RubyGems - bettercap - Versions diffs - 1.1.5 → 1.1.6 - Mend

bettercap 1.1.5 → 1.1.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (19) hide show

checksums.yaml +4 -4
data/TODO.md +3 -3
data/bettercap.gemspec +2 -0
data/bin/bettercap +28 -5
data/lib/bettercap.rb +4 -0
data/lib/bettercap/context.rb +61 -21
data/lib/bettercap/discovery/base.rb +22 -3
data/lib/bettercap/firewalls/linux.rb +2 -2
data/lib/bettercap/firewalls/redirection.rb +23 -0
data/lib/bettercap/hw-prefixes +21240 -19565
data/lib/bettercap/proxy/certstore.rb +1 -2
data/lib/bettercap/proxy/proxy.rb +36 -139
data/lib/bettercap/proxy/request.rb +10 -7
data/lib/bettercap/proxy/response.rb +6 -4
data/lib/bettercap/proxy/stream_logger.rb +41 -0
data/lib/bettercap/proxy/streamer.rb +119 -0
data/lib/bettercap/proxy/thread_pool.rb +265 -0
data/lib/bettercap/version.rb +1 -1
metadata +7 -3

data/lib/bettercap/proxy/certstore.rb CHANGED Viewed

@@ -29,8 +29,7 @@ module Proxy
       @@frompems[filename]
     end
-    # TODO: Put a better default subject here!
-    def self.get_selfsigned( subject = '/C=BE/O=Test/OU=Test/CN=Test' )
+    def self.get_selfsigned( subject = '/C=US/ST=California/L=Mountain View/O=Google Inc/CN=www.google.com' )
       if !@@selfsigned.has_key? subject
         Logger.info "Generating self signed HTTPS certificate for subject '#{subject}' ..."

