bettercap 1.4.6 → 1.5.0

data/lib/bettercap/monkey/em-proxy/proxy.rb

@@ -0,0 +1,23 @@
+class Proxy
+
+  def self.start(options, &blk)
+    # epoll is not supported on OSX!
+    # EM.epoll
+    EM.run do
+      # We'll take care of this.
+      #
+      # trap("TERM") { stop }
+      # trap("INT")  { stop }
+
+      EventMachine::start_server(options[:host], options[:port],
+                                 EventMachine::ProxyServer::Connection, options) do |c|
+        c.instance_eval(&blk)
+      end
+    end
+  end
+
+  def self.stop
+    EventMachine.stop
+  rescue
+  end
+end

data/lib/bettercap/monkey/packetfu/pcap.rb

@@ -0,0 +1,51 @@
+# encoding: UTF-8
+=begin
+
+BETTERCAP
+
+Author : Simone 'evilsocket' Margaritelli
+Email  : evilsocket@gmail.com
+Blog   : http://www.evilsocket.net/
+
+This project is released under the GPL 3 license.
+
+=end
+module PacketFu
+
+class PcapHeader
+  # Reads a string to populate the object.
+  # Conversion from big to little shouldn't be that big of a deal.
+  def read(str)
+    force_binary(str)
+    return self if str.nil?
+    str.force_encoding(Encoding::BINARY) if str.respond_to? :force_encoding
+
+    # Handle little endian pcap
+    if str[0,4] == self[:magic].to_s
+      self[:magic].read str[0,4]
+      self[:ver_major].read str[4,2]
+      self[:ver_minor].read str[6,2]
+      self[:thiszone].read str[8,4]
+      self[:sigfigs].read str[12,4]
+      self[:snaplen].read str[16,4]
+      self[:network].read str[20,4]
+    # Handle big endian pcap
+    elsif str[0,4] == MAGIC_BIG.to_s
+      # Since PcapFile.read uses our endianess, set it to 'big' anyway.
+      self[:endian] = :big
+
+      self[:magic].read     str[0,4].reverse
+      self[:ver_major].read str[4,2].reverse
+      self[:ver_minor].read str[6,2].reverse
+      self[:thiszone].read  str[8,4].reverse
+      self[:sigfigs].read   str[12,4].reverse
+      self[:snaplen].read   str[16,4].reverse
+      self[:network].read   str[20,4].reverse
+    else
+      raise "Incorrect magic for libpcap"
+    end
+    self
+  end
+end
+
+end

data/lib/bettercap/network/arp_reader.rb

@@ -21,8 +21,8 @@ class ArpReader
   def self.parse( ctx )
     targets = []
     self.parse_cache do |ip,mac|
-      if ip != ctx.gateway and ip != ctx.ifconfig[:ip_saddr]
-        if ctx.options.ignore_ip?(ip)
+      if ip != ctx.gateway.ip and ip != ctx.ifconfig[:ip_saddr]
+        if ctx.options.core.ignore_ip?(ip)
           Logger.debug "Ignoring #{ip} ..."
         else
           # reuse Target object if it's already a known address

data/lib/bettercap/network/network.rb

@@ -18,7 +18,7 @@ class << self
   # Return the current network gateway or nil.
   def get_gateway
     nstat = Shell.execute('netstat -nr')
-    iface = Context.get.options.iface
+    iface = Context.get.options.core.iface
 
     Logger.debug "NETSTAT:\n#{nstat}"
 
@@ -54,7 +54,7 @@ class << self
   # Return a list of BetterCap::Target objects found on the network, given a
   # BetterCap::Context ( +ctx+ ) and a +timeout+ in seconds for the operation.
   def get_alive_targets( ctx )
-    if ctx.options.should_discover_hosts?
+    if ctx.options.core.should_discover_hosts?
       start_agents( ctx )
     else
       Logger.debug 'Using current ARP cache.'

data/lib/bettercap/network/packet_queue.rb

@@ -29,13 +29,13 @@ class PacketQueue
     @udp      = UDPSocket.new
     @queue    = Queue.new
     @workers  = (0...nworkers).map { ::Thread.new { worker } }
+    @ctx      = Context.get
   end
 
