bettercap 1.1.3 → 1.1.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (45) hide show
  1. checksums.yaml +4 -4
  2. data/CONTRIBUTING.md +42 -0
  3. data/Gemfile +2 -0
  4. data/Gemfile.lock +25 -0
  5. data/README.md +1 -1
  6. data/Rakefile +7 -0
  7. data/TODO.md +2 -2
  8. data/bettercap.gemspec +2 -0
  9. data/bin/bettercap +48 -43
  10. data/lib/bettercap/context.rb +125 -20
  11. data/lib/bettercap/factories/firewall_factory.rb +4 -0
  12. data/lib/bettercap/factories/parser_factory.rb +2 -0
  13. data/lib/bettercap/firewalls/linux.rb +16 -10
  14. data/lib/bettercap/firewalls/osx.rb +19 -8
  15. data/lib/bettercap/logger.rb +2 -0
  16. data/lib/bettercap/network.rb +10 -4
  17. data/lib/bettercap/proxy/certstore.rb +68 -0
  18. data/lib/bettercap/proxy/proxy.rb +87 -43
  19. data/lib/bettercap/proxy/request.rb +22 -4
  20. data/lib/bettercap/proxy/response.rb +15 -0
  21. data/lib/bettercap/sniffer/sniffer.rb +22 -24
  22. data/lib/bettercap/spoofers/arp.rb +38 -6
  23. data/lib/bettercap/target.rb +1 -1
  24. data/lib/bettercap/version.rb +1 -1
  25. data/lib/bettercap.rb +1 -0
  26. data/test/factories/firewall_factory_test.rb +54 -0
  27. data/test/factories/parser_factory_test.rb +36 -0
  28. data/test/factories/spoofer_factory_test.rb +15 -0
  29. data/test/firewalls/linux_firewall_test.rb +72 -0
  30. data/test/firewalls/osx_firewall_test.rb +72 -0
  31. data/test/helpers/mock_shell.rb +17 -0
  32. data/test/logger_test.rb +12 -0
  33. data/test/network_test.rb +14 -0
  34. data/test/pcap/ftp.pcap +0 -0
  35. data/test/pcap/http.pcap +0 -0
  36. data/test/pcap/packets.pcap +0 -0
  37. data/test/proxy/response_test.rb +56 -0
  38. data/test/shell_test.rb +15 -0
  39. data/test/sniffer/parsers/base_parser_test.rb +20 -0
  40. data/test/sniffer/parsers/ftp_parser_test.rb +27 -0
  41. data/test/sniffer/parsers/url_parser_test.rb +25 -0
  42. data/test/target_test.rb +24 -0
  43. data/test/test_helper.rb +47 -0
  44. data/test_https_proxy.rb +29 -0
  45. metadata +40 -2
@@ -0,0 +1,72 @@
1
+ require 'minitest/autorun'
2
+ require 'test_helper'
3
+ require 'firewalls/linux'
4
+ require 'helpers/mock_shell'
5
+
6
+ class OSXFirewallTest < MiniTest::Test
7
+ def test_enabling_forwarding
8
+ firewall = stubbed_firewall(LinuxFirewall).new
9
+ result = firewall.enable_forwarding true
10
+
11
+ assert_equal result, 'echo 1 > /proc/sys/net/ipv4/ip_forward'
12
+ end
13
+
14
+ def test_disabling_forwarding
15
+ firewall = stubbed_firewall(LinuxFirewall).new
16
+ result = firewall.enable_forwarding false
17
+
18
+ assert_equal result, 'echo 0 > /proc/sys/net/ipv4/ip_forward'
19
+ end
20
+
21
+ def test_enabling_icmp_broadcast
22
+ firewall = stubbed_firewall(LinuxFirewall).new
23
+ result = firewall.enable_icmp_bcast true
24
+
25
+ assert_equal result, 'echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts'
26
+ end
27
+
28
+ def test_disabling_icmp_broadcast
29
+ firewall = stubbed_firewall(LinuxFirewall).new
30
+ result = firewall.enable_icmp_bcast false
31
+
32
+ assert_equal result, 'echo 0 > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts'
33
+ end
34
+
35
+ def test_whether_forwarding_is_enabled
36
+ expected_output = '1'
37
+ MockShell.stub :execute, expected_output do
38
+
39
+ firewall = stubbed_firewall(LinuxFirewall).new
40
+ result = firewall.forwarding_enabled?
