bettercap 1.1.7 → 1.1.8

data/lib/bettercap/discovery/arp.rb

@@ -19,46 +19,56 @@ require 'bettercap/context'
 class ArpAgent < BaseAgent
 
   def self.parse( ctx )
-    arp     = Shell.arp
     targets = []
-
-    Logger.debug "ARP:\n#{arp}"
-
-    arp.split("\n").each do |line|
-      m = /[^\s]+\s+\(([0-9\.]+)\)\s+at\s+([a-f0-9:]+).+#{ctx.ifconfig[:iface]}.*/i.match(line)
-      if !m.nil?
-        if m[1] != ctx.gateway and m[1] != ctx.ifconfig[:ip_saddr] and m[2] != 'ff:ff:ff:ff:ff:ff'
-          if !ctx.options[:ignore].nil? and ctx.options[:ignore].include?( m[1] )
-            Logger.debug "Ignoring #{m[1]} ..."
+    self.parse_cache do |ip,mac|
+      if ip != ctx.gateway and ip != ctx.ifconfig[:ip_saddr]
+        if ctx.options.ignore_ip?(ip)
+          Logger.debug "Ignoring #{ip} ..."
+        else
+          # reuse Target object if it's already a known address
+          known = ctx.find_target ip, mac
+          if known.nil?
+            targets << Target.new( ip, mac )
           else
-            target = Target.new( m[1], m[2] )
-            targets << target
-            Logger.debug "FOUND  #{target}"
+            targets << known
           end
         end
       end
     end
-
     targets
   end
 
-  def self.find_address( ip )
+  def self.find_address( address )
+    self.parse_cache do |ip,mac|
+      if ip == address
+        return mac
+      end
+    end
+    nil
+  end
+
+  private
+
+  def self.parse_cache
     arp = Shell.arp
-    mac = nil
+
+    Logger.debug "ARP CACHE:\n#{arp}"
 
     arp.split("\n").each do |line|
-      m = /[^\s]+\s+\(([0-9\.]+)\)\s+at\s+([a-f0-9:]+).+#{Context.get.ifconfig[:iface]}.*/i.match(line)
+      m = self.parse_cache_line(line)
       if !m.nil?
-        if m[1] == ip and m[2] != 'ff:ff:ff:ff:ff:ff'
-          mac = m[2]
+        ip = m[1]
+        hw = m[2]
+        if hw != 'ff:ff:ff:ff:ff:ff'
+          yield( ip, hw )
         end
       end
     end
-
-    mac
   end
 
-  private
+  def self.parse_cache_line( line )
+    /[^\s]+\s+\(([0-9\.]+)\)\s+at\s+([a-f0-9:]+).+#{Context.get.ifconfig[:iface]}.*/i.match(line)
+  end
 
   def send_probe( ip )
     pkt = PacketFu::ARPPacket.new

data/lib/bettercap/network.rb

@@ -37,7 +37,7 @@ class Network
       out = nstat.split(/\n/).select {|n| n =~ /UG/ }
       gw  = nil
       out.each do |line|
-        if line.include?( Context.get.options[:iface] )
+        if line.include?( Context.get.options.iface )
           tmp = line.split[1]
           if is_ip?(tmp)
             gw = tmp
@@ -46,7 +46,7 @@ class Network
         end
       end
 
-      raise BetterCap::Error, "Could not detect the gateway address for interface #{Context.get.options[:iface]}, "\
+      raise BetterCap::Error, "Could not detect the gateway address for interface #{Context.get.options.iface}, "\
                               'make sure you\'ve specified the correct network interface to use and to have the '\
                               'correct network configuration, this could also happen if bettercap '\
                               'is launched from a virtual environment.' unless !gw.nil? and is_ip?(gw)
@@ -66,7 +66,7 @@ class Network
     end
 
     def get_alive_targets( ctx, timeout = 5 )
-      if ctx.options[:arpcache] == false
+      if ctx.options.should_discover_hosts?
         icmp = IcmpAgent.new timeout
         udp  = UdpAgent.new ctx.ifconfig, ctx.gateway, ctx.ifconfig[:ip_saddr]
         arp  = ArpAgent.new ctx.ifconfig, ctx.gateway, ctx.ifconfig[:ip_saddr]