   # Push a packet to the queue.
   def push(packet)
-    Context.run_gc if @queue.size == 0
-
     @queue.push(packet)
+    @ctx.memory.optimize! if ( @queue.size == 1 )
   end
 
   # Wait for the packet queue to be empty.

data/lib/bettercap/network/protos/base.rb

@@ -98,11 +98,6 @@ class Base
           offset = offset( info, pkt, offset  )
 
           value = data[offset..offset + size - 1].bytes.pack('c*')
-          if info[:opts].has_key?(:check)
-            if value != info[:opts][:check].force_encoding('ASCII-8BIT')
-              raise "Unexpected value '#{value}', expected '#{info[:opts][:check]}' ."
-            end
-          end
           offset += size
 
         when :stringz
@@ -116,6 +111,14 @@ class Base
 
         end
 
+        if info[:opts].has_key?(:check)
+          check = info[:opts][:check]
+          check = check.force_encoding('ASCII-8BIT') if check.respond_to? :force_encoding
+          if value != check
+            raise "Unexpected value '#{value}', expected '#{check}' ."
+          end
+        end
+
         pkt.send("#{name}=", value)
       end
 

data/lib/bettercap/network/protos/dhcp.rb

@@ -28,125 +28,6 @@ OP_MESSAGETYPES = {
 }
 
 OP_CONSTANTS = {
-  # DHCP Options
-  :DHCPPad                          => 0,
-  :DHCPSubnetMask                   => 1,
-  :DHCPTimeOffset                   => 2,
-  :DHCPRouter                       => 3,
-  :DHCPTimeServer                   => 4,
-  :DHCPNameServer                   => 5,
-  :DHCPDNS                          => 6,
-  :DHCPLogServer                    => 7,
-  :DHCPQuoteServer                  => 8,
-  :DHCPLPRServer                    => 9,
-  :DHCPImpressServer                => 10,
-  :DHCPRLServer                     => 11,
-  :DHCPHostName                     => 12,
-  :DHCPBootFileSize                 => 13,
-  :DHCPMeritDumpFile                => 14,
-  :DHCPDomainName                   => 15,
-  :DHCPSwapServer                   => 16,
-  :DHCPRootPath                     => 17,
-  :DHCPExtensionsPath               => 18,
-  :DHCPIPForwarding                 => 19,
-  :DHCPNonLocalRouting              => 20,
-  :DHCPPolicyFilter                 => 21,
-  :DHCPMaximumDRSize                => 22, # Datagram reassembly size
-  :DHCPDefaultIPTTL                 => 23,
-  :DHCPPathMTUAgingTimeout          => 24,
-  :DHCPPathMTUPlateauTable          => 25,
-  :DHCPInterfaceMTU                 => 26,
-  :DHCPAllSubnetsLocal              => 27,
-  :DHCPBroadcastAddress             => 28,
-  :DHCPPerformMask                  => 29, # Perform mask discovery
-  :DHCPMaskSupplier                 => 30, # Zelda flashbacks
-  :DHCPPerformRouter                => 31, # Perform router discovery
-  :DHCPRouterSolicitation           => 32, # Router Solicitation Address
-  :DHCPStaticRoutingEnable          => 33,
-  :DHCPTrailerEncap                 => 34, # Trailer Encapsulation
-  :DHCPArpCacheTimeout              => 35,
-  :DHCPEthernetEncap                => 36, # ethernet encapsulation
-  :DHCPDefaultTCPTTL                => 37,
-  :DHCPTCPKeepAliveInt              => 38, # TCP Keepalive interval
-  :DHCPTCPKeepAliveGB               => 39, # TCP Keepalive garbage
-  :DHCPNISDomain                    => 40,
-  :DHCPNISServer                    => 41,
-  :DHCPNTPServers                   => 42,
-  :DHCPVendorSpecificInfo           => 43,
-  :DHCPNetBIOSNameServer            => 44,
-  :DHCPNetBIOSDDS                   => 45,
-  :DHCPNetBIOSNodeType              => 46,
-  :DHCPNetBIOSScope                 => 47,
-  :DHCPXWindowSystemFont            => 48, # XWindow Font server
-  :DHCPXWindowSystemDM              => 49, # Xwindow System Display Server
