bettercap 1.1.9 → 1.1.10

data/lib/bettercap/firewalls/redirection.rb

@@ -9,6 +9,7 @@ Blog   : http://www.evilsocket.net/
 This project is released under the GPL 3 license.
 
 =end
+module BetterCap
 class Redirection
   attr_reader :interface, :protocol, :src_port, :dst_address, :dst_port
 
@@ -20,4 +21,4 @@ class Redirection
     @dst_port    = dst_port
   end
 end
-
+end

data/lib/bettercap/httpd/server.rb

@@ -13,8 +13,8 @@ require 'webrick'
 
 require 'bettercap/logger'
 
+module BetterCap
 module HTTPD
-
 class Server
   def initialize( port = 8081, path = './' )
     @port = port
@@ -41,6 +41,5 @@ class Server
     @thread.join
   end
 end
-
 end
-
+end

data/lib/bettercap/logger.rb

@@ -9,13 +9,21 @@ Blog   : http://www.evilsocket.net/
 This project is released under the GPL 3 license.
 
 =end
+module BetterCap
 module Logger
   class << self
-    def init( debug, logfile )
+    @@queue   = Queue.new
+    @@debug   = false
+    @@silent  = false
+    @@logfile = nil
+    @@thread  = nil
+
+    def init( debug, logfile, silent )
       @@debug   = debug
       @@logfile = logfile
-      @@queue   = Queue.new
       @@thread  = Thread.new { worker }
+      @@silent  = silent
+      @@ctx     = Context.get
     end
 
     def error(message)
@@ -23,7 +31,7 @@ module Logger
     end
 
     def info(message)
-      @@queue.push formatted_message(message, 'I')
+      @@queue.push( formatted_message(message, 'I') ) unless @@silent
     end
 
     def warn(message)
@@ -31,13 +39,19 @@ module Logger
     end
 
     def debug(message)
-      if @@debug
+      if @@debug and not @@silent
         @@queue.push formatted_message(message, 'D').light_black
       end
     end
 
     def raw(message)
-      @@queue.push message
+      @@queue.push( message )
+    end
+
+    def wait!
+      while not @@queue.empty?
+        sleep 0.3
+      end
     end
 
     private
@@ -45,11 +59,13 @@ module Logger
     def worker
       loop do
         message = @@queue.pop
-        puts message
-        unless @@logfile.nil?
-          f = File.open( @@logfile, 'a+t' )
-          f.puts( message.gsub( /\e\[(\d+)(;\d+)*m/, '') + "\n")
-          f.close
+        if @@ctx.running
+          puts message
+          unless @@logfile.nil?
+            f = File.open( @@logfile, 'a+t' )
+            f.puts( message.gsub( /\e\[(\d+)(;\d+)*m/, '') + "\n")
+            f.close
+          end
         end
       end
     end
@@ -59,3 +75,4 @@ module Logger
     end
   end
 end
+end

data/lib/bettercap/monkey/packetfu/utils.rb

@@ -23,9 +23,9 @@ module PacketFu
       ret = {}
       iface = iface.to_s.scan(/[0-9A-Za-z]/).join
 
-      Logger.debug "ifconfig #{iface}"
-      
-      ifconfig_data = Shell.ifconfig(iface)
+      BetterCap::Logger.debug "ifconfig #{iface}"
+
+      ifconfig_data = BetterCap::Shell.ifconfig(iface)
       if ifconfig_data =~ /#{iface}/i
         ifconfig_data = ifconfig_data.split(/[\s]*\n[\s]*/)
       else
@@ -45,7 +45,7 @@ module PacketFu
     private
 
     def self.linux_ifconfig(iface='eth0',ifconfig_data)
-      Logger.debug "Linux ifconfig #{iface}:\n#{ifconfig_data}"
+      BetterCap::Logger.debug "Linux ifconfig #{iface}:\n#{ifconfig_data}"
 
       ret = {}
       real_iface = ifconfig_data.first
@@ -81,7 +81,7 @@ module PacketFu
     end
 
     def self.darwin_ifconfig(iface='eth0',ifconfig_data)
-      Logger.debug "OSX ifconfig #{iface}:\n#{ifconfig_data}"
+      BetterCap::Logger.debug "OSX ifconfig #{iface}:\n#{ifconfig_data}"
 
       ret = {}
       real_iface = ifconfig_data.first

data/lib/bettercap/network.rb

@@ -11,15 +11,7 @@ This project is released under the GPL 3 license.
 =end
 require 'thread'
 
-require 'bettercap/error'
-require 'bettercap/logger'
-require 'bettercap/shell'
-require 'bettercap/target'
-require 'bettercap/factories/firewall_factory'
-require 'bettercap/discovery/icmp'
-require 'bettercap/discovery/udp'
-require 'bettercap/discovery/arp'
-
+module BetterCap
 class Network
     class << self
     def is_ip?(ip)
@@ -29,6 +21,10 @@ class Network
       false
     end
 