data/lib/bettercap/proxy/proxy.rb CHANGED Viewed

@@ -27,11 +27,12 @@ class Proxy
     @type        = is_https ? 'HTTPS' : 'HTTP'
     @sslserver   = nil
     @sslcontext  = nil
+    @server      = nil
     @main_thread = nil
     @running     = false
-    @processor   = processor
+    @streamer    = Streamer.new processor
     @local_ips   = []
     begin
       @local_ips = Socket.ip_address_list.collect { |x| x.ip_address }
     rescue
@@ -39,11 +40,17 @@ class Proxy
       @local_ips = Network.get_local_ips
     end
+    BasicSocket.do_not_reverse_lookup = true
+    @pool = ThreadPool.new( 4, 16 ) do |client|
+       client_worker client
+    end
   end
   def start
     begin
-      @socket = TCPServer.new( @address, @port )
+      @server = @socket = TCPServer.new( @address, @port )
       if @is_https
         cert = Context.get.certificate
@@ -52,7 +59,7 @@ class Proxy
         @sslcontext.cert = cert[:cert]
         @sslcontext.key  = cert[:key]
-        @sslserver = OpenSSL::SSL::SSLServer.new( @socket, @sslcontext )
+        @server = @sslserver = OpenSSL::SSL::SSLServer.new( @socket, @sslcontext )
       end
       @main_thread = Thread.new &method(:server_thread)
@@ -69,6 +76,7 @@ class Proxy
       if @socket and @running
         @running = false
         @socket.close
+        @pool.shutdown
       end
     rescue
     end
@@ -76,155 +84,40 @@ class Proxy
   private
-  def async_accept
-    if @is_https
-      begin
-        Thread.new @sslserver.accept, &method(:client_thread)
-      rescue Exception => e
-        Logger.warn "Error while accepting #{@type} connection: #{e.inspect}"
-      end
-    else
-      Thread.new @socket.accept, &method(:client_thread)
-    end
-  end
   def server_thread
     Logger.info "#{@type} Proxy started on #{@address}:#{@port} ...\n"
     @running = true
-    begin
-      while @running do
-        async_accept
-      end
-    rescue Exception => e
-      if @running
-        Logger.error "Error while accepting #{@type} connection: #{e.inspect}"
-      end
-    ensure
-      @socket.close unless @socket.nil?
-    end
-  end
-  def binary_streaming( from, to, opts = {} )
-    total_size = 0
-    # if response|request object is available and a content length as well
-    # use it to speed up data streaming with precise data size
-    if not opts[:response].nil?
-      to.write opts[:response].to_s
-      total_size = opts[:response].content_length unless opts[:response].content_length.nil?
-    elsif not opts[:request].nil?
-      total_size = opts[:request].content_length unless opts[:request].content_length.nil?
-    end
-    buff = ''
-    read = 0
-    if total_size
-      chunk_size = [ 1024, total_size ].min
-    else
-      chunk_size = 1024
-    end
-    if chunk_size > 0
-      loop do
-        from.read chunk_size, buff
-        # nothing more to read?
-        break unless buff.size > 0
-        to.write buff
-        read += buff.size
-        # collect into the proper object
-        if not opts[:request].nil? and opts[:request].post?
-          opts[:request] << buff
-        end
-        # we've done reading?
-        break unless read != total_size
-      end
-    end
-  end
-  def html_streaming( request, response, from, to )
-    buff = ''
-    if response.content_length.nil?
-      loop do
-        from.read 1024, buff
-        break unless buff.size > 0
-        response << buff
+    while @running do
+      begin
+        @pool << @server.accept
+      rescue Exception => e
+        Logger.warn "Error while accepting #{@type} connection: #{e.inspect}"
       end
-    else
-      from.read response.content_length, buff
-      response << buff
-    end
-    @processor.call( request, response )
-    # Response::to_s will patch the headers if needed
-    to.write response.to_s
-  end
-  def log_stream( client, request, response )
-    client_s   = "[#{client}]"
-    verb_s     = request.verb
-    request_s  = "#{@is_https ? 'https' : 'http'}://#{request.host}#{request.url}"
-    response_s = "( #{response.content_type} )"
-    request_s  = request_s.slice(0..50) + '...' unless request_s.length <= 50
-    verb_s = verb_s.light_blue
-    if response.code[0] == '2'
-      response_s += " [#{response.code}]".green
-    elsif response.code[0] == '3'
-      response_s += " [#{response.code}]".light_black
-    elsif response.code[0] == '4'
-      response_s += " [#{response.code}]".yellow
-    elsif response.code[0] == '5'
-      response_s += " [#{response.code}]".red
-    else
-      response_s += " [#{response.code}]"
     end
-    Logger.write "#{client_s} #{verb_s} #{request_s} #{response_s}"
+    @socket.close unless @socket.nil?
   end
   def is_self_request?(request)
     @local_ips.include? IPSocket.getaddress(request.host)
   end
-  def rickroll_lamer(client)
-    client.write "HTTP/1.1 302 Found\n"
-    client.write "Location: https://www.youtube.com/watch?v=dQw4w9WgXcQ\n\n"
-  end
   def create_upstream_connection( request )
+    sock = TCPSocket.new( request.host, request.port )
     if @is_https
-      sock = TCPSocket.new( request.host, request.port )
       ctx = OpenSSL::SSL::SSLContext.new
       # do we need this? :P ctx.set_params(verify_mode: OpenSSL::SSL::VERIFY_PEER)
-      socket = OpenSSL::SSL::SSLSocket.new(sock, ctx).tap do |socket|
-        socket.sync_close = true
-        socket.connect
+      sock = OpenSSL::SSL::SSLSocket.new(sock, ctx).tap do |socket|
+        sock.sync_close = true
+        sock.connect
       end
-      socket
-    else
-      TCPSocket.new( request.host, request.port )
     end
+    sock
   end
   def get_client_details( client )
@@ -237,7 +130,7 @@ class Proxy
     [ client_ip, client_port ]
   end
-  def client_thread( client )
+  def client_worker( client )
     client_ip, client_port = get_client_details client
     Logger.debug "New #{@type} connection from #{client_ip}:#{client_port}"
@@ -255,7 +148,7 @@ class Proxy
         Logger.warn "#{client_ip} is connecting to us directly."
-        rickroll_lamer client
+        @streamer.rickroll client
       elsif request.verb == 'CONNECT'
@@ -267,13 +160,17 @@ class Proxy
         server = create_upstream_connection request
-        server.write request.to_s
+        sreq = request.to_s
+        Logger.debug "Sending request:\n#{sreq}"
+        server.write sreq
         # this is probably a POST request, collect incoming data
         if request.content_length > 0
           Logger.debug "Getting #{request.content_length} bytes from client"
-          binary_streaming client, server, request: request
+          @streamer.binary client, server, request: request
         end
         Logger.debug 'Reading response ...'
@@ -281,17 +178,17 @@ class Proxy
         response = Response.from_socket server
         if response.textual?
-          log_stream client_ip, request, response
+          StreamLogger.log( @is_https, client_ip, request, response )
           Logger.debug 'Detected textual response'
-          html_streaming request, response, server, client
+          @streamer.html request, response, server, client
         else
           Logger.debug "[#{client_ip}] -> #{request.host}#{request.url} [#{response.code}]"
           Logger.debug 'Binary streaming'
-          binary_streaming server, client, response: response
+          @streamer.binary server, client, response: response
         end
         Logger.debug "#{@type} client served."

data/lib/bettercap/proxy/request.rb CHANGED Viewed

@@ -70,15 +70,18 @@ class Request
     elsif line =~ /^Content-Length:\s+(\d+)\s*$/i
       @content_length = $1.to_i
-        # we don't want to have hundreds of threads running
-      elsif line =~ /Connection: keep-alive/i
-        line = 'Connection: close'
+    # we don't want to have hundreds of threads running
+    elsif line =~ /^Connection: keep-alive/i
+      line = 'Connection: close'
-        # disable gzip, chunked, etc encodings
-      elsif line =~ /^Accept-Encoding:.*/i
-        line = 'Accept-Encoding: identity'
+    elsif line =~ /^Proxy-Connection: (.+)/i
+      line = "Connection: #{$1}"
-      end
+    # disable gzip, chunked, etc encodings
+    elsif line =~ /^Accept-Encoding:.*/i
+      line = 'Accept-Encoding: identity'
+    end
       @lines << line
     end

