bettercap 1.1.8 → 1.1.9

data/lib/bettercap/sniffer/parsers/https.rb

@@ -28,7 +28,7 @@ class HttpsParser < BaseParser
           end
 
           if @@prev.nil? or @@prev != hostname
-            Logger.write "[#{addr2s(pkt.ip_saddr)}:#{pkt.tcp_src} > #{addr2s(pkt.ip_daddr)}:#{pkt.tcp_dst} #{pkt.proto.last}] " +
+            Logger.raw "[#{addr2s(pkt.ip_saddr)}:#{pkt.tcp_src} > #{addr2s(pkt.ip_daddr)}:#{pkt.tcp_dst} #{pkt.proto.last}] " +
                          '[HTTPS] '.green +
                          "https://#{hostname}/".yellow
 

data/lib/bettercap/sniffer/parsers/ntlmss.rb

@@ -30,7 +30,7 @@ class NtlmssParser < BaseParser
         s = pkt.to_s
         if s =~ /NTLMSSP\x00\x03\x00\x00\x00.+/
             # TODO: Parse NTLMSSP packet.
-            Logger.write "[#{addr2s(pkt.ip_saddr)} > #{addr2s(pkt.ip_daddr)} #{pkt.proto.last}] " +
+            Logger.raw "[#{addr2s(pkt.ip_saddr)} > #{addr2s(pkt.ip_daddr)} #{pkt.proto.last}] " +
                          '[NTLMSS] '.green +
                          bin2hex( pkt.payload ).yellow
         end

data/lib/bettercap/sniffer/parsers/post.rb

@@ -16,7 +16,7 @@ class PostParser < BaseParser
     def on_packet( pkt )
         s = pkt.to_s
         if s =~ /POST\s+[^\s]+\s+HTTP.+/
-            Logger.write "[#{addr2s(pkt.ip_saddr)}:#{pkt.tcp_src} > #{addr2s(pkt.ip_daddr)}:#{pkt.tcp_dst} #{pkt.proto.last}] " +
+            Logger.raw "[#{addr2s(pkt.ip_saddr)}:#{pkt.tcp_src} > #{addr2s(pkt.ip_daddr)}:#{pkt.tcp_dst} #{pkt.proto.last}] " +
                          "[POST]\n".green +
                          pkt.payload.strip.yellow
         end

data/lib/bettercap/sniffer/parsers/url.rb

@@ -19,7 +19,7 @@ class UrlParser < BaseParser
             host = $2
             url = $1
             if not url =~ /.+\.(png|jpg|jpeg|bmp|gif|img|ttf|woff|css|js).*/i
-                Logger.write "[#{addr2s(pkt.ip_saddr)}:#{pkt.tcp_src} > #{addr2s(pkt.ip_daddr)}:#{pkt.tcp_dst} #{pkt.proto.last}] " +
+                Logger.raw "[#{addr2s(pkt.ip_saddr)}:#{pkt.tcp_src} > #{addr2s(pkt.ip_daddr)}:#{pkt.tcp_dst} #{pkt.proto.last}] " +
                              '[GET] '.green +
                              "http://#{host}#{url}".yellow
             end

data/lib/bettercap/sniffer/sniffer.rb

@@ -23,21 +23,24 @@ class Sniffer
   @@cap     = nil
 
   def self.start( ctx )
-    Logger.info 'Starting sniffer ...'
-
-    setup( ctx )
-
-    self.stream.each do |p|
-      begin
-        parsed = Packet.parse p
-      rescue Exception => e
-        parsed = nil
-        Logger.debug e.message
-      end
-
-      if not parsed.nil? and parsed.is_ip? and !skip_packet?(parsed)
-        append_packet p
-        parse_packet parsed
+    Thread.new do
+      Logger.info 'Starting sniffer ...'
+
+      setup( ctx )
+
+      self.stream.each do |p|
+        break unless @@ctx.running
+        begin
+          parsed = Packet.parse p
+        rescue Exception => e
+          parsed = nil
+          Logger.debug e.message
+        end
+
+        if not parsed.nil? and parsed.is_ip? and !skip_packet?(parsed)
+          append_packet p
+          parse_packet parsed
+        end
       end
     end
   end

data/lib/bettercap/spoofers/arp.rb

@@ -19,22 +19,21 @@ require 'colorize'
 class ArpSpoofer < ISpoofer
   def initialize
     @ctx          = Context.get
-    @gw_hw        = nil
+    @gateway      = nil
     @forwarding   = @ctx.firewall.forwarding_enabled?
     @spoof_thread = nil
     @sniff_thread = nil
     @capture      = nil
     @running      = false
 
-    Logger.debug 'ARP SPOOFER SELECTED'
-
     Logger.info "Getting gateway #{@ctx.gateway} MAC address ..."
-    @gw_hw = Network.get_hw_address( @ctx.ifconfig, @ctx.gateway )
-    if @gw_hw.nil?
-      raise BetterCap::Error, "Couldn't determine router MAC"
-    end
 