+    def is_mac?(mac)
+      ( /^[a-f0-9]{1,2}\:[a-f0-9]{1,2}\:[a-f0-9]{1,2}\:[a-f0-9]{1,2}\:[a-f0-9]{1,2}\:[a-f0-9]{1,2}$/i =~ mac.to_s )
+    end
+
     def get_gateway
       nstat = Shell.execute('netstat -nr')
 
@@ -62,13 +58,7 @@ class Network
 
     def get_alive_targets( ctx, timeout = 5 )
       if ctx.options.should_discover_hosts?
-        icmp = IcmpAgent.new timeout
-        udp  = UdpAgent.new ctx.ifconfig, ctx.gateway, ctx.ifconfig[:ip_saddr]
-        arp  = ArpAgent.new ctx.ifconfig, ctx.gateway, ctx.ifconfig[:ip_saddr]
-
-        icmp.wait
-        arp.wait
-        udp.wait
+        start_agents( ctx, timeout )
       else
         Logger.debug 'Using current ARP cache.'
       end
@@ -76,6 +66,15 @@ class Network
       ArpAgent.parse ctx
     end
 
+    def get_ip_address( ctx, mac, timeout = 5 )
+      ip = ArpAgent.find_mac( mac )
+      if ip.nil?
+        start_agents( ctx, timeout )
+        ip = ArpAgent.find_mac( mac )
+      end
+      ip
+    end
+
 =begin
   Apparently on Mac OSX the gem pcaprub ( or libpcap itself ) has
   a bug, so we can't use 'PacketFu::Utils::arp' since the funtion
@@ -132,6 +131,16 @@ class Network
 
     private
 
+    def start_agents( ctx, timeout )
+      icmp = IcmpAgent.new timeout
+      udp  = UdpAgent.new ctx.ifconfig, ctx.gateway, ctx.ifconfig[:ip_saddr]
+      arp  = ArpAgent.new ctx.ifconfig, ctx.gateway, ctx.ifconfig[:ip_saddr]
+
+      icmp.wait
+      arp.wait
+      udp.wait
+    end
+
     def get_mac_from_capture( cap, ip_address )
       cap.stream.each do |p|
         arp_response = PacketFu::Packet.parse(p)
@@ -141,3 +150,4 @@ class Network
     end
   end
 end
+end

data/lib/bettercap/options.rb

@@ -9,7 +9,7 @@ Blog   : http://www.evilsocket.net/
 This project is released under the GPL 3 license.
 
 =end
-
+module BetterCap
 class Options
   attr_accessor :gateway,
                 :iface,
@@ -17,6 +17,7 @@ class Options
                 :half_duplex,
                 :target,
                 :logfile,
+                :silent,
                 :debug,
                 :arpcache,
                 :ignore,
@@ -25,6 +26,7 @@ class Options
                 :sniffer_filter,
                 :sniffer_src,
                 :parsers,
+                :custom_parser,
                 :local,
                 :proxy,
                 :proxy_https,
@@ -39,7 +41,8 @@ class Options
                 :httpd,
                 :httpd_port,
                 :httpd_path,
-                :check_updates
+                :check_updates,
+                :no_target_nbns
 
   def initialize( iface )
     @gateway = nil
@@ -48,8 +51,10 @@ class Options
     @half_duplex = false
     @target = nil
     @logfile = nil
+    @silent = false
     @debug = false
     @arpcache = false
+    @no_target_nbns = false
 
     @ignore = nil
 
@@ -58,6 +63,7 @@ class Options
     @sniffer_filter = nil
     @sniffer_src = nil
     @parsers = ['*']
+    @custom_parser = nil
     @local = false
 
     @proxy = false
@@ -144,6 +150,16 @@ class Options
         ctx.options.parsers = ParserFactory.from_cmdline(v)
       end
 
+      opts.on( '--custom-parser EXPRESSION', 'Use a custom regular expression in order to capture and show sniffed data ( NOTE: Will set -X to true ).' ) do |v|
+        ctx.options.sniffer       = true
+        ctx.options.parsers       = ['CUSTOM']
+        ctx.options.custom_parser = Regexp.new(v)
+      end
+
+      opts.on( '--silent', 'Suppress every message which is not an error or a warning, default to false.' ) do
+        ctx.options.silent = true
+      end
+
       opts.on( '--no-discovery', 'Do not actively search for hosts, just use the current ARP cache, default to false.' ) do
         ctx.options.arpcache = true
       end
@@ -152,6 +168,10 @@ class Options
         ctx.options.spoofer = 'NONE'
       end
 
+      opts.on( '--no-target-nbns', 'Disable target NBNS hostname resolution.' ) do
+        ctx.options.no_target_nbns = true
+      end
+
       opts.on( '--half-duplex', 'Enable half-duplex MITM, this will make bettercap work in those cases when the router is not vulnerable.' ) do
         ctx.options.half_duplex = true
       end
@@ -228,7 +248,7 @@ class Options
       end
     end.parse!
 
