bettercap 1.4.6 → 1.5.0

data/lib/bettercap/options/sniff_options.rb

@@ -0,0 +1,90 @@
+# encoding: UTF-8
+=begin
+
+BETTERCAP
+
+Author : Simone 'evilsocket' Margaritelli
+Email  : evilsocket@gmail.com
+Blog   : http://www.evilsocket.net/
+
+This project is released under the GPL 3 license.
+
+=end
+
+module BetterCap
+
+class SniffOptions
+  # If true the BetterCap::Sniffer will be enabled.
+  attr_accessor :enabled
+  # PCAP file name to save captured packets to.
+  attr_accessor :output
+  # BPF filter to apply to sniffed packets.
+  attr_accessor :filter
+  # Input PCAP file, if specified the BetterCap::Sniffer will read packets
+  # from it instead of the network.
+  attr_accessor :src
+  # Comma separated list of BetterCap::Parsers to enable.
+  attr_accessor :parsers
+  # Regular expression to use with the BetterCap::Parsers::Custom parser.
+  attr_accessor :custom_parser
+  # If true, bettercap will sniff packets from the local interface as well.
+  attr_accessor :local
+
+  def initialize
+    @enabled = false
+    @output = nil
+    @filter = nil
+    @src = nil
+    @parsers = ['*']
+    @custom_parser = nil
+    @local = false
+  end
+
+  def parse!( ctx, opts )
+    opts.separator ""
+    opts.separator "SNIFFING:".bold
+    opts.separator ""
+
+    opts.on( '-X', '--sniffer', 'Enable sniffer.' ) do
+      @enabled = true
+    end
+
+    opts.on( '-L', '--local', "Parse packets coming from/to the address of this computer ( NOTE: Will set -X to true ), default to #{'false'.yellow}." ) do
+      @enabled = true
+      @local = true
+    end
+
+    opts.on( '--sniffer-source FILE', 'Load packets from the specified PCAP file instead of the interface ( will enable sniffer ).' ) do |v|
+      @enabled = true
+      @src = File.expand_path v
+    end
+
+    opts.on( '--sniffer-output FILE', 'Save all packets to the specified PCAP file ( will enable sniffer ).' ) do |v|
+      @enabled = true
+      @output = File.expand_path v
+    end
+
+    opts.on( '--sniffer-filter EXPRESSION', 'Configure the sniffer to use this BPF filter ( will enable sniffer ).' ) do |v|
+      @enabled = true
+      @filter = v
+    end
+
+    opts.on( '-P', '--parsers PARSERS', "Comma separated list of packet parsers to enable, '*' for all ( NOTE: Will set -X to true ), available: #{Parsers::Base.available.map { |x| x.yellow }.join(', ')} - default: #{'*'.yellow}" ) do |v|
+      @enabled = true
+      @parsers = Parsers::Base.from_cmdline(v)
+    end
+
+    opts.on( '--custom-parser EXPRESSION', 'Use a custom regular expression in order to capture and show sniffed data ( NOTE: Will set -X to true ).' ) do |v|
+      @enabled       = true
+      @parsers       = ['CUSTOM']
+      @custom_parser = Regexp.new(v)
+    end
+  end
+
+  # Return true if the specified +parser+ is enabled, otherwise false.
+  def enabled?( parser = nil )
+    @enabled and ( parser.nil? or ( @parsers.include?('*') or @parsers.include?(parser.upcase) ) )
+  end
+end
+
+end

data/lib/bettercap/options/spoof_options.rb

@@ -0,0 +1,71 @@
+# encoding: UTF-8
+=begin
+
+BETTERCAP
+
+Author : Simone 'evilsocket' Margaritelli
+Email  : evilsocket@gmail.com
+Blog   : http://www.evilsocket.net/
+
+This project is released under the GPL 3 license.
+
+=end
+
+module BetterCap
+
+class SpoofOptions
+  # Name of the spoofer to use.
+  attr_accessor :spoofer
+  # If true half duplex mode is enabled.
+  attr_accessor :half_duplex
+  # If true, bettercap won't forward packets for any target, causing
+  # connections to be killed.
+  attr_accessor :kill
+
+  def initialize
+    @spoofer = 'ARP'
+    @half_duplex = false
+    @kill = false
+  end
+
+  def parse!( ctx, opts )
+    opts.separator ""
+    opts.separator "SPOOFING:".bold
+    opts.separator ""
+
+    opts.on( '-S', '--spoofer NAME', "Spoofer module to use, available: #{Spoofers::Base.available.map{|x| x.yellow }.join(', ')} - default: #{@spoofer.yellow}." ) do |v|
+      @spoofer = v
+    end
+
+    opts.on( '--no-spoofing', "Disable spoofing, alias for #{'--spoofer NONE'.yellow}." ) do
+      @spoofer = 'NONE'
+    end
+
+    opts.on( '--half-duplex', 'Enable half-duplex MITM, this will make bettercap work in those cases when the router is not vulnerable.' ) do
+      @half_duplex = true
+    end
+
+    opts.on( '--kill', 'Instead of forwarding packets, this switch will make targets connections to be killed.' ) do
+      @kill = true
+    end
+  end
+
+  # Return true if a spoofer module was specified, otherwise false.
+  def enabled?
+    @spoofer.upcase != 'NONE'
+  end
+
+
+  # Parse spoofers and return a list of BetterCap::Spoofers objects. Raise a
+  # BetterCap::Error if an invalid spoofer name was specified.
+  def parse_spoofers
+    valid = []
+    @spoofer.split(",").each do |module_name|
+      valid << Spoofers::Base.get_by_name( module_name )
+    end
+    valid
+  end
+
+end
+
+end