41
+
42
+ assert result
43
+
44
+ end
45
+ end
46
+
47
+ def test_whether_forwarding_is_disabled
48
+ expected_output = '0'
49
+ MockShell.stub :execute, expected_output do
50
+
51
+ firewall = stubbed_firewall(LinuxFirewall).new
52
+ result = firewall.forwarding_enabled?
53
+
54
+ refute result
55
+
56
+ end
57
+ end
58
+
59
+ def test_enabling_the_firewall
60
+ firewall = stubbed_firewall(LinuxFirewall).new
61
+ result = firewall.enable true
62
+
63
+ assert_equal result, 'pfctl -e >/dev/null 2>&1'
64
+ end
65
+
66
+ def test_disabling_the_firewall
67
+ firewall = stubbed_firewall(LinuxFirewall).new
68
+ result = firewall.enable false
69
+
70
+ assert_equal result, 'pfctl -d >/dev/null 2>&1'
71
+ end
72
+ end
@@ -0,0 +1,72 @@
1
+ require 'minitest/autorun'
2
+ require 'test_helper'
3
+ require 'firewalls/osx'
4
+ require 'helpers/mock_shell'
5
+
6
+ class OSXFirewallTest < MiniTest::Test
7
+ def test_enabling_forwarding
8
+ firewall = stubbed_firewall(OSXFirewall).new
9
+ result = firewall.enable_forwarding true
10
+
11
+ assert_equal result, 'sysctl -w net.inet.ip.forwarding=1'
12
+ end
13
+
14
+ def test_disabling_forwarding
15
+ firewall = stubbed_firewall(OSXFirewall).new
16
+ result = firewall.enable_forwarding false
17
+
18
+ assert_equal result, 'sysctl -w net.inet.ip.forwarding=0'
19
+ end
20
+
21
+ def test_enabling_icmp_broadcast
22
+ firewall = stubbed_firewall(OSXFirewall).new
23
+ result = firewall.enable_icmp_bcast true
24
+
25
+ assert_equal result, 'sysctl -w net.inet.icmp.bmcastecho=1'
26
+ end
27
+
28
+ def test_disabling_icmp_broadcast
29
+ firewall = stubbed_firewall(OSXFirewall).new
30
+ result = firewall.enable_icmp_bcast false
31
+
32
+ assert_equal result, 'sysctl -w net.inet.icmp.bmcastecho=0'
33
+ end
34
+
35
+ def test_whether_forwarding_is_enabled
36
+ expected_output = 'net.inet.ip.forwarding: 1'
37
+ MockShell.stub :execute, expected_output do
38
+
39
+ firewall = stubbed_firewall(OSXFirewall).new
40
+ result = firewall.forwarding_enabled?
41
+
42
+ assert result
43
+
44
+ end
45
+ end
46
+
47
+ def test_whether_forwarding_is_disabled
48
+ expected_output = 'net.inet.ip.forwarding: 0'
49
+ MockShell.stub :execute, expected_output do
50
+
51
+ firewall = stubbed_firewall(OSXFirewall).new
52
+ result = firewall.forwarding_enabled?
53
+
54
+ refute result
55
+
56
+ end
57
+ end
58
+
59
+ def test_enabling_the_firewall
60
+ firewall = stubbed_firewall(OSXFirewall).new
61
+ result = firewall.enable true
62
+
63
+ assert_equal result, 'pfctl -e >/dev/null 2>&1'
64
+ end
65
+
66
+ def test_disabling_the_firewall
67
+ firewall = stubbed_firewall(OSXFirewall).new
68
+ result = firewall.enable false
69
+
70
+ assert_equal result, 'pfctl -d >/dev/null 2>&1'
71
+ end
72
+ end
@@ -0,0 +1,17 @@
1
+ module MockShell
2
+ class << self
3
+ # For easy testing, this method just returns back the command it is given.
4
+ # The real Shell class will return the output string.