-    Logger.init( ctx.options.debug, ctx.options.logfile )
+    Logger.init( ctx.options.debug, ctx.options.logfile, ctx.options.silent )
 
     Logger.warn "You are running an unstable/beta version of this software, please" \
                 " update to a stable one if available." if BetterCap::VERSION =~ /[\d\.+]b/
@@ -309,13 +329,13 @@ class Options
 
   def to_targets
     targets = @target.split(",")
-    valid_targets = targets.select { |target| Network.is_ip?(target) }
+    valid_targets = targets.select { |target| Network.is_ip?(target) or Network.is_mac?(target) }
 
-    raise BetterCap::Error, "Invalid target" if valid_targets.empty?
+    raise BetterCap::Error, "Invalid target specified." if valid_targets.empty?
 
     invalid_targets = targets - valid_targets
     invalid_targets.each do |target|
-      Logger.warn "Invalid target #{target}"
+      Logger.warn "Invalid target specified: #{target}"
     end
 
     valid_targets.map { |target| Target.new(target) }
@@ -368,3 +388,4 @@ class Options
     redirections
   end
 end
+end

data/lib/bettercap/proxy/certstore.rb

@@ -12,13 +12,14 @@ This project is released under the GPL 3 license.
 require 'bettercap/logger'
 require 'openssl'
 
+module BetterCap
 module Proxy
   class CertStore
     @@selfsigned = {}
     @@frompems = {}
 
     def self.from_file( filename )
-      if !@@frompems.has_key? filename
+      unless @@frompems.has_key? filename
         Logger.info "Loading self signed HTTPS certificate from '#{filename}' ..."
 
         pem = File.read filename
@@ -30,7 +31,7 @@ module Proxy
     end
 
     def self.get_selfsigned( subject = '/C=US/ST=California/L=Mountain View/O=Google Inc/CN=www.google.com' )
-      if !@@selfsigned.has_key? subject
+      unless @@selfsigned.has_key? subject
         Logger.info "Generating self signed HTTPS certificate for subject '#{subject}' ..."
 
         key = OpenSSL::PKey::RSA.new(2048)
@@ -63,5 +64,5 @@ module Proxy
       @@selfsigned[subject]
     end
   end
-
+end
 end

data/lib/bettercap/proxy/module.rb

@@ -11,8 +11,8 @@ This project is released under the GPL 3 license.
 =end
 require 'bettercap/logger'
 
+module BetterCap
 module Proxy
-
 class Module
   @@modules = []
 
@@ -35,5 +35,5 @@ class Module
     end
   end
 end
-
+end
 end

data/lib/bettercap/proxy/proxy.rb

@@ -16,6 +16,7 @@ require 'uri'
 require 'bettercap/logger'
 require 'bettercap/network'
 
+module BetterCap
 module Proxy
 
 class Proxy
@@ -93,8 +94,7 @@ class Proxy
       begin
         @pool << @server.accept
       rescue Exception => e
-        Logger.warn("Error while accepting #{@type} connection: #{e.inspect}") \
-        unless !@running
+        Logger.warn("Error while accepting #{@type} connection: #{e.inspect}") if @running
       end
     end
 
@@ -122,7 +122,7 @@ class Proxy
   end
 
   def get_client_details( client )
-    if !@is_https
+    unless @is_https
       client_port, client_ip = Socket.unpack_sockaddr_in(client.getpeername)
     else
       _, client_port, _, client_ip = client.peeraddr
@@ -179,7 +179,7 @@ class Proxy
         response = Response.from_socket server
 
         if response.textual?
-          StreamLogger.log( @is_https, client_ip, request, response )
+          StreamLogger.log_http( @is_https, client_ip, request, response )
 
           Logger.debug 'Detected textual response'
 
@@ -207,5 +207,5 @@ class Proxy
   end
 end
 
-
+end
 end

data/lib/bettercap/proxy/request.rb

@@ -10,8 +10,8 @@ This project is released under the GPL 3 license.
 
 =end
 
+module BetterCap
 module Proxy
-
 class Request
   attr_reader :lines, :verb, :url, :host, :port, :content_length
 
@@ -94,5 +94,5 @@ class Request
       @lines.join("\n") + "\n"
     end
   end
-
+end
 end

data/lib/bettercap/proxy/response.rb

@@ -10,6 +10,7 @@ This project is released under the GPL 3 license.
 
 =end
 
+module BetterCap
 module Proxy
 
 class Response
@@ -103,3 +104,4 @@ class Response
 end
 
 end
+end