bettercap 1.1.7 → 1.1.8

data/lib/bettercap/proxy/thread_pool.rb

@@ -42,9 +42,6 @@ class ThreadPool
 
     @workers = []
 
-    @auto_trim = nil
-    @reaper = nil
-
     @mutex.synchronize do
       @min.times { spawn_thread }
     end
@@ -184,64 +181,6 @@ class ThreadPool
     end
   end
 
-  class AutoTrim
-    def initialize(pool, timeout)
-      @pool = pool
-      @timeout = timeout
-      @running = false
-    end
-
-    def start!
-      @running = true
-
-      @thread = Thread.new do
-        while @running
-          @pool.trim
-          sleep @timeout
-        end
-      end
-    end
-
-    def stop
-      @running = false
-      @thread.wakeup
-    end
-  end
-
-  def auto_trim!(timeout=5)
-    @auto_trim = AutoTrim.new(self, timeout)
-    @auto_trim.start!
-  end
-
-  class Reaper
-    def initialize(pool, timeout)
-      @pool = pool
-      @timeout = timeout
-      @running = false
-    end
-
-    def start!
-      @running = true
-
-      @thread = Thread.new do
-        while @running
-          @pool.reap
-          sleep @timeout
-        end
-      end
-    end
-
-    def stop
-      @running = false
-      @thread.wakeup
-    end
-  end
-
-  def auto_reap!(timeout=5)
-    @reaper = Reaper.new(self, timeout)
-    @reaper.start!
-  end
-
   # Tell all threads in the pool to exit and wait for them to finish.
   #
   def shutdown
@@ -249,9 +188,6 @@ class ThreadPool
       @shutdown = true
       @not_empty.broadcast
       @not_full.broadcast
-
-      @auto_trim.stop if @auto_trim
-      @reaper.stop if @reaper
       # dup workers so that we join them all safely
       @workers.dup
     end

data/lib/bettercap/sniffer/parsers/base.rb

@@ -18,11 +18,17 @@ class BaseParser
     @name = 'BASE'
   end
 
+  def addr2s( addr )
+    target = Context.get.find_target addr, nil
+    return target.to_s_compact unless target.nil?
+    addr
+  end
+
   def on_packet( pkt )
     s = pkt.to_s
     @filters.each do |filter|
       if s =~ filter
-        Logger.write "[#{pkt.ip_saddr}:#{pkt.tcp_src} > #{pkt.ip_daddr}:#{pkt.tcp_dst} #{pkt.proto.last}] " +
+        Logger.write "[#{addr2s(pkt.ip_saddr)}:#{pkt.tcp_src} > #{addr2s(pkt.ip_daddr)}:#{pkt.tcp_dst} #{pkt.proto.last}] " +
                      "[#{@name}] ".green +
                      pkt.payload.strip.yellow
       end

data/lib/bettercap/sniffer/parsers/httpauth.rb

@@ -22,7 +22,7 @@ class HttpauthParser < BaseParser
     lines.each do |line|
       if line =~ /[A-Z]+\s+(\/[^\s]+)\s+HTTP\/\d\.\d/
         path = $1
-      
+
       elsif line =~ /Host:\s*([^\s]+)/i
         hostname = $1
 
@@ -31,15 +31,14 @@ class HttpauthParser < BaseParser
         decoded = Base64.decode64(encoded)
         user, pass = decoded.split(':')
 
-        Logger.write "[#{pkt.ip_saddr}:#{pkt.tcp_src} > #{pkt.ip_daddr}:#{pkt.tcp_dst} #{pkt.proto.last}] " +
+        Logger.write "[#{addr2s(pkt.ip_saddr)}:#{pkt.tcp_src} > #{addr2s(pkt.ip_daddr)}:#{pkt.tcp_dst} #{pkt.proto.last}] " +
           '[HTTP BASIC AUTH]'.green + " http://#{hostname}#{path} - username=#{user} password=#{pass}".yellow
-          
+
       elsif line =~ /Authorization:\s*Digest\s+(.+)/i
-         Logger.write "[#{pkt.ip_saddr}:#{pkt.tcp_src} > #{pkt.ip_daddr}:#{pkt.tcp_dst} #{pkt.proto.last}] " +
+         Logger.write "[#{addr2s(pkt.ip_saddr)}:#{pkt.tcp_src} > #{addr2s(pkt.ip_daddr)}:#{pkt.tcp_dst} #{pkt.proto.last}] " +
           '[HTTP DIGEST AUTH]'.green + " http://#{hostname}#{path}\n#{$1}".yellow
 