-  :DHCPRequestedIPAddress           => 50,
-  :DHCPIPAddressLeaseTime           => 51,
-  :DHCPOptionOverload               => 52,
-  :DHCPMessageType                  => 53,
-  :DHCPServerIdentifier             => 54,
-  :DHCPParameters                   => 55,
-  :DHCPMessage                      => 56,
-  :DHCPMaxDHCPMessageSize           => 57,
-  :DHCPRenewTimeValue               => 58,
-  :DHCPRebindingTimeValue           => 59,
-  :DHCPClassIdentifier              => 60,
-  :DHCPClientIdentifier             => 61,
-  :DHCPNetWareIPDomainName          => 62,
-  :DHCPNetWareIPInformation         => 63,
-  :DHCPNISClientDomain              => 64,
-  :DHCPNISServers                   => 65,
-  :DHCPTFTPServerName               => 66,
-  :DHCPBootFileName                 => 67,
-  :DHCPMobileIPHomeAgent            => 68,
-  :DHCPSMTPServer                   => 69,
-  :DHCPPOPServer                    => 70,
-  :DHCPNNTPServer                   => 71,
-  :DHCPDefaultWWWServer             => 72,
-  :DHCPDefaultFingerServer          => 73,
-  :DHCPDefaultIRCServer             => 74,
-  :DHCPStreetTalkServer             => 75,
-  :DHCPStreetTalkDAS                => 76,
-  :DHCPUserClassInformation         => 77,
-  :DHCPSLPDirectoryAgent            => 78,
-  :DHCPSLPServiceScope              => 79,
-  :DHCPRapidCommit                  => 80,
-  :DHCPFQDN                         => 81,
-  :DHCPRelayAgentInformation        => 82,
-  :DHCPInternetStorageNameService   => 83,
-  # ??
-  :DHCPNDSServers                   => 85,
-  :DHCPNDSTreeName                  => 86,
-  :DHCPNDSContext                   => 87,
-  :DHCPBCMCSContDomainNameList      => 88,
-  :DHCPBCMCSContIPV4AddressList     => 89,
-  :DHCPAuthentication               => 90,
-  :DHCPClientLastTransactTime       => 91,
-  :DHCPAssociatedIP                 => 92,
-  :DHCPClientSystemArchType         => 93,
-  :DHCPClientNetworkInterfaceIdent  => 94,
-  :DHCPLDAP                         => 95,
-  # ??
-  :DHCPClientMachineIdent           => 97,
-  :DHCPOGUA                         => 98,
-  # ??
-  :DHCPAutonomousSystemNumber       => 109,
-  # ??
-  :DHCPNetInfoParentServerAddress   => 112,
-  :DHCPNetInfoParentServerTag       => 113,
-  :DHCPURL                          => 114,
-  :DHCPAutoConfigure                => 116,
-  :DHCPNameServiceSearch            => 117,
-  :DHCPSubnetSelection              => 118,
-  :DHCPDNSDomainSearchList          => 119,
-  :DHCPSIPServers                   => 120,
-  :DHCPClasslessStaticRoute         => 121,
-  :DHCPCableLabsClientConfig        => 122,
-  :DHCPGeoConf                      => 123,
-  # ??
-  :DHCPProxyAutoDiscovery           => 252
-}
-
-OP_CONSTANTS_REV = {
   0 => :Pad,
   1 => :SubnetMask,
   2 => :TimeOffset,
@@ -287,21 +168,21 @@ class Packet < Network::Protos::Base
   bytes     :dhcpoptions
 
   def type
-    self.each_option( :MessageType ) do |opt,data|
+    self.each_option( :MessageType ) do |_,data|
       return OP_MESSAGETYPES[ data[0] ]
     end
     OP_MESSAGETYPES[ @op ]
   end
 
   def client_identifier
-    self.each_option( :ClientIdentifier ) do |opt,data|
+    self.each_option( :ClientIdentifier ) do |_,data|
       return data.pack('c*')
     end
   end
 
   def authentication
     # Thank you Wireshark BOOTP dissector!
-    self.each_option( :Authentication ) do |opt,data|
+    self.each_option( :Authentication ) do |_,data|
       auth = {}
 
       auth['Protocol'] = AUTH_PROTOCOLS[ data[0] ]
@@ -333,8 +214,8 @@ class Packet < Network::Protos::Base
       data    = self.dhcpoptions[offset..offset+len-1]
       offset += len
 
