bettercap 1.1.8 → 1.1.9

data/lib/bettercap/discovery.rb

@@ -0,0 +1,57 @@
+=begin
+
+BETTERCAP
+
+Author : Simone 'evilsocket' Margaritelli
+Email  : evilsocket@gmail.com
+Blog   : http://www.evilsocket.net/
+
+This project is released under the GPL 3 license.
+
+=end
+class Discovery
+  def initialize( ctx )
+    @ctx     = ctx
+    @running = false
+    @thread  = nil
+  end
+
+  def start
+    @running = true
+    @thread  = Thread.new { worker }
+  end
+
+  def stop
+    @running = false
+    if @thread != nil
+      Logger.info( 'Stopping network discovery thread ...' ) unless @ctx.options.arpcache
+      begin
+        @thread.exit
+      rescue
+      end
+    end
+  end
+
+  private
+
+  def worker
+    Logger.debug( 'Network discovery thread started.' ) unless @ctx.options.arpcache
+
+    while @running
+      empty_list = @ctx.targets.empty?
+
+      if @ctx.options.should_discover_hosts?
+        Logger.info 'Searching for targets ...' if empty_list
+      end
+
+      @ctx.targets = Network.get_alive_targets(@ctx).sort_by { |t| t.sortable_ip }
+
+      if empty_list and not @ctx.targets.empty?
+        Logger.info "Collected #{@ctx.targets.size} total targets."
+        @ctx.targets.each do |target|
+          Logger.info "  #{target}"
+        end
+      end
+    end
+  end
+end

data/lib/bettercap/firewalls/linux.rb

@@ -25,20 +25,20 @@ class LinuxFirewall < IFirewall
     shell.execute("echo #{enabled ? 0 : 1} > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts")
   end
 
-  def add_port_redirection( iface, proto, from, addr, to )
+  def add_port_redirection( r )
     # post route
     shell.execute('iptables -t nat -I POSTROUTING -s 0/0 -j MASQUERADE')
     # accept all
     shell.execute('iptables -P FORWARD ACCEPT')
     # add redirection
-    shell.execute("iptables -t nat -A PREROUTING -i #{iface} -p #{proto} --dport #{from} -j DNAT --to #{addr}:#{to}")
+    shell.execute("iptables -t nat -A PREROUTING -i #{r.interface} -p #{r.protocol} --dport #{r.src_port} -j DNAT --to #{r.dst_address}:#{r.dst_port}")
   end
 
-  def del_port_redirection( iface, proto, from, addr, to )
+  def del_port_redirection( r )
     # remove post route
     shell.execute('iptables -t nat -D POSTROUTING -s 0/0 -j MASQUERADE')
     # remove redirection
-    shell.execute("iptables -t nat -D PREROUTING -i #{iface} -p #{proto} --dport #{from} -j DNAT --to #{addr}:#{to}")
+    shell.execute("iptables -t nat -D PREROUTING -i #{r.interface} -p #{r.protocol} --dport #{r.src_port} -j DNAT --to #{r.dst_address}:#{r.dst_port}")
   end
 
   private

data/lib/bettercap/firewalls/osx.rb

@@ -31,12 +31,12 @@ class OSXFirewall < IFirewall
     rescue; end
   end
 
-  def add_port_redirection( iface, proto, from, addr, to )
+  def add_port_redirection( r )
     # create the pf config file
     config_file = "/tmp/bettercap_pf_#{Process.pid}.conf"
 
     File.open( config_file, 'a+t' ) do |f|
-      f.write "rdr pass on #{iface} proto #{proto} from any to any port #{from} -> #{addr} port #{to}\n"
+      f.write "rdr pass on #{r.interface} proto #{r.protocol} from any to any port #{r.src_port} -> #{r.dst_address} port #{r.dst_port}\n"
     end
 
     # load the rule
@@ -45,7 +45,7 @@ class OSXFirewall < IFirewall
     enable true
   end
 
-  def del_port_redirection( iface, proto, from, addr, to )
+  def del_port_redirection( r )
     # FIXME: This should search for multiple rules inside the
     # file and remove only this one.
 