5
+ def execute(command)
6
+ return command
7
+ end
8
+
9
+ def ifconfig(iface = '')
10
+ self.execute("LANG=en && ifconfig #{iface}")
11
+ end
12
+
13
+ def arp
14
+ self.execute('LANG=en && arp -a')
15
+ end
16
+ end
17
+ end
@@ -0,0 +1,12 @@
1
+ require 'minitest/autorun'
2
+ require 'test_helper'
3
+ require 'logger'
4
+
5
+ class LoggerTest < MiniTest::Test
6
+ def test_writing_with_a_logfile
7
+ silence do |output|
8
+ Logger.write 'Test log message'
9
+ assert_equal output.read, "Test log message\n"
10
+ end
11
+ end
12
+ end
@@ -0,0 +1,14 @@
1
+ require 'minitest/autorun'
2
+ require 'network'
3
+
4
+ class NetworkTest < MiniTest::Test
5
+ def test_valid_ip_address
6
+ valid = Network.is_ip? '127.0.0.1'
7
+ assert valid
8
+ end
9
+
10
+ def test_invalid_ip_address
11
+ addresses = ['bad-ip', '255.255.255.255.255', '255.255', '999.999.999.999', 123]
12
+ addresses.each { |address| refute Network.is_ip?(address) }
13
+ end
14
+ end
Binary file
Binary file
Binary file
@@ -0,0 +1,56 @@
1
+ require 'minitest/autorun'
2
+ require 'proxy/response'
3
+
4
+ class TestProxyResponse < MiniTest::Test
5
+ def test_response_status_parsing
6
+ response = response_with_line 'HTTP/1.1 200 OK'
7
+ assert_equal response.headers, ['HTTP/1.1 200 OK']
8
+ assert_equal response.code, '200 OK'
9
+ end
10
+
11
+ def test_content_type_parsing
12
+ response = response_with_line 'Content-Type: text/xml'
13
+ assert_equal response.headers, ['Content-Type: text/xml']
14
+ assert_equal response.content_type, 'text/xml'
15
+ end
16
+
17
+ def test_content_length_parsing
18
+ response = response_with_line 'Content-Length: 1024'
19
+ assert_equal response.headers, ['Content-Length: 1024']
20
+ assert_equal response.content_length, 1024
21
+ end
22
+
23
+ def test_reaching_end_of_headers
24
+ response = response_with_line 'HTTP/1.1 200 OK'
25
+ refute response.headers_done
26
+
27
+ response << ''
28
+ assert response.headers_done
29
+ end
30
+
31
+ def test_parsing_response_body
32
+ body = 'This line goes into the body'
33
+
34
+ response = response_with_line 'HTTP/1.1 200 OK'
35
+ response << ''
36
+ response << body
37
+
38
+ assert_equal response.body, body
39
+ end
40
+
41
+ def test_textual
42
+ text_response = response_with_line 'Content-Type: text/xml'
43
+ image_response = response_with_line 'Content-Type: image/png'
44
+
45
+ assert text_response.textual?
46
+ refute image_response.textual?
47
+ end
48
+
49
+ private
50
+
51
+ def response_with_line(line)
52
+ response = Proxy::Response.new
53
+ response << line
54
+ response
55
+ end
56
+ end
@@ -0,0 +1,15 @@
1
+ require 'minitest/autorun'
2
+ require 'shell'
3
+
4
+ class ShellTest < MiniTest::Test
5
+ def test_successful_command_execution
6
+ result = Shell.execute "echo 'BetterCap is awesome!'"
7
+ assert_equal result, "BetterCap is awesome!\n"
8
+ end
9
+
10
+ def test_failed_command_execution
11
+ assert_raises BetterCap::Error do
12
+ Shell.execute 'false'
13
+ end
14
+ end
15
+ end
@@ -0,0 +1,20 @@
1
+ require 'minitest/autorun'
2
+ require 'test_helper'
3
+ require 'sniffer/parsers/ftp'
4
+ require 'packetfu'
5
+
6
+ class BaseParserTest < MiniTest::Test
7
+ def setup
8
+ @packets = parsed_packets
9
+ @parser = BaseParser.new
10
+ end
11
+
12
+ # The base parser has no parsers by default, so it shouldn't be writing
13
+ # anything to STDOUT.