-      if sym.nil? or OP_CONSTANTS_REV[opt] == sym
-        yield( OP_CONSTANTS_REV[opt], data )
+      if sym.nil? or OP_CONSTANTS[opt] == sym
+        yield( OP_CONSTANTS[opt], data )
       end
     end
   end

data/lib/bettercap/network/target.rb

@@ -58,7 +58,7 @@ class Target
     @mac      = Target.normalized_mac(mac) unless mac.nil?
     @vendor   = Target.lookup_vendor(@mac) unless mac.nil?
     @hostname = nil
-    @resolver = Thread.new { resolve! } unless Context.get.options.no_target_nbns or @ip.nil?
+    @resolver = Thread.new { resolve! } unless Context.get.options.core.no_target_nbns or @ip.nil?
   end
 
   # Return the integer representation of the +ip+ attribute which can be
@@ -67,11 +67,16 @@ class Target
     @ip.split('.').inject(0) {|total,value| (total << 8 ) + value.to_i}
   end
 
+  # Return true if both the ip and mac are not nil.
+  def spoofable?
+    ( !@ip.nil? and !@mac.nil? )
+  end
+
   # +mac+ attribute setter, it will normalize the +value+ and perform
   # a vendor lookup.
   def mac=(value)
     @mac = Target.normalized_mac(value)
-    @vendor = Target.lookup_vendor(@mac) if not @mac.nil?
+    @vendor = Target.lookup_vendor(@mac) unless @mac.nil?
   end
 