       end
     end
   end
 end
-

data/lib/bettercap/sniffer/parsers/https.rb

@@ -28,7 +28,7 @@ class HttpsParser < BaseParser
           end
 
           if @@prev.nil? or @@prev != hostname
-            Logger.write "[#{pkt.ip_saddr}:#{pkt.tcp_src} > #{pkt.ip_daddr}:#{pkt.tcp_dst} #{pkt.proto.last}] " +
+            Logger.write "[#{addr2s(pkt.ip_saddr)}:#{pkt.tcp_src} > #{addr2s(pkt.ip_daddr)}:#{pkt.tcp_dst} #{pkt.proto.last}] " +
                          '[HTTPS] '.green +
                          "https://#{hostname}/".yellow
 

data/lib/bettercap/sniffer/parsers/ntlmss.rb

@@ -30,7 +30,7 @@ class NtlmssParser < BaseParser
         s = pkt.to_s
         if s =~ /NTLMSSP\x00\x03\x00\x00\x00.+/
             # TODO: Parse NTLMSSP packet.
-            Logger.write "[#{pkt.ip_saddr} > #{pkt.ip_daddr} #{pkt.proto.last}] " +
+            Logger.write "[#{addr2s(pkt.ip_saddr)} > #{addr2s(pkt.ip_daddr)} #{pkt.proto.last}] " +
                          '[NTLMSS] '.green +
                          bin2hex( pkt.payload ).yellow
         end

data/lib/bettercap/sniffer/parsers/post.rb

@@ -16,7 +16,7 @@ class PostParser < BaseParser
     def on_packet( pkt )
         s = pkt.to_s
         if s =~ /POST\s+[^\s]+\s+HTTP.+/
-            Logger.write "[#{pkt.ip_saddr}:#{pkt.tcp_src} > #{pkt.ip_daddr}:#{pkt.tcp_dst} #{pkt.proto.last}] " +
+            Logger.write "[#{addr2s(pkt.ip_saddr)}:#{pkt.tcp_src} > #{addr2s(pkt.ip_daddr)}:#{pkt.tcp_dst} #{pkt.proto.last}] " +
                          "[POST]\n".green +
                          pkt.payload.strip.yellow
         end

data/lib/bettercap/sniffer/parsers/url.rb

@@ -19,7 +19,7 @@ class UrlParser < BaseParser
             host = $2
             url = $1
             if not url =~ /.+\.(png|jpg|jpeg|bmp|gif|img|ttf|woff|css|js).*/i
-                Logger.write "[#{pkt.ip_saddr}:#{pkt.tcp_src} > #{pkt.ip_daddr}:#{pkt.tcp_dst} #{pkt.proto.last}] " +
+                Logger.write "[#{addr2s(pkt.ip_saddr)}:#{pkt.tcp_src} > #{addr2s(pkt.ip_daddr)}:#{pkt.tcp_dst} #{pkt.proto.last}] " +
                              '[GET] '.green +
                              "http://#{host}#{url}".yellow
             end

data/lib/bettercap/sniffer/sniffer.rb

@@ -45,17 +45,17 @@ class Sniffer
   private
 
   def self.stream
-    if @@ctx.options[:sniffer_src].nil?
+    if @@ctx.options.sniffer_src.nil?
       @@cap.stream
     else
-      Logger.info "Reading packets from #{@@ctx.options[:sniffer_src]} ..."
+      Logger.info "Reading packets from #{@@ctx.options.sniffer_src} ..."
 