14
+ def test_parsing_packets
15
+ silence do |output|
16
+ @parser.on_packet @packets.first
17
+ assert output.length == 0
18
+ end
19
+ end
20
+ end
@@ -0,0 +1,27 @@
1
+ require 'minitest/autorun'
2
+ require 'test_helper'
3
+ require 'packetfu'
4
+ require 'sniffer/parsers/ftp'
5
+
6
+ class FtpParserTest < MiniTest::Test
7
+ def setup
8
+ # The pcap file for the FTP tests was taken from the Practical Packet
9
+ # Analysis GitHub repo: https://github.com/markofu/pcaps
10
+ @packets = ftp_packets
11
+ @parser = FtpParser.new
12
+ end
13
+
14
+ def test_parsing_ftp_packets_with_no_user_data
15
+ silence do |output|
16
+ @parser.on_packet @packets[0]
17
+ assert output.length == 0
18
+ end
19
+ end
20
+
21
+ def test_parsing_ftp_packets_with_user_data
22
+ silence do |output|
23
+ @parser.on_packet @packets[4]
24
+ refute output.length == 0
25
+ end
26
+ end
27
+ end
@@ -0,0 +1,25 @@
1
+ require 'minitest/autorun'
2
+ require 'test_helper'
3
+ require 'packetfu'
4
+ require 'sniffer/parsers/url'
5
+
6
+ class UrlParserTest < MiniTest::Test
7
+ def setup
8
+ @packets = http_packets
9
+ @parser = UrlParser.new
10
+ end
11
+
12
+ def test_parsing_http_packets
13
+ silence do |output|
14
+ @parser.on_packet @packets[3]
15
+ refute output.length == 0
16
+ end
17
+ end
18
+
19
+ def test_parsing_http_packets_without_any_urls
20
+ silence do |output|
21
+ @parser.on_packet @packets[0]
22
+ assert output.length == 0
23
+ end
24
+ end
25
+ end
@@ -0,0 +1,24 @@
1
+ require 'minitest/autorun'
2
+ require 'target'
3
+
4
+ class TestTarget < MiniTest::Test
5
+ def setup
6
+ @target = Target.new('127.0.0.1', '08:00:20')
7
+ end
8
+
9
+ def test_initialization
10
+ assert_equal @target.ip, '127.0.0.1'
11
+ assert_equal @target.mac, '08:00:20'
12
+ assert_equal @target.vendor, 'Oracle'
13
+ end
14
+
15
+ def test_setting_mac
16
+ @target.mac = '7F:D0:BD:8B:60:DA'
17
+ assert_equal @target.mac, '7F:D0:BD:8B:60:DA'
18
+ end
19
+
20
+ def test_string_coercion
21
+ @target.mac = '08:00:20'
22
+ assert_equal @target.to_s, '127.0.0.1 : 08:00:20 ( Oracle )'
23
+ end
24
+ end
@@ -0,0 +1,47 @@
1
+ require 'helpers/mock_shell'
2
+ require 'securerandom'
3
+
4
+ # Override the `shell` private method of the firewall to return the mock
5
+ # shell. The mock shell's purpose is to capture any system calls made and
6
+ # verify that they were received.
7
+ def stubbed_firewall(target)
8
+ Class.new(target) do
9
+ define_method(:shell) do
10
+ MockShell
11
+ end
12
+ end
13
+ end
14
+
15
+ # Allow for a way to silence calls during test runs.
16
+ #
17
+ # This redirects STDOUT to /dev/null for any methods
18
+ # called inside the block of this method.
19
+ def silence(output_file_name = SecureRandom.hex)
20
+ captured_output = Tempfile.new output_file_name
21
+ Logger.logfile = captured_output
22
+
23
+ $stdout = File.new('/dev/null', 'w')
24
+ yield captured_output
25
+ ensure
26
+ $stdout = STDOUT
27
+ end
28
+
29
+ # Methods for getting PacketFu::Packet objects out of pcap files.