data/lib/bettercap/options.rb

@@ -0,0 +1,189 @@
+=begin
+
+BETTERCAP
+
+Author : Simone 'evilsocket' Margaritelli
+Email  : evilsocket@gmail.com
+Blog   : http://www.evilsocket.net/
+
+This project is released under the GPL 3 license.
+
+=end
+
+class Options
+  attr_accessor :gateway,
+                :iface,
+                :spoofer,
+                :half_duplex,
+                :target,
+                :logfile,
+                :debug,
+                :arpcache,
+                :ignore,
+                :sniffer,
+                :sniffer_pcap,
+                :sniffer_filter,
+                :sniffer_src,
+                :parsers,
+                :local,
+                :proxy,
+                :proxy_https,
+                :proxy_port,
+                :proxy_https_port,
+                :proxy_pem_file,
+                :proxy_module,
+                :custom_proxy,
+                :custom_proxy_port,
+                :custom_https_proxy,
+                :custom_https_proxy_port,
+                :httpd,
+                :httpd_port,
+                :httpd_path,
+                :check_updates
+
+  def initialize( iface )
+    @gateway = nil
+    @iface = iface
+    @spoofer = 'ARP'
+    @half_duplex = false
+    @target = nil
+    @logfile = nil
+    @debug = false
+    @arpcache = false
+
+    @ignore = nil
+
+    @sniffer = false
+    @sniffer_pcap = nil
+    @sniffer_filter = nil
+    @sniffer_src = nil
+    @parsers = ['*']
+    @local = false
+
+    @proxy = false
+    @proxy_https = false
+    @proxy_port = 8080
+    @proxy_https_port = 8083
+    @proxy_pem_file = nil
+    @proxy_module = nil
+
+    @custom_proxy = nil
+    @custom_proxy_port = 8080
+
+    @custom_https_proxy = nil
+    @custom_https_proxy_port = 8083
+
+    @httpd = false
+    @httpd_port = 8081
+    @httpd_path = './'
+
+    @check_updates = false
+  end
+
+  def should_discover_hosts?
+    !@arpcache
+  end
+
+  def has_proxy_module?
+    !@proxy_module.nil?
+  end
+
+  def has_spoofer?
+    @spoofer == 'NONE' or @spoofer == 'none'
+  end
+
+  def has_http_sniffer_enabled?
+    @sniffer and ( @parsers.include?'*' or @parsers.include?'URL' )
+  end
+
+  def ignore_ip?(ip)
+    !@ignore.nil? and @ignore.include?(ip)
+  end
+
+  def ignore=(value)
+    @ignore = value.split(",")
+    valid = @ignore.select { |target| Network.is_ip?(target) }
+
+    raise BetterCap::Error, "Invalid ignore addresses specified." if valid.empty?
+
+    invalid = @ignore - valid
+    invalid.each do |target|
+      Logger.warn "Not a valid address: #{target}"
+    end
+
+    @ignore = valid
+
+    Logger.warn "Ignoring #{valid.join(", ")} ."
+  end
+
+  def custom_proxy=(value)
+    @custom_proxy = value
+    raise BetterCap::Error, 'Invalid custom HTTP upstream proxy address specified.' unless Network.is_ip? @custom_proxy
+  end
+
+  def custom_https_proxy=(value)
+    @custom_https_proxy = value
+    raise BetterCap::Error, 'Invalid custom HTTPS upstream proxy address specified.' unless Network.is_ip? @custom_https_proxy
+  end
+
+  def to_targets
+    targets = @target.split(",")
+    valid_targets = targets.select { |target| Network.is_ip?(target) }
+
+    raise BetterCap::Error, "Invalid target" if valid_targets.empty?
+
+    invalid_targets = targets - valid_targets
+    invalid_targets.each do |target|
+      Logger.warn "Invalid target #{target}"
+    end
+
+    valid_targets.map { |target| Target.new(target) }
+  end
+
+  def to_spoofers
+    spoofers = []
+    spoofer_modules_names = @spoofer.split(",")
+    spoofer_modules_names.each do |module_name|
+      spoofers << SpooferFactory.get_by_name( module_name )
+    end
+    spoofers
+  end
+
+  def to_redirections ifconfig
+    redirections = []
+
+    if @proxy
+      redirections << Redirection.new( @iface,
+                                       'TCP',
+                                       80,
+                                       ifconfig[:ip_saddr],
+                                       @proxy_port )
+    end
+
+    if @proxy_https
+      redirections << Redirection.new( @iface,
+                                       'TCP',
+                                       443,
+                                       ifconfig[:ip_saddr],
+                                       @proxy_https_port )
+    end
+
+    if @custom_proxy
+      redirections << Redirection.new( @iface,
+                                       'TCP',
+                                       80,
+                                       @custom_proxy,
+                                       @custom_proxy_port )
+    end
+
+    if @custom_https_proxy
+      redirections << Redirection.new( @iface,
+                                       'TCP',
+                                       443,
+                                       @custom_https_proxy,
+                                       @custom_https_proxy_port )
+    end
+
+    redirections
+  end
+end