data/lib/bettercap/proxy/response.rb CHANGED Viewed

@@ -44,7 +44,7 @@ class Response
   def <<(line)
     # we already parsed the heders, collect response body
     if @headers_done
-      @body += line.force_encoding( @charset )
+      @body << line.force_encoding( @charset )
     else
       # parse the response status
       if @code.nil? and line =~ /^HTTP\/[\d\.]+\s+(.+)/
@@ -67,11 +67,11 @@ class Response
       end
-      @headers << line.chomp
+      @headers << line.chomp
     end
   end
-  def textual? # textual?
+  def textual?
     @content_type and ( @content_type =~ /^text\/.+/ or @content_type =~ /^application\/.+/ )
   end
@@ -81,7 +81,9 @@ class Response
         # update content length in case the body was
         # modified
         if header =~ /Content-Length:\s*(\d+)/i
-          "Content-Length: #{@body.size}"
+          Logger.debug "Updating response content length from #{$1} to #{@body.bytesize}"
+          "Content-Length: #{@body.bytesize}"
         else
           header
         end

data/lib/bettercap/proxy/stream_logger.rb ADDED Viewed

@@ -0,0 +1,41 @@
+=begin
+BETTERCAP
+Author : Simone 'evilsocket' Margaritelli
+Email  : evilsocket@gmail.com
+Blog   : http://www.evilsocket.net/
+This project is released under the GPL 3 license.
+=end
+require 'bettercap/logger'
+module Proxy
+class StreamLogger
+  @@MAX_REQ_SIZE = 50
+  @@CODE_COLORS  = {
+    '2' => :green,
+    '3' => :light_black,
+    '4' => :yellow,
+    '5' => :red
+  }
+  def self.log( is_https, client, request, response )
+    request_s  = "#{is_https ? 'https' : 'http'}://#{request.host}#{request.url}"
+    response_s = "( #{response.content_type} )"
+    request_s  = request_s.slice(0..@@MAX_REQ_SIZE) + '...' unless request_s.length <= @@MAX_REQ_SIZE
+    code       = response.code[0]
+    if @@CODE_COLORS.has_key? code
+      response_s += " [#{response.code}]".send( @@CODE_COLORS[ code ] )
+    else
+      response_s += " [#{response.code}]"
+    end
+    Logger.write "[#{client}] #{request.verb.light_blue} #{request_s} #{response_s}"
+  end
+end
+end

data/lib/bettercap/proxy/streamer.rb ADDED Viewed

@@ -0,0 +1,119 @@
+=begin
+BETTERCAP
+Author : Simone 'evilsocket' Margaritelli
+Email  : evilsocket@gmail.com
+Blog   : http://www.evilsocket.net/
+This project is released under the GPL 3 license.
+=end
+require 'bettercap/logger'
+module Proxy
+class Streamer
+  def initialize( processor )
+    @processor = processor
+  end
+  def rickroll( client )
+    client.write "HTTP/1.1 302 Found\n"
+    client.write "Location: https://www.youtube.com/watch?v=dQw4w9WgXcQ\n\n"
+  end
+  def html( request, response, from, to )
+    buff = ''
+    if response.content_length.nil?
+      Logger.debug "Reading response body using 1024 bytes chunks ..."
+      loop do
+        buff = read( from, 1024 )
+        break unless buff.size > 0
+        response << buff
+      end
+    else
+      Logger.debug "Reading response body using #{response.content_length} bytes buffer ..."
+      buff = read( from, response.content_length )
+      Logger.debug "Read #{buff.size} / #{response.content_length} bytes."
+      response << buff
+    end
+    @processor.call( request, response )
+    # Response::to_s will patch the headers if needed
+    to.write response.to_s
+  end
+  def binary( from, to, opts = {} )
+    total_size = 0
+    # if response|request object is available and a content length as well
+    # use it to speed up data streaming with precise data size
+    if not opts[:response].nil?
+      to.write opts[:response].to_s
+      total_size = opts[:response].content_length unless opts[:response].content_length.nil?
+    elsif not opts[:request].nil?
+      total_size = opts[:request].content_length unless opts[:request].content_length.nil?
+    end
+    buff = ''
+    read = 0
+    if total_size
+      chunk_size = [ 1024, total_size ].min
+    else
+      chunk_size = 1024
+    end
+    if chunk_size > 0
+      loop do
+        buff = read( from, chunk_size )
+        # nothing more to read?
+        break unless buff.size > 0
+        to.write buff
+        read += buff.size
+        # collect into the proper object
+        if not opts[:request].nil? and opts[:request].post?
+          opts[:request] << buff
+        end
+        # we've done reading?
+        break unless read != total_size
+      end
+    end
+  end
+  private
+  def read( sd, size )
+    buffer = ''
+    while size > 0
+      tmp = sd.read(size)
+      unless tmp.nil?
+        buffer << tmp
+        size -= tmp.bytesize
+      end
+    end
+    buffer
+  end
+end
+end