-      PcapFile.file_to_array @@ctx.options[:sniffer_src]
+      PcapFile.file_to_array @@ctx.options.sniffer_src
     end
   end
 
   def self.skip_packet?( pkt )
-    !@@ctx.options[:local] and
+    !@@ctx.options.local and
         ( pkt.ip_saddr == @@ctx.ifconfig[:ip_saddr] or
             pkt.ip_daddr == @@ctx.ifconfig[:ip_saddr] )
   end
@@ -73,7 +73,7 @@ class Sniffer
   def self.append_packet( p )
     begin
       @@pcap.array_to_file(
-          filename: @@ctx.options[:sniffer_pcap],
+          filename: @@ctx.options.sniffer_pcap,
           array: [p],
           append: true ) unless @@pcap.nil?
     rescue Exception => e
@@ -84,16 +84,16 @@ class Sniffer
   def self.setup( ctx )
     @@ctx = ctx
 
-    if !@@ctx.options[:sniffer_pcap].nil?
+    if !@@ctx.options.sniffer_pcap.nil?
       @@pcap = PcapFile.new
-      Logger.warn "Saving packets to #{@@ctx.options[:sniffer_pcap]} ."
+      Logger.warn "Saving packets to #{@@ctx.options.sniffer_pcap} ."
     end
 
-    @@parsers = ParserFactory.load_by_names @@ctx.options[:parsers]
+    @@parsers = ParserFactory.load_by_names @@ctx.options.parsers
 
     @@cap = Capture.new(
-        iface: @@ctx.options[:iface],
-        filter: @@ctx.options[:sniffer_filter],
+        iface: @@ctx.options.iface,
+        filter: @@ctx.options.sniffer_filter,
         start: true
     )
   end

data/lib/bettercap/spoofers/arp.rb

@@ -51,35 +51,31 @@ class ArpSpoofer < ISpoofer
   end
 
   def start
-    stop() unless @running == false
+    Logger.info "Starting ARP spoofer ( #{@ctx.options.half_duplex ? 'Half' : 'Full'} Duplex ) ..."
 
-    Logger.info "Starting ARP spoofer ( #{@ctx.options[:half_duplex] ? 'Half' : 'Full'} Duplex ) ..."
-
-    if @forwarding == false
-      Logger.debug 'Enabling packet forwarding.'
+    stop() unless !@running
+    @running = true
 
-      @ctx.firewall.enable_forwarding(true)
-    end
+    @ctx.firewall.enable_forwarding(true) unless @forwarding
 
-    @running = true
     @sniff_thread = Thread.new do
       Logger.info 'ARP watcher started ...'
       begin
-      @capture = PacketFu::Capture.new(
-          iface: @ctx.options[:iface],
-          filter: 'arp',
-          start: true
-      )
+        @capture = PacketFu::Capture.new(
+            iface: @ctx.options.iface,
+            filter: 'arp',
+            start: true
+        )
       rescue  Exception => e
         Logger.error e.message
       end
+
       @capture.stream.each do |p|
         begin
           pkt = PacketFu::Packet.parse p
           # we're only interested in 'who-has' packets
           if pkt.arp_opcode == 1 and pkt.arp_dst_mac.to_s == '00:00:00:00:00:00'
             is_from_us = ( pkt.arp_src_ip.to_s == @ctx.ifconfig[:ip_saddr] )
-
             if !is_from_us
               Logger.info "[ARP] #{pkt.arp_src_ip.to_s} is asking who #{pkt.arp_dst_ip.to_s} is."
 
@@ -122,13 +118,12 @@ class ArpSpoofer < ISpoofer
               next
             else
               Logger.info "  Target MAC    : #{hw}"
-
               target.mac = hw
             end
           end
 
           send_spoofed_packet( @ctx.gateway, @ctx.ifconfig[:eth_saddr], target.ip, target.mac )
-          send_spoofed_packet( target.ip, @ctx.ifconfig[:eth_saddr], @ctx.gateway, @gw_hw ) unless @ctx.options[:half_duplex]
+          send_spoofed_packet( target.ip, @ctx.ifconfig[:eth_saddr], @ctx.gateway, @gw_hw ) unless @ctx.options.half_duplex
         end
 
         prev_size = @ctx.targets.size
@@ -157,7 +152,7 @@ class ArpSpoofer < ISpoofer
     @ctx.targets.each do |target|
       if !target.mac.nil?
         send_spoofed_packet( @ctx.gateway, @gw_hw, target.ip, target.mac )
-        send_spoofed_packet( target.ip, target.mac, @ctx.gateway, @gw_hw ) unless @ctx.options[:half_duplex]
+        send_spoofed_packet( target.ip, target.mac, @ctx.gateway, @gw_hw ) unless @ctx.options.half_duplex
       end
     end
     sleep 1

data/lib/bettercap/target.rb

@@ -10,17 +10,24 @@ This project is released under the GPL 3 license.
 