data/lib/bettercap/proxy/{module.rb → http/module.rb}

@@ -13,6 +13,8 @@ This project is released under the GPL 3 license.
 
 module BetterCap
 module Proxy
+module HTTP
+
 # Base class for transparent proxy modules.
 class Module
   @@path    = File.dirname(__FILE__) + '/modules/'
@@ -40,13 +42,13 @@ class Module
   # Load the module with +name+.
   def self.load(ctx, opts, name)
     if self.is_builtin?(name)
-      ctx.options.proxy_module = "#{@@path}/#{name}.rb"
+      ctx.options.proxies.proxy_module = "#{@@path}/#{name}.rb"
     else
-      ctx.options.proxy_module = File.expand_path(name)
+      ctx.options.proxies.proxy_module = File.expand_path(name)
     end
 
     begin
-      require ctx.options.proxy_module
+      require ctx.options.proxies.proxy_module
 
       self.register_options(opts)
     rescue LoadError
@@ -83,7 +85,7 @@ class Module
 
   private
 
-  # Loop each available BetterCap::Proxy::Proxy module and yield each
+  # Loop each available BetterCap::Proxy::HTTP::Proxy module and yield each
   # one of them for the given code block.
   def self.each_module
       old_verbose, $VERBOSE = $VERBOSE, nil
@@ -97,5 +99,7 @@ class Module
       $VERBOSE = old_verbose
   end
 end
+
+end
 end
 end

data/lib/bettercap/proxy/{modules → http/modules}/injectcss.rb

@@ -12,7 +12,7 @@ This project is released under the GPL 3 license.
 =end
 
 # This proxy module will take care of CSS code injection.
-class InjectCSS < BetterCap::Proxy::Module
+class InjectCSS < BetterCap::Proxy::HTTP::Module
   # CSS data to be injected.
   @@cssdata = nil
   # CSS file URL to be injected.
@@ -51,7 +51,7 @@ class InjectCSS < BetterCap::Proxy::Module
     raise BetterCap::Error, "No --css-file, --css-url or --css-data options specified for the proxy module." if @@cssdata.nil? and @@cssurl.nil?
   end
 
-  # Called by the BetterCap::Proxy::Proxy processor on each HTTP +request+ and
+  # Called by the BetterCap::Proxy::HTTP::Proxy processor on each HTTP +request+ and
   # +response+.
   def on_request( request, response )
     # is it a html page?

data/lib/bettercap/proxy/{modules → http/modules}/injecthtml.rb

@@ -12,7 +12,7 @@ This project is released under the GPL 3 license.
 =end
 
 # This proxy module will take care of HTML code injection.
-class InjectHTML < BetterCap::Proxy::Module
+class InjectHTML < BetterCap::Proxy::HTTP::Module
   # URL of the iframe if --html-iframe-url was specified.
   @@iframe = nil
   # HTML data to be injected.
@@ -39,7 +39,7 @@ class InjectHTML < BetterCap::Proxy::Module
     raise BetterCap::Error, "No --html-data or --html-iframe-url options specified for the proxy module." if @@data.nil? and @@iframe.nil?
   end
 
-  # Called by the BetterCap::Proxy::Proxy processor on each HTTP +request+ and
+  # Called by the BetterCap::Proxy::HTTP::Proxy processor on each HTTP +request+ and
   # +response+.
   def on_request( request, response )
     # is it a html page?