   # Return a verbose string representation of this object.

data/lib/bettercap/options/core_options.rb

@@ -0,0 +1,189 @@
+# encoding: UTF-8
+=begin
+
+BETTERCAP
+
+Author : Simone 'evilsocket' Margaritelli
+Email  : evilsocket@gmail.com
+Blog   : http://www.evilsocket.net/
+
+This project is released under the GPL 3 license.
+
+=end
+
+module BetterCap
+
+class CoreOptions
+  # Network interface.
+  attr_accessor :iface
+  # Gateway IP address.
+  attr_accessor :gateway
+  # Comma separated list of targets.
+  attr_accessor :targets
+  # Comma separated list of ip addresses to ignore.
+  attr_accessor :ignore
+  # If true will disable active network discovery, the program will just use
+  # the current ARP cache.
+  attr_accessor :arpcache
+  # If true, targets NBNS hostname resolution won't be performed.
+  attr_accessor :no_target_nbns
+  # Log file name.
+  attr_accessor :logfile
+  # If true the Logger will prepend timestamps to each line.
+  attr_accessor :log_timestamp
+  # If true will suppress every log message which is not an error or a warning.
+  attr_accessor :silent
+  # If true will enable debug messages.
+  attr_accessor :debug
+  # If different than 0, this time will be used as a delay while sending packets.
+  attr_accessor :packet_throttle
+  # If true, bettercap will check for updates then exit.
+  attr_accessor :check_updates
+
+  def initialize( iface )
+    @iface = iface
+    @gateway = nil
+    @targets = nil
+    @logfile = nil
+    @log_timestamp = false
+    @silent = false
+    @debug = false
+    @ignore = nil
+    @arpcache = false
+    @no_target_nbns = false
+    @packet_throttle = 0.0
+    @check_updates = false
+  end
+
+  def parse!( ctx, opts )
+    opts.separator ""
+    opts.separator "MAIN:".bold
+    opts.separator ""
+
+    opts.on( '-I', '--interface IFACE', 'Network interface name - default: ' + @iface.to_s.yellow ) do |v|
+      @iface = v
+    end
+
+    opts.on( '-G', '--gateway ADDRESS', 'Manually specify the gateway address, if not specified the current gateway will be retrieved and used. ' ) do |v|
+      @gateway = v
+      raise BetterCap::Error, "The specified gateway '#{v}' is not a valid IPv4 address." unless Network::Validator.is_ip?(v)
+    end
+
+    opts.on( '-T', '--target ADDRESS1,ADDRESS2', 'Target IP addresses, if not specified the whole subnet will be targeted.' ) do |v|
+      self.targets = v
+    end
+
+    opts.on( '--ignore ADDRESS1,ADDRESS2', 'Ignore these addresses if found while searching for targets.' ) do |v|
+      self.ignore = v
+    end
+
+    opts.on( '--no-discovery', "Do not actively search for hosts, just use the current ARP cache, default to #{'false'.yellow}." ) do
+      @arpcache = true
+    end
+
+    opts.on( '--no-target-nbns', 'Disable target NBNS hostname resolution.' ) do
+      @no_target_nbns = true
+    end
+
+    opts.on( '--packet-throttle NUMBER', 'Number of seconds ( can be a decimal number ) to wait between each packet to be sent.' ) do |v|
+      @packet_throttle = v.to_f
+      raise BetterCap::Error, "Invalid packet throttle value specified." if @packet_throttle <= 0.0
+    end
+
+    opts.on( '--check-updates', 'Will check if any update is available and then exit.' ) do
+      @check_updates = true
+    end
+
+    opts.on( '-h', '--help', 'Display the available options.') do
+      puts opts
+      puts "\nFor examples & docs please visit " + "http://bettercap.org/docs/".bold
+      exit
+    end
+
+    opts.separator ""
+    opts.separator "LOGGING:".bold
+    opts.separator ""
+
+    opts.on( '-O', '--log LOG_FILE', 'Log all messages into a file, if not specified the log messages will be only print into the shell.' ) do |v|
+      @logfile = v
+    end
+
+    opts.on( '--log-timestamp', 'Enable logging with timestamps for each line, disabled by default.' ) do
+      @log_timestamp = true
+    end
+
+    opts.on( '-D', '--debug', 'Enable debug logging.' ) do
+      @debug = true
+    end
+
+    opts.on( '--silent', "Suppress every message which is not an error or a warning, default to #{'false'.yellow}." ) do
+      @silent = true
+    end
+
+  end
+
+  def validate!
+    raise BetterCap::Error, 'This software must run as root.' unless Process.uid == 0
+    raise BetterCap::Error, 'No default interface found, please specify one with the -I argument.' if @iface.nil?
+  end
+
+  def discovery?
+    ( @targets.nil? and !@arpcache )
+  end
+
+  # Split specified targets and parse them ( either as IP or MAC ), will raise a
+  # BetterCap::Error if one or more invalid addresses are specified.
+  def targets=(value)
+    @targets = []
+
+    value.split(",").each do |t|
+      if Network::Validator.is_ip?(t) or Network::Validator.is_mac?(t)
+        @targets << Network::Target.new(t)
+
+      elsif Network::Validator.is_range?(t)
+        Network::Validator.each_in_range( t ) do |address|
+          @targets << Network::Target.new(address)
+        end
+
+      elsif Network::Validator.is_netmask?(t)
+        Network::Validator.each_in_netmask(t) do |address|
+          @targets << Network::Target.new(address)
+        end
+
+      else
+        raise BetterCap::Error, "Invalid target specified '#{t}', valid formats are IP addresses, "\
+                                "MAC addresses, IP ranges ( 192.168.1.1-30 ) or netmasks ( 192.168.1.1/24 ) ."
+      end
+    end
+  end
+
+  # Setter for the #ignore attribute, will raise a BetterCap::Error if one
+  # or more invalid IP addresses are specified.
+  def ignore=(value)
+    @ignore = value.split(",")
+    valid   = @ignore.select { |target| Network::Validator.is_ip?(target) }
+
+    raise BetterCap::Error, "Invalid ignore addresses specified." if valid.empty?
+
+    invalid = @ignore - valid
+    invalid.each do |target|
+      Logger.warn "Not a valid address: #{target}"
+    end
+
+    @ignore = valid
+
+    Logger.warn "Ignoring #{valid.join(", ")} ."
+  end
+
+  # Return true if the +ip+ address needs to be ignored, otherwise false.
+  def ignore_ip?(ip)
+    !@ignore.nil? and @ignore.include?(ip)
+  end
+
+  # Return true if active host discovery is enabled, otherwise false.
+  def should_discover_hosts?
+    !@arpcache
+  end
+end
+
+end