data/lib/bettercap/proxy/proxy.rb

@@ -32,7 +32,7 @@ class Proxy
     @running     = false
     @streamer    = Streamer.new processor
     @local_ips   = []
-  
+
     begin
       @local_ips = Socket.ip_address_list.collect { |x| x.ip_address }
     rescue
@@ -93,7 +93,8 @@ class Proxy
       begin
         @pool << @server.accept
       rescue Exception => e
-        Logger.warn "Error while accepting #{@type} connection: #{e.inspect}"
+        Logger.warn("Error while accepting #{@type} connection: #{e.inspect}") \
+        unless !@running
       end
     end
 
@@ -106,7 +107,7 @@ class Proxy
 
   def create_upstream_connection( request )
     sock = TCPSocket.new( request.host, request.port )
-    
+
     if @is_https
       ctx = OpenSSL::SSL::SSLContext.new
       # do we need this? :P ctx.set_params(verify_mode: OpenSSL::SSL::VERIFY_PEER)
@@ -196,13 +197,13 @@ class Proxy
 
     rescue Exception => e
       if request.host
-        Logger.debug "Error while serving #{request.host}#{request.url}: #{e.inspect}"
-        Logger.debug e.backtrace
+        Logger.warn "Error while serving #{request.host}#{request.url}: #{e.inspect}"
+        Logger.debug e.backtrace.join("\n")
       end
-    ensure
-      client.close
-      server.close unless server.nil?
     end
+
+    client.close
+    server.close unless server.nil?
   end
 end
 

data/lib/bettercap/proxy/request.rb

@@ -56,7 +56,7 @@ class Request
         @url = "#{uri.path}" + ( uri.query ? "?#{uri.query}" : '' )
       end
 
-      line = "#{@verb} #{url} HTTP/1.0"
+      line = "#{@verb} #{@url} HTTP/1.1"
 
     # get the host header value
     elsif line =~ /^Host:\s*(.*)$/

data/lib/bettercap/proxy/response.rb

@@ -13,7 +13,7 @@ This project is released under the GPL 3 license.
 module Proxy
 
 class Response
-  attr_reader :content_type, :charset, :content_length, :headers, :code, :headers_done
+  attr_reader :content_type, :charset, :content_length, :chunked, :headers, :code, :headers_done
   attr_accessor :body
 
   def initialize
@@ -24,6 +24,7 @@ class Response
     @code = nil
     @headers = []
     @headers_done = false
+    @chunked = false
   end
 
   def self.from_socket(sock)
@@ -46,6 +47,8 @@ class Response
     if @headers_done
       @body << line.force_encoding( @charset )
     else
+      Logger.debug "  RESPONSE LINE: '#{line.chomp}'"
+
       # parse the response status
       if @code.nil? and line =~ /^HTTP\/[\d\.]+\s+(.+)/
         @code = $1.chomp
@@ -61,13 +64,18 @@ class Response
       elsif line =~ /^Content-Length:\s+(\d+)\s*$/i
         @content_length = $1.to_i
 