-    Logger.info "  Gateway : #{@ctx.gateway} ( #{@gw_hw} )"
+    hw = Network.get_hw_address( @ctx.ifconfig, @ctx.gateway )
+    raise BetterCap::Error, "Couldn't determine router MAC" if hw.nil?
+
+    @gateway = Target.new( @ctx.gateway, hw )
+
+    Logger.info "  #{@gateway}"
   end
 
   def send_spoofed_packet( saddr, smac, daddr, dmac )
@@ -122,8 +121,8 @@ class ArpSpoofer < ISpoofer
             end
           end
 
-          send_spoofed_packet( @ctx.gateway, @ctx.ifconfig[:eth_saddr], target.ip, target.mac )
-          send_spoofed_packet( target.ip, @ctx.ifconfig[:eth_saddr], @ctx.gateway, @gw_hw ) unless @ctx.options.half_duplex
+          send_spoofed_packet( @gateway.ip, @ctx.ifconfig[:eth_saddr], target.ip, target.mac )
+          send_spoofed_packet( target.ip, @ctx.ifconfig[:eth_saddr], @gateway.ip, @gateway.mac ) unless @ctx.options.half_duplex
         end
 
         prev_size = @ctx.targets.size
@@ -150,9 +149,11 @@ class ArpSpoofer < ISpoofer
     Logger.info "Restoring ARP table of #{@ctx.targets.size} targets ..."
 
     @ctx.targets.each do |target|
-      if !target.mac.nil?
-        send_spoofed_packet( @ctx.gateway, @gw_hw, target.ip, target.mac )
-        send_spoofed_packet( target.ip, target.mac, @ctx.gateway, @gw_hw ) unless @ctx.options.half_duplex
+      unless target.mac.nil?
+        begin
+          send_spoofed_packet( @gateway.ip, @gateway.mac, target.ip, target.mac )
+          send_spoofed_packet( target.ip, target.mac, @gateway.ip, @gateway.mac ) unless @ctx.options.half_duplex
+        rescue; end
       end
     end
     sleep 1

data/lib/bettercap/target.rb

@@ -24,22 +24,25 @@ class Target
 
     def initialize( ip, mac=nil )
       @ip       = ip
-      @mac      = mac
-      @vendor   = Target.lookup_vendor(mac) if not mac.nil?
+      @mac      = normalized_mac mac unless mac.nil?
+      @vendor   = Target.lookup_vendor(@mac) unless mac.nil?
       @hostname = nil
       @resolver = Thread.new { resolve! }
     end
 
+    def sortable_ip
+      @ip.split('.').inject(0) {|total,value| (total << 8 ) + value.to_i}
+    end
+
     def mac=(value)
-      @mac = value
+      @mac = normalized_mac value
       @vendor = Target.lookup_vendor(@mac) if not @mac.nil?
     end
 
     def to_s
-      s = @ip
-      s += " ( #{@hostname} )" unless @hostname.nil?
-      s += " : #{@mac}"
-      s += " ( #{@vendor} )" unless @vendor.nil?
+      s = sprintf( '%-15s : %-17s', @ip, @mac )
+      s += " / #{@hostname}" unless @hostname.nil?
+      s += if @vendor.nil? then " ( ??? )" else " ( #{@vendor} )" end
       s
     end
 
@@ -51,8 +54,16 @@ class Target
       end
     end
 
+    def equals?(ip, mac)
+      ( @ip == ip && ( mac.nil? || @mac == normalized_mac(mac) ) )
+    end
+
 private
 
+    def normalized_mac(v)
+      v.split(':').map { |e| if e.size == 2 then e.upcase else "0#{e.upcase}" end }.join(':')
+    end
+
     def resolve!
       resp, sock = nil, nil
       begin

data/lib/bettercap/update_checker.rb

@@ -0,0 +1,53 @@
+=begin
+
+BETTERCAP
+
+Author : Simone 'evilsocket' Margaritelli
+Email  : evilsocket@gmail.com
+Blog   : http://www.evilsocket.net/
+
+This project is released under the GPL 3 license.
+
+=end
+require 'bettercap/version'
+require 'bettercap/error'
+require 'bettercap/logger'
+require 'net/http'
+require 'json'
+
+class UpdateChecker
+  def self.check
+    ver = self.get_latest_version
+    if self.vton( BetterCap::VERSION ) < self.vton( ver )
+      Logger.warn "New version '#{ver}' available!"
+    else
+      Logger.info 'You are running the latest version.'
+    end
+  rescue Exception => e
+    Logger.error("Error '#{e.class}' while checking for updates: #{e.message}")
+  end
+
+  def self.vton v
+    vi = 0.0
+    v.split('.').reverse.each_with_index do |e,i|
+      vi += ( e.to_i * 10**i ) - ( if e =~ /[\d+]b/ then 0.5 else 0 end )
+    end
+    vi
+  end
+
+  def self.get_latest_version
+    Logger.info 'Checking for updates ...'
+
+    api = URI('https://rubygems.org/api/v1/versions/bettercap/latest.json')
+    response = Net::HTTP.get_response(api)
+
+    case response
+    when Net::HTTPSuccess
+      json = JSON.parse(response.body)
+    else
+      raise response.message
+    end
+
+    return json['version']
+  end
+end

data/lib/bettercap/version.rb

@@ -10,6 +10,6 @@ This project is released under the GPL 3 license.
 