data/lib/bettercap/proxy/{modules → http/modules}/injectjs.rb

@@ -12,7 +12,7 @@ This project is released under the GPL 3 license.
 =end
 
 # This proxy module will take care of Javascript code injection.
-class InjectJS < BetterCap::Proxy::Module
+class InjectJS < BetterCap::Proxy::HTTP::Module
   # JS data to be injected.
   @@jsdata = nil
   # JS file URL to be injected.
@@ -51,7 +51,7 @@ class InjectJS < BetterCap::Proxy::Module
     raise BetterCap::Error, "No --js-file, --js-url or --js-data options specified for the proxy module." if @@jsdata.nil? and @@jsurl.nil?
   end
 
-  # Called by the BetterCap::Proxy::Proxy processor on each HTTP +request+ and
+  # Called by the BetterCap::Proxy::HTTP::Proxy processor on each HTTP +request+ and
   # +response+.
   def on_request( request, response )
     # is it a html page?

data/lib/bettercap/proxy/{proxy.rb → http/proxy.rb}

@@ -13,7 +13,9 @@ This project is released under the GPL 3 license.
 
 module BetterCap
 module Proxy
-# Transparent proxy class.
+module HTTP
+
+# Transparent HTTP proxy class.
 class Proxy
   # Initialize the transparent proxy, making it listen on +address+:+port+.
   # If +is_https+ is true a HTTPS proxy will be created, otherwise a HTTP one.
@@ -171,9 +173,10 @@ class Proxy
 
   # Return true if sslstrip is needed for this proxy instance.
   def need_sslstrip?
-    ( Context.get.options.sslstrip and !@is_https )
+    ( Context.get.options.proxies.sslstrip and !@is_https )
   end
 end
 
 end
 end
+end

data/lib/bettercap/proxy/{request.rb → http/request.rb}

@@ -13,6 +13,8 @@ This project is released under the GPL 3 license.
 
 module BetterCap
 module Proxy
+module HTTP
+
 # HTTP request parser.
 class Request
   # HTTP method.
@@ -184,5 +186,7 @@ class Request
     @host = value if name == 'Host'
   end
 end
+
+end
 end
 end

data/lib/bettercap/proxy/{response.rb → http/response.rb}

@@ -13,6 +13,8 @@ This project is released under the GPL 3 license.
 
 module BetterCap
 module Proxy
+module HTTP
+
 # HTTP response parser.
 class Response
   # HTTP protocol version
@@ -221,3 +223,4 @@ end
 
 end
 end
+end

data/lib/bettercap/proxy/{ssl → http/ssl}/authority.rb

@@ -13,6 +13,7 @@ This project is released under the GPL 3 license.
 
 module BetterCap
 module Proxy
+module HTTP
 module SSL
 
 # Simple wrapper class used to fetch a server HTTPS certificate.
@@ -67,7 +68,7 @@ class Store
           s_cert = Fetcher.fetch( hostname, port )
           save_to_file( s_cert, filename )
         else
-          Logger.info "[#{'SSL'.green}] Loaded HTTPS certificate for '#{hostname}' from store."
+          Logger.debug "[#{'SSL'.green}] Loaded HTTPS certificate for '#{hostname}' from store."
         end
 
         @store[key] = s_cert
@@ -174,3 +175,4 @@ end
 end
 end
 end
+end

data/lib/bettercap/proxy/{ssl → http/ssl}/server.rb

@@ -13,6 +13,7 @@ This project is released under the GPL 3 license.
 
 module BetterCap
 module Proxy
+module HTTP
 module SSL
 
 # Little utility class to handle SSLServer creation.
@@ -26,7 +27,7 @@ class Server
 
   # Create an instance from the TCPSocket +socket+.
   def initialize( socket )
-    @authority    = Authority.new( Context.get.options.proxy_pem_file )
+    @authority    = Authority.new( Context.get.options.proxies.proxy_pem_file )
     @context      = OpenSSL::SSL::SSLContext.new
     @context.cert = @authority.certificate
     @context.key  = @authority.key
@@ -59,3 +60,4 @@ end
 end
 end
 end
+end

data/lib/bettercap/proxy/{sslstrip → http/sslstrip}/cookiemonitor.rb

@@ -13,6 +13,7 @@ This project is released under the GPL 3 license.
 
 module BetterCap
 module Proxy
+module HTTP
 module SSLStrip
 
 # Class to handle a cookies for sslstrip.
@@ -63,3 +64,4 @@ end
 end
 end
 end
+end

data/lib/bettercap/proxy/{sslstrip → http/sslstrip}/strip.rb

@@ -13,6 +13,7 @@ This project is released under the GPL 3 license.
 
