and file != 'base.rb'
+          avail << file.gsub('.rb','').upcase
+        end
       end
+      avail
     end
-    avail
-  end
-  def ParserFactory.from_cmdline(v)
-    avail = ParserFactory.available
-    list = v.split(',').collect(&:strip).collect(&:upcase).reject{ |c| c.empty? }
-    list.each do |parser|
-        raise BetterCap::Error, "Invalid parser name '#{parser}'." unless avail.include?(parser) or parser == '*'
+    def from_cmdline(v)
+      avail = available
+      list = v.split(',').collect(&:strip).collect(&:upcase).reject{ |c| c.empty? }
+      list.each do |parser|
+          raise BetterCap::Error, "Invalid parser name '#{parser}'." unless avail.include?(parser) or parser == '*'
+      end
+      list
     end
-    list
-  end
-  def ParserFactory.load_by_names(parsers)
-    loaded = []
-    Dir.foreach( @@path ) do |file|
-      cname = file.gsub('.rb','').upcase
-      if file =~ /.rb/ and file != 'base.rb' and ( parsers.include?(cname) or parsers == ['*'] )
-        Logger.debug "Loading parser #{cname} ..."
-        require_relative "#{@@path}#{file}"
-        loaded << Kernel.const_get("#{cname.capitalize}Parser").new
+    def ParserFactory.load_by_names(parsers)
+      loaded = []
+      Dir.foreach( @@path ) do |file|
+        cname = file.gsub('.rb','').upcase
+        if file =~ /.rb/ and file != 'base.rb' and ( parsers.include?(cname) or parsers == ['*'] )
+          Logger.debug "Loading parser #{cname} ..."
+          require_relative "#{@@path}#{file}"
+          loaded << Kernel.const_get("#{cname.capitalize}Parser").new
+        end
       end
+      loaded
     end
-    loaded
   end
 end

data/lib/bettercap/factories/spoofer_factory.rb CHANGED

@@ -12,25 +12,31 @@ This project is released under the GPL 3 license.
 require 'bettercap/error'
 class SpooferFactory
-  def SpooferFactory.available
-    avail = []
-    Dir.foreach( File.dirname(__FILE__) + '/../spoofers/') do |file|
-      if file =~ /.rb/
-        avail << file.gsub('.rb','').upcase
+  class << self
+    def available
+      avail = []
+      Dir.foreach( File.dirname(__FILE__) + '/../spoofers/') do |file|
+        if file =~ /.rb/
+          avail << file.gsub('.rb','').upcase
+        end
       end
+      avail
     end
-    avail
-  end
-  def SpooferFactory.get_by_name(name)
-    avail = SpooferFactory.available
+    def get_by_name(name)
+      raise BetterCap::Error, "Invalid spoofer name '#{name}'!" unless available? name
+      name.downcase!
-    raise BetterCap::Error, "Invalid spoofer name '#{name}'!" unless avail.include? name
+      require_relative "../spoofers/#{name}"
-    name.downcase!
+      Kernel.const_get("#{name.capitalize}Spoofer").new
+    end
-    require_relative "../spoofers/#{name}"
+    private
-    Kernel.const_get("#{name.capitalize}Spoofer").new
+    def available?(name)
+      available.include?(name)
+    end
   end
 end

data/lib/bettercap/firewalls/linux.rb CHANGED

@@ -14,23 +14,15 @@ require 'bettercap/shell'
 class LinuxFirewall < IFirewall
   def enable_forwarding(enabled)
-    if enabled then
-      Shell.execute('echo 1 > /proc/sys/net/ipv4/ip_forward')
-    else
-      Shell.execute('echo 0 > /proc/sys/net/ipv4/ip_forward')
-    end
+    Shell.execute("echo #{enabled ? 1 : 0} > /proc/sys/net/ipv4/ip_forward")
   end
   def forwarding_enabled?
     Shell.execute('cat /proc/sys/net/ipv4/ip_forward').strip == '1'
   end
   def enable_icmp_bcast(enabled)
-    if enabled then
-      Shell.execute('echo 0 > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts')
-    else
-      Shell.execute('echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts')
-    end
+    Shell.execute("echo #{enabled ? 0 : 1} > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts")
   end
   def add_port_redirection( iface, proto, from, addr, to )

data/lib/bettercap/firewalls/osx.rb CHANGED

@@ -14,34 +14,21 @@ require 'bettercap/shell'
 class OSXFirewall < IFirewall
   def enable_forwarding(enabled)
-    if enabled then
-      Shell.execute('sysctl -w net.inet.ip.forwarding=1')
-    else
-      Shell.execute('sysctl -w net.inet.ip.forwarding=0')
-    end
+    Shell.execute("sysctl -w net.inet.ip.forwarding=#{enabled ? 1 : 0}")
   end
   def enable_icmp_bcast(enabled)
-    if enabled then
-      Shell.execute('sysctl -w net.inet.icmp.bmcastecho=1')
-    else
-      Shell.execute('sysctl -w net.inet.icmp.bmcastecho=0')
-    end
+    Shell.execute("sysctl -w net.inet.icmp.bmcastecho=#{enabled ? 1 : 0}")
   end
-  def forwarding_enabled?()
+  def forwarding_enabled?
     Shell.execute('sysctl net.inet.ip.forwarding').strip.split(' ')[1] == '1'
   end
   def enable(enabled)
     begin
-      if enabled
-        Shell.execute('pfctl -e >/dev/null 2>&1')
-      else
-        Shell.execute('pfctl -d >/dev/null 2>&1')
-      end
-    rescue
-    end
+      Shell.execute("pfctl -#{enabled ? ?e : ?d} >/dev/null 2>&1")
+    rescue; end
   end
   def add_port_redirection( iface, proto, from, addr, to )