data/lib/bettercap/logger.rb

@@ -11,43 +11,49 @@ This project is released under the GPL 3 license.
 =end
 module Logger
   class << self
-    attr_accessor :logfile, :debug_enabled
-
-    @@semaphore = Mutex.new
+    def init( debug, logfile )
+      @@debug   = debug
+      @@logfile = logfile
+      @@queue   = Queue.new
+      @@thread  = Thread.new { worker }
+    end
 
     def error(message)
-      write(formatted_message(message, 'E').red)
+      @@queue.push formatted_message(message, 'E').red
     end
 
     def info(message)
-      write(formatted_message(message, 'I'))
+      @@queue.push formatted_message(message, 'I')
     end
 
     def warn(message)
-      write(formatted_message(message, 'W').yellow)
+      @@queue.push formatted_message(message, 'W').yellow
     end
 
     def debug(message)
-      if @debug_enabled
-        write(formatted_message(message, 'D').light_black)
+      if @@debug
+        @@queue.push formatted_message(message, 'D').light_black
       end
     end
 
-    def write(message)
-      # make sure that logging is thread safe
-      @@semaphore.synchronize {
-        puts message
+    def raw(message)
+      @@queue.push message
+    end
+
+    private
 
-        if !@logfile.nil?
-          f = File.open( @logfile, 'a+t' )
+    def worker
+      loop do
+        message = @@queue.pop
+        puts message
+        unless @@logfile.nil?
+          f = File.open( @@logfile, 'a+t' )
           f.puts( message.gsub( /\e\[(\d+)(;\d+)*m/, '') + "\n")
           f.close
         end
-      }
+      end
     end
 
-    private
-
     def formatted_message(message, message_type)
       "[#{message_type}] #{message}"
     end

data/lib/bettercap/network.rb

@@ -45,11 +45,6 @@ class Network
           end
         end
       end
-
-      raise BetterCap::Error, "Could not detect the gateway address for interface #{Context.get.options.iface}, "\
-                              'make sure you\'ve specified the correct network interface to use and to have the '\
-                              'correct network configuration, this could also happen if bettercap '\
-                              'is launched from a virtual environment.' unless !gw.nil? and is_ip?(gw)
       gw
     end
 