+      # check if we have a chunked encoding
+      elsif line =~ /^Transfer-Encoding:\s*chunked.*$/i
+        @chunked = true
+        line = nil
+
       # last line, we're done with the headers
       elsif line.chomp.empty?
         @headers_done = true
 
       end
 
-      @headers << line.chomp      
+      @headers << line.chomp unless line.nil?
     end
   end
 

data/lib/bettercap/proxy/stream_logger.rb

@@ -14,14 +14,20 @@ require 'bettercap/logger'
 module Proxy
 class StreamLogger
   @@MAX_REQ_SIZE = 50
-  
+
   @@CODE_COLORS  = {
     '2' => :green,
     '3' => :light_black,
     '4' => :yellow,
     '5' => :red
   }
-  
+
+  def self.addr2s( addr )
+    target = Context.get.find_target addr, nil
+    return target.to_s_compact unless target.nil?
+    addr
+  end
+
   def self.log( is_https, client, request, response )
     request_s  = "#{is_https ? 'https' : 'http'}://#{request.host}#{request.url}"
     response_s = "( #{response.content_type} )"
@@ -29,13 +35,12 @@ class StreamLogger
     code       = response.code[0]
 
     if @@CODE_COLORS.has_key? code
-      response_s += " [#{response.code}]".send( @@CODE_COLORS[ code ] )     
+      response_s += " [#{response.code}]".send( @@CODE_COLORS[ code ] )
     else
-      response_s += " [#{response.code}]"      
+      response_s += " [#{response.code}]"
     end
 
-    Logger.write "[#{client}] #{request.verb.light_blue} #{request_s} #{response_s}"
+    Logger.write "[#{self.addr2s(client)}] #{request.verb.light_blue} #{request_s} #{response_s}"
   end
 end
 end
-

data/lib/bettercap/proxy/streamer.rb

@@ -14,7 +14,7 @@ require 'bettercap/logger'
 module Proxy
 class Streamer
   def initialize( processor )
-    @processor = processor 
+    @processor = processor
   end
 
   def rickroll( client )
@@ -25,12 +25,39 @@ class Streamer
   def html( request, response, from, to )
     buff = ''
 
-    if response.content_length.nil?
+    if response.chunked
+      Logger.debug "Reading response body using chunked encoding ..."
+
+      begin
+        len = nil
+        total = 0
+
+        while true
+          line = from.readline
+          hexlen = line.slice(/[0-9a-fA-F]+/) or raise "Wrong chunk size line: #{line}"
+          len = hexlen.hex
+          break if len == 0
+          begin
+            Logger.debug "Reading chunk of size #{len} ..."
+            tmp = read( from, len )
+            Logger.debug "Read #{tmp.bytesize}/#{len} chunk."
+            response << tmp
+          ensure
+            total += len
+            from.read 2
+          end
+        end
+
+      rescue Exception => e
+        Logger.debug e
+      end
+      
+    elsif response.content_length.nil?
       Logger.debug "Reading response body using 1024 bytes chunks ..."
 
       loop do
         buff = read( from, 1024 )
-      
+
         break unless buff.size > 0
 
         response << buff
@@ -41,12 +68,12 @@ class Streamer
       buff = read( from, response.content_length )
 
       Logger.debug "Read #{buff.size} / #{response.content_length} bytes."
-      
+
       response << buff
     end
 
     @processor.call( request, response )
-    
+
     # Response::to_s will patch the headers if needed
     to.write response.to_s
   end
@@ -97,23 +124,48 @@ class Streamer
     end
   end
 
-  private 
+  private
 
-  def read( sd, size )
-    buffer = ''
+  BUFSIZE = 1024 * 16
 
-    while size > 0
-      tmp = sd.read(size)
-      unless tmp.nil?
-        buffer << tmp
-        size -= tmp.bytesize
+  def consume_stream io, size
+    read_timeout = 60.0
+    dest = ''
+    begin
+      dest << io.read_nonblock(size)
+    rescue IO::WaitReadable
+      if IO.select([io], nil, nil, read_timeout)
+        retry
+      else
+        raise Net::ReadTimeout
+      end
+    rescue IO::WaitWritable
+      # OpenSSL::Buffering#read_nonblock may fail with IO::WaitWritable.
+      # http://www.openssl.org/support/faq.html#PROG10
+      if IO.select(nil, [io], nil, read_timeout)
+        retry
+      else
+        raise Net::ReadTimeout
       end
     end
+    dest
+  end
 
+  def read( sd, size )
+    buffer = ''
+    begin
+      while size > 0
+        tmp = consume_stream sd, [ BUFSIZE, size ].min
+        unless tmp.nil? or tmp.bytesize == 0
+          buffer << tmp
+          size -= tmp.bytesize
+        end
+      end
+    rescue EOFError
+      ;
+    end
     buffer
   end
 
 end
 end
-
-