 =end
 require 'bettercap/logger'
+require 'socket'
 
 class Target
     attr_accessor :ip, :mac, :vendor, :hostname
 
+    NBNS_TIMEOUT = 30
+    NBNS_PORT    = 137
+    NBNS_BUFSIZE = 65536
+    NBNS_REQUEST = "\x82\x28\x0\x0\x0\x1\x0\x0\x0\x0\x0\x0\x20\x43\x4B\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x41\x0\x0\x21\x0\x1"
+
     @@prefixes = nil
 
     def initialize( ip, mac=nil )
-      @ip = ip
-      @mac = mac
-      @vendor = Target.lookup_vendor(mac) if not mac.nil?
-      @hostname = nil # for future use
+      @ip       = ip
+      @mac      = mac
+      @vendor   = Target.lookup_vendor(mac) if not mac.nil?
+      @hostname = nil
+      @resolver = Thread.new { resolve! }
     end
 
     def mac=(value)
@@ -29,11 +36,46 @@ class Target
     end
 
     def to_s
-      "#{@ip} : #{@mac}" + ( @vendor ? " ( #{@vendor} )" : "" )
+      s = @ip
+      s += " ( #{@hostname} )" unless @hostname.nil?
+      s += " : #{@mac}"
+      s += " ( #{@vendor} )" unless @vendor.nil?
+      s
+    end
+
+    def to_s_compact
+      if @hostname
+        "#{@hostname}/#{@ip}"
+      else
+        @ip
+      end
     end
 
 private
 
+    def resolve!
+      resp, sock = nil, nil
+      begin
+        sock = UDPSocket.open
+        sock.send( NBNS_REQUEST, 0, @ip, NBNS_PORT )
+        resp = if select([sock], nil, nil, NBNS_TIMEOUT)
+          sock.recvfrom(NBNS_BUFSIZE)
+        end
+        if resp
+          @hostname = parse_nbns_response resp
+          Logger.info "Found NetBIOS name '#{@hostname}' for address #{@ip}"
+        end
+      rescue Exception => e
+        Logger.debug e
+      ensure
+        sock.close if sock
+      end
+    end
+
+    def parse_nbns_response resp
+      resp[0][57,15].to_s.strip
+    end
+
     def self.lookup_vendor( mac )
       if @@prefixes == nil
         Logger.debug 'Preloading hardware vendor prefixes ...'

data/lib/bettercap/version.rb

@@ -10,6 +10,6 @@ This project is released under the GPL 3 license.
 
 =end
 module BetterCap
-  VERSION = '1.1.7'
+  VERSION = '1.1.8'
   BANNER = File.read( File.dirname(__FILE__) + '/banner' ).gsub( '#VERSION#', "v#{VERSION}")
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: bettercap
 version: !ruby/object:Gem::Version
-  version: 1.1.7
+  version: 1.1.8
 platform: ruby
 authors:
 - Simone Margaritelli
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-12-01 00:00:00.000000000 Z
+date: 2015-12-14 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: colorize
@@ -52,6 +52,20 @@ dependencies:
     - - ~>
       - !ruby/object:Gem::Version
         version: 0.12.0
+- !ruby/object:Gem::Dependency
+  name: network_interface
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.0.1
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ~>
+      - !ruby/object:Gem::Version
+        version: 0.0.1
 - !ruby/object:Gem::Dependency
   name: minitest
   requirement: !ruby/object:Gem::Requirement
@@ -104,6 +118,7 @@ files:
 - lib/bettercap/logger.rb
 - lib/bettercap/monkey/packetfu/utils.rb
 - lib/bettercap/network.rb
+- lib/bettercap/options.rb
 - lib/bettercap/proxy/certstore.rb
 - lib/bettercap/proxy/module.rb
 - lib/bettercap/proxy/proxy.rb