data/lib/bettercap/options.rb

@@ -80,6 +80,187 @@ class Options
     @check_updates = false
   end
 
+  def self.parse!
+    ctx = Context.get
+
+    OptionParser.new do |opts|
+      opts.banner = "Usage: #{$0} [options]"
+      opts.version = BetterCap::VERSION
+
+      opts.on( '-G', '--gateway ADDRESS', 'Manually specify the gateway address, if not specified the current gateway will be retrieved and used. ' ) do |v|
+        ctx.options.gateway = v
+      end
+
+      opts.on( '-I', '--interface IFACE', 'Network interface name - default: ' + ctx.options.iface.to_s ) do |v|
+        ctx.options.iface = v
+      end
+
+      opts.on( '-S', '--spoofer NAME', 'Spoofer module to use, available: ' + SpooferFactory.available.join(', ') + ' - default: ' + ctx.options.spoofer ) do |v|
+        ctx.options.spoofer = v
+      end
+
+      opts.on( '-T', '--target ADDRESS1,ADDRESS2', 'Target IP addresses, if not specified the whole subnet will be targeted.' ) do |v|
+        ctx.options.target = v
+      end
+
+      opts.on( '--ignore ADDRESS1,ADDRESS2', 'Ignore these addresses if found while searching for targets.' ) do |v|
+        ctx.options.ignore = v
+      end
+
+      opts.on( '-O', '--log LOG_FILE', 'Log all messages into a file, if not specified the log messages will be only print into the shell.' ) do |v|
+        ctx.options.logfile = v
+      end
+
+      opts.on( '-D', '--debug', 'Enable debug logging.' ) do
+        ctx.options.debug = true
+      end
+
+      opts.on( '-L', '--local', 'Parse packets coming from/to the address of this computer ( NOTE: Will set -X to true ), default to false.' ) do
+        ctx.options.local = true
+        ctx.options.sniffer = true
+      end
+
+      opts.on( '-X', '--sniffer', 'Enable sniffer.' ) do
+        ctx.options.sniffer = true
+      end
+
+      opts.on( '--sniffer-source FILE', 'Load packets from the specified PCAP file instead of the interface ( will enable sniffer ).' ) do |v|
+        ctx.options.sniffer = true
+        ctx.options.sniffer_src = File.expand_path v
+      end
+
+      opts.on( '--sniffer-pcap FILE', 'Save all packets to the specified PCAP file ( will enable sniffer ).' ) do |v|
+        ctx.options.sniffer = true
+        ctx.options.sniffer_pcap = File.expand_path v
+      end
+
+      opts.on( '--sniffer-filter EXPRESSION', 'Configure the sniffer to use this BPF filter ( will enable sniffer ).' ) do |v|
+        ctx.options.sniffer = true
+        ctx.options.sniffer_filter = v
+      end
+
+      opts.on( '-P', '--parsers PARSERS', 'Comma separated list of packet parsers to enable, "*" for all ( NOTE: Will set -X to true ), available: ' + ParserFactory.available.join(', ') + ' - default: *' ) do |v|
+        ctx.options.sniffer = true
+        ctx.options.parsers = ParserFactory.from_cmdline(v)
+      end
+
+      opts.on( '--no-discovery', 'Do not actively search for hosts, just use the current ARP cache, default to false.' ) do
+        ctx.options.arpcache = true
+      end
+
+      opts.on( '--no-spoofing', 'Disable spoofing, alias for --spoofer NONE.' ) do
+        ctx.options.spoofer = 'NONE'
+      end
+
+      opts.on( '--half-duplex', 'Enable half-duplex MITM, this will make bettercap work in those cases when the router is not vulnerable.' ) do
+        ctx.options.half_duplex = true
+      end
+
+      opts.on( '--proxy', 'Enable HTTP proxy and redirects all HTTP requests to it, default to false.' ) do
+        ctx.options.proxy = true
+      end
+
+      opts.on( '--proxy-https', 'Enable HTTPS proxy and redirects all HTTPS requests to it, default to false.' ) do
+        ctx.options.proxy = true
+        ctx.options.proxy_https = true
+      end
+
+      opts.on( '--proxy-port PORT', 'Set HTTP proxy port, default to ' + ctx.options.proxy_port.to_s + ' .' ) do |v|
+        ctx.options.proxy = true
+        ctx.options.proxy_port = v.to_i
+      end
+
+      opts.on( '--proxy-https-port PORT', 'Set HTTPS proxy port, default to ' + ctx.options.proxy_https_port.to_s + ' .' ) do |v|
+        ctx.options.proxy = true
+        ctx.options.proxy_https = true
+        ctx.options.proxy_https_port = v.to_i
+      end
+
+      opts.on( '--proxy-pem FILE', 'Use a custom PEM certificate file for the HTTPS proxy.' ) do |v|
+        ctx.options.proxy = true
+        ctx.options.proxy_https = true
+        ctx.options.proxy_pem_file = File.expand_path v
+      end
+
+      opts.on( '--proxy-module MODULE', 'Ruby proxy module to load.' ) do |v|
+        ctx.options.proxy = true
+        ctx.options.proxy_module = File.expand_path v
+      end
+
+      opts.on( '--custom-proxy ADDRESS', 'Use a custom HTTP upstream proxy instead of the builtin one.' ) do |v|
+        ctx.options.custom_proxy = v
+      end
+
+      opts.on( '--custom-proxy-port PORT', 'Specify a port for the custom HTTP upstream proxy, default to ' + ctx.options.custom_proxy_port.to_s + ' .' ) do |v|
+        ctx.options.custom_proxy_port = v.to_i
+      end
+
+      opts.on( '--custom-https-proxy ADDRESS', 'Use a custom HTTPS upstream proxy instead of the builtin one.' ) do |v|
+        ctx.options.custom_https_proxy = v
+      end
+
+      opts.on( '--custom-https-proxy-port PORT', 'Specify a port for the custom HTTPS upstream proxy, default to ' + ctx.options.custom_https_proxy_port.to_s + ' .' ) do |v|
+        ctx.options.custom_https_proxy_port = v.to_i
+      end
+
+      opts.on( '--httpd', 'Enable HTTP server, default to false.' ) do
+        ctx.options.httpd = true
+      end
+
+      opts.on( '--httpd-port PORT', 'Set HTTP server port, default to ' + ctx.options.httpd_port.to_s +  '.' ) do |v|
+        ctx.options.httpd = true
+        ctx.options.httpd_port = v.to_i
+      end
+
+      opts.on( '--httpd-path PATH', 'Set HTTP server path, default to ' + ctx.options.httpd_path +  '.' ) do |v|
+        ctx.options.httpd = true
+        ctx.options.httpd_path = v
+      end
+
+      opts.on( '--check-updates', 'Will check if any update is available and then exit.' ) do
+        ctx.options.check_updates = true
+      end
+
+      opts.on('-h', '--help', 'Display the available options.') do
+        puts opts
+        puts "\nFor examples & docs please visit " + "http://bettercap.org/docs/".bold
+        exit
+      end
+    end.parse!
+
+    Logger.init( ctx.options.debug, ctx.options.logfile )
+
+    Logger.warn "You are running an unstable/beta version of this software, please" \
+                " update to a stable one if available." if BetterCap::VERSION =~ /[\d\.+]b/
+
+    if ctx.options.check_updates
+      UpdateChecker.check
+      exit
+    end
+
+    raise BetterCap::Error, 'This software must run as root.' unless Process.uid == 0
+    raise BetterCap::Error, 'No default interface found, please specify one with the -I argument.' if ctx.options.iface.nil?
+
+    unless ctx.options.gateway.nil?
+      raise BetterCap::Error, "The specified gateway '#{ctx.options.gateway}' is not a valid IPv4 address." unless Network.is_ip?(ctx.options.gateway)
+      ctx.gateway = ctx.options.gateway
+      Logger.debug("Targetting manually specified gateway #{ctx.gateway}")
+    end
+
+    unless ctx.options.target.nil?
+      ctx.targets = ctx.options.to_targets
+    end
+
+    # Load firewall instance, network interface informations and detect the
+    # gateway address.
+    ctx.update!
+
+    # Spoofers need the context network data to be initialized.
+    ctx.spoofer = ctx.options.to_spoofers
+
+    ctx
+  end
+
   def should_discover_hosts?
     !@arpcache
   end
@@ -89,7 +270,7 @@ class Options
   end
 