 =end
 module BetterCap
-  VERSION = '1.1.8'
+  VERSION = '1.1.9'
   BANNER = File.read( File.dirname(__FILE__) + '/banner' ).gsub( '#VERSION#', "v#{VERSION}")
 end

data/test/logger_test.rb

@@ -5,7 +5,7 @@ require 'logger'
 class LoggerTest < MiniTest::Test
   def test_writing_with_a_logfile
     silence do |output|
-      Logger.write 'Test log message'
+      Logger.raw 'Test log message'
       assert_equal output.read, "Test log message\n"
     end
   end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: bettercap
 version: !ruby/object:Gem::Version
-  version: 1.1.8
+  version: 1.1.9
 platform: ruby
 authors:
 - Simone Margaritelli
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-12-14 00:00:00.000000000 Z
+date: 2016-01-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: colorize
@@ -87,17 +87,11 @@ executables:
 extensions: []
 extra_rdoc_files: []
 files:
-- .gitignore
 - CONTRIBUTING.md
-- Gemfile
-- Gemfile.lock
 - LICENSE.md
 - README.md
-- Rakefile
 - TODO.md
-- bettercap.gemspec
-- bin/bettercap
-- lib/bettercap.rb
+- Rakefile
 - lib/bettercap/banner
 - lib/bettercap/base/ifirewall.rb
 - lib/bettercap/base/ispoofer.rb
@@ -106,6 +100,7 @@ files:
 - lib/bettercap/discovery/base.rb
 - lib/bettercap/discovery/icmp.rb
 - lib/bettercap/discovery/udp.rb
+- lib/bettercap/discovery.rb
 - lib/bettercap/error.rb
 - lib/bettercap/factories/firewall_factory.rb
 - lib/bettercap/factories/parser_factory.rb
@@ -141,7 +136,10 @@ files:
 - lib/bettercap/spoofers/arp.rb
 - lib/bettercap/spoofers/none.rb
 - lib/bettercap/target.rb
+- lib/bettercap/update_checker.rb
 - lib/bettercap/version.rb
+- lib/bettercap.rb
+- bin/bettercap
 - test/factories/firewall_factory_test.rb
 - test/factories/parser_factory_test.rb
 - test/factories/spoofer_factory_test.rb

data/.gitignore

@@ -1,12 +0,0 @@
-*.swp
-*.swo
-*.gem
-*.sh
-.idea
-cert.crt
-cert.key
-cert.pem
-test_https_proxy.rb
-test_chunked.rb
-mkchangelog.rb
-.tags*

data/Gemfile

@@ -1,2 +0,0 @@
-source "https://rubygems.org"
-gemspec

data/Gemfile.lock

@@ -1,25 +0,0 @@
-PATH
-  remote: .
-  specs:
-    bettercap (1.1.3)
-      colorize (~> 0.7.5)
-      packetfu (~> 1.1.10)
-      pcaprub (~> 0.12.0)
-
-GEM
-  remote: https://rubygems.org/
-  specs:
-    colorize (0.7.7)
-    minitest (5.7.0)
-    packetfu (1.1.10)
-    pcaprub (0.12.0)
-
-PLATFORMS
-  ruby
-
-DEPENDENCIES
-  bettercap!
-  minitest
-
-BUNDLED WITH
-   1.10.3

data/bettercap.gemspec

@@ -1,28 +0,0 @@
-require './lib/bettercap/version'
-
-Gem::Specification.new do |gem|
-  gem.name = %q{bettercap}
-  gem.version = BetterCap::VERSION
-  gem.license = 'GPL3'
-  gem.description = %q{A complete, modular, portable and easily extensible MITM framework.}
-  gem.summary = %q{A complete, modular, portable and easily extensible MITM framework.}
-  gem.required_ruby_version = '>= 1.9'
-  
-
-  gem.authors = ['Simone Margaritelli']
-  gem.email = %q{evilsocket@gmail.com}
-  gem.homepage = %q{http://github.com/evilsocket/bettercap}
-
-  gem.add_dependency( 'colorize', '~> 0.7.5' )
-  gem.add_dependency( 'packetfu', '~> 1.1.10' )
-  gem.add_dependency( 'pcaprub', '~> 0.12.0' )
-  gem.add_dependency( 'network_interface', '~> 0.0.1' )
-
-  gem.add_development_dependency( 'minitest' )
-
-  gem.files = `git ls-files`.split("\n")
-  gem.require_paths = ["lib"]
-
-  gem.executables   = %w(bettercap)
-  gem.rdoc_options = ["--charset=UTF-8"]
-end