 module BetterCap
 module Proxy
+module HTTP
 module SSLStrip
 
 # Represent a stripped url associated to the client that requested it.
@@ -105,7 +106,7 @@ class Strip
     @stripped = []
     @cookies  = CookieMonitor.new
     @favicon  = Response.from_file( File.dirname(__FILE__) + '/lock.ico', 'image/x-icon' )
-    @resolver = BetterCap::Network::Servers::DNSD.new( nil, ctx.ifconfig[:ip_saddr], ctx.options.dnsd_port )
+    @resolver = BetterCap::Network::Servers::DNSD.new( nil, ctx.ifconfig[:ip_saddr], ctx.options.servers.dnsd_port )
 
     @resolver.start
   end
@@ -184,7 +185,7 @@ class Strip
 
   # Clean some headers from +r+.
   def process_headers!(r)
-    what = r.is_a?(BetterCap::Proxy::Request) ? :req : :res
+    what = r.is_a?(BetterCap::Proxy::HTTP::Request) ? :req : :res
     HEADERS_TO_PATCH[what].each do |key,value|
       r[key] = value;
     end
@@ -321,3 +322,4 @@ end
 end
 end
 end
+end

data/lib/bettercap/proxy/{streamer.rb → http/streamer.rb}

@@ -13,7 +13,9 @@ This project is released under the GPL 3 license.
 
 module BetterCap
 module Proxy
-# Handle data streaming between clients and servers for the BetterCap::Proxy::Proxy.
+module HTTP
+
+# Handle data streaming between clients and servers for the BetterCap::Proxy::HTTP::Proxy.
 class Streamer
   # Initialize the class.
   def initialize( sslstrip )
@@ -97,7 +99,7 @@ class Streamer
   # Run proxy modules.
   def process( request, response = nil )
     # loop each loaded module and execute if enabled
-    BetterCap::Proxy::Module.modules.each do |mod|
+    BetterCap::Proxy::HTTP::Module.modules.each do |mod|
       if mod.enabled?
         # we need to save the original response in case something
         # in the module will go wrong
@@ -153,8 +155,8 @@ class Streamer
     [ client_ip, client_port ]
   end
 
-  # Use a Net::HTTP object in order to perform the +req+ BetterCap::Proxy::Request
-  # object, will return a BetterCap::Proxy::Response object instance.
+  # Use a Net::HTTP object in order to perform the +req+ BetterCap::Proxy::HTTP::Request
+  # object, will return a BetterCap::Proxy::HTTP::Response object instance.
   def perform_proxy_request(req, res)
     path         = req.path
     response     = nil
@@ -204,3 +206,4 @@ class Streamer
 end
 end
 end
+end

data/lib/bettercap/proxy/stream_logger.rb

@@ -91,10 +91,23 @@ class StreamLogger
     msg
   end
 
-  def self.dump_raw( data )
-    msg = ''
-    data.each_byte do |b|
-      msg << ( b.chr =~ /[[:print:]]/ ? b.chr : '.' ).yellow
+  def self.hexdump( data, opts = {} )
+    bytes     = data
+    msg       = ''
+    line_size = opts[:line_size] || 16
+    padding   = opts[:padding] || ''
+
+    while bytes
+      line  = bytes[0,line_size]
+      bytes = bytes[line_size,bytes.length]
+      d     = ''
+
+      line.each_byte {|i| d += "%02X " % i}
+      d += '   ' * (line_size-line.length)
+      d += ' '
+      line.each_byte{|i| d += ( i.chr =~ /[[:print:]]/ ? i.chr : '.' ) }
+
+      msg += "#{padding}#{d}\n"
     end
     msg
   end
@@ -102,7 +115,7 @@ class StreamLogger
   def self.dump_gzip( request )
     msg = ''
     uncompressed = Zlib::GzipReader.new(StringIO.new(request.body)).read
-    self.dump_raw( uncompressed )
+    self.hexdump( uncompressed )
   end
 
   def self.dump_json( request )
@@ -127,14 +140,17 @@ class StreamLogger
       when /application\/x-www-form-urlencoded.*/i
         msg << self.dump_form( request )
 
-      when 'gzip'
+      when /text\/plain.*/i
+        msg << request.body + "\n"
+
+      when /gzip.*/i
         msg << self.dump_gzip( request )
 
-      when 'application/json'
+      when /application\/json.*/i
         msg << self.dump_json( request )
 
       else
-        msg << self.dump_raw( request.body )
+        msg << self.hexdump( request.body )
       end
 
       Logger.raw "#{msg}\n"
@@ -157,7 +173,7 @@ class StreamLogger
 
     Logger.raw "[#{self.addr2s(request.client)}] #{request.method.light_blue} #{request_s}#{response_s}"
     # Log post body if the POST sniffer is enabled.
-    if Context.get.post_sniffer_enabled?
+    if Context.get.options.sniff.enabled?('POST')
       self.log_post( request )
     end
   end