   def has_spoofer?
-    @spoofer == 'NONE' or @spoofer == 'none'
+    @spoofer != 'NONE' and @spoofer != 'none'
   end
 
   def has_http_sniffer_enabled?

data/lib/bettercap/proxy/stream_logger.rb

@@ -40,7 +40,7 @@ class StreamLogger
       response_s += " [#{response.code}]"
     end
 
-    Logger.write "[#{self.addr2s(client)}] #{request.verb.light_blue} #{request_s} #{response_s}"
+    Logger.raw "[#{self.addr2s(client)}] #{request.verb.light_blue} #{request_s} #{response_s}"
   end
 end
 end

data/lib/bettercap/shell.rb

@@ -12,13 +12,22 @@ module Shell
 
     #return the output of command
     def execute(command)
-      r=%x(#{command})
-      if $? != 0
-        raise BetterCap::Error, "Error, executing #{command}"
+      r = ''
+      10.times do
+        begin
+          r=%x(#{command})
+          if $? != 0
+            raise BetterCap::Error, "Error, executing #{command}"
+          end
+          break
+        rescue Errno::EMFILE => e
+          Logger.debug "Retrying command '#{command}' due to Errno::EMFILE error ..."
+          sleep 1
+        end
       end
-      return r
+      r
     end
-    
+
     def ifconfig(iface = '')
       self.execute( "LANG=en && ifconfig #{iface}" )
     end

data/lib/bettercap/sniffer/parsers/base.rb

@@ -28,7 +28,7 @@ class BaseParser
     s = pkt.to_s
     @filters.each do |filter|
       if s =~ filter
-        Logger.write "[#{addr2s(pkt.ip_saddr)}:#{pkt.tcp_src} > #{addr2s(pkt.ip_daddr)}:#{pkt.tcp_dst} #{pkt.proto.last}] " +
+        Logger.raw "[#{addr2s(pkt.ip_saddr)}:#{pkt.tcp_src} > #{addr2s(pkt.ip_daddr)}:#{pkt.tcp_dst} #{pkt.proto.last}] " +
                      "[#{@name}] ".green +
                      pkt.payload.strip.yellow
       end

data/lib/bettercap/sniffer/parsers/httpauth.rb

@@ -31,11 +31,11 @@ class HttpauthParser < BaseParser
         decoded = Base64.decode64(encoded)
         user, pass = decoded.split(':')
 
-        Logger.write "[#{addr2s(pkt.ip_saddr)}:#{pkt.tcp_src} > #{addr2s(pkt.ip_daddr)}:#{pkt.tcp_dst} #{pkt.proto.last}] " +
+        Logger.raw "[#{addr2s(pkt.ip_saddr)}:#{pkt.tcp_src} > #{addr2s(pkt.ip_daddr)}:#{pkt.tcp_dst} #{pkt.proto.last}] " +
           '[HTTP BASIC AUTH]'.green + " http://#{hostname}#{path} - username=#{user} password=#{pass}".yellow
 
       elsif line =~ /Authorization:\s*Digest\s+(.+)/i
-         Logger.write "[#{addr2s(pkt.ip_saddr)}:#{pkt.tcp_src} > #{addr2s(pkt.ip_daddr)}:#{pkt.tcp_dst} #{pkt.proto.last}] " +
+         Logger.raw "[#{addr2s(pkt.ip_saddr)}:#{pkt.tcp_src} > #{addr2s(pkt.ip_daddr)}:#{pkt.tcp_dst} #{pkt.proto.last}] " +
           '[HTTP DIGEST AUTH]'.green + " http://#{hostname}#{path}\n#{$1}".yellow
 
       end