30
+
31
+ def parsed_packets
32
+ packets_with_filename 'packets'
33
+ end
34
+
35
+ def ftp_packets
36
+ packets_with_filename 'ftp'
37
+ end
38
+
39
+ def http_packets
40
+ packets_with_filename 'http'
41
+ end
42
+
43
+ private
44
+
45
+ def packets_with_filename(filename)
46
+ PacketFu::PcapFile.read_packets(File.join(File.dirname(__FILE__),"pcap/#{filename}.pcap"))
47
+ end
@@ -0,0 +1,29 @@
1
+ require 'openssl'
2
+ require 'socket'
3
+
4
+ sock = TCPSocket.new( '172.20.10.2', 8083 )
5
+
6
+ ctx = OpenSSL::SSL::SSLContext.new
7
+
8
+ # we need this? :P ctx.set_params(verify_mode: OpenSSL::SSL::VERIFY_PEER)
9
+
10
+ socket = OpenSSL::SSL::SSLSocket.new(sock, ctx).tap do |socket|
11
+ socket.sync_close = true
12
+ socket.connect
13
+
14
+ socket.write "GET / HTTP/1.1\n" +
15
+ "Host: www.facebook.com\n" +
16
+ "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\n" +
17
+ "Accept-encoding: gzip, deflate, sdch\n" +
18
+ "Accept-language: it-IT,it;q=0.8,en-US;q=0.6,en;q=0.4,la;q=0.2\n" +
19
+ "Cache-control: max-age=0\n" +
20
+ "User-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/44.0.2403.125 Safari/537.36\n" +
21
+ "\n\n"
22
+
23
+ while line = socket.gets # Read lines from socket
24
+ puts line # and print them
25
+ end
26
+
27
+ socket.close
28
+ end
29
+
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: bettercap
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.1.3
4
+ version: 1.1.4
5
5
  platform: ruby
6
6
  authors:
7
7
  - Simone Margaritelli
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-07-27 00:00:00.000000000 Z
11
+ date: 2015-08-08 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: colorize
@@ -52,6 +52,20 @@ dependencies:
52
52
  - - ~>
53
53
  - !ruby/object:Gem::Version
54
54
  version: 0.12.0
55
+ - !ruby/object:Gem::Dependency
56
+ name: minitest
57
+ requirement: !ruby/object:Gem::Requirement
58
+ requirements:
59
+ - - '>='
60
+ - !ruby/object:Gem::Version
61
+ version: '0'
62
+ type: :development
63
+ prerelease: false
64
+ version_requirements: !ruby/object:Gem::Requirement
65
+ requirements:
66
+ - - '>='
67
+ - !ruby/object:Gem::Version
68
+ version: '0'
55
69
  description: A complete, modular, portable and easily extensible MITM framework.
56
70
  email: evilsocket@gmail.com
57
71
  executables:
@@ -60,8 +74,12 @@ extensions: []
60
74
  extra_rdoc_files: []
61
75
  files:
62
76
  - .gitignore
77
+ - CONTRIBUTING.md
78
+ - Gemfile
79
+ - Gemfile.lock
63
80
  - LICENSE.md
64
81
  - README.md
82
+ - Rakefile
65
83
  - TODO.md
66
84
  - bettercap.gemspec
67
85
  - bin/bettercap
@@ -86,6 +104,7 @@ files:
86
104
  - lib/bettercap/logger.rb
87
105
  - lib/bettercap/monkey/packetfu/utils.rb
88
106
  - lib/bettercap/network.rb
107
+ - lib/bettercap/proxy/certstore.rb
89
108
  - lib/bettercap/proxy/module.rb
90
109
  - lib/bettercap/proxy/proxy.rb
91
110
  - lib/bettercap/proxy/request.rb
@@ -105,6 +124,25 @@ files:
105
124
  - lib/bettercap/spoofers/none.rb
106
125
  - lib/bettercap/target.rb
107
126
  - lib/bettercap/version.rb
127
+ - test/factories/firewall_factory_test.rb
128
+ - test/factories/parser_factory_test.rb
129
+ - test/factories/spoofer_factory_test.rb
130
+ - test/firewalls/linux_firewall_test.rb
131
+ - test/firewalls/osx_firewall_test.rb
132
+ - test/helpers/mock_shell.rb
133
+ - test/logger_test.rb
134
+ - test/network_test.rb
135
+ - test/pcap/ftp.pcap
136
+ - test/pcap/http.pcap
137
+ - test/pcap/packets.pcap
138
+ - test/proxy/response_test.rb
139
+ - test/shell_test.rb
140
+ - test/sniffer/parsers/base_parser_test.rb
141
+ - test/sniffer/parsers/ftp_parser_test.rb
142
+ - test/sniffer/parsers/url_parser_test.rb
143
+ - test/target_test.rb
144
+ - test/test_helper.rb
145
+ - test_https_proxy.rb
108
146
  homepage: http://github.com/evilsocket/bettercap
109
147
  licenses:
110
148
  - GPL3