bettercap 1.1.6 → 1.1.7
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/TODO.md +3 -9
- data/bin/bettercap +20 -0
- data/lib/bettercap/context.rb +2 -0
- data/lib/bettercap/discovery/arp.rb +7 -3
- data/lib/bettercap/firewalls/linux.rb +2 -2
- data/lib/bettercap/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 99ec69d1a1e157a94b36b3f9162d807a2dea9238
|
|
4
|
+
data.tar.gz: 616717ef0f681792c14ba6ff5dd4341462f175c2
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: f0cfae6e9605ffe0226b3d5bb3a85dafb2d808fd9e1ca3f3f020961769b3ba10fb5d87c9c7747de0fa2e4c3fc3a7a03fd3c0eca3f4710f9b19c1ffd9e5171fdf
|
|
7
|
+
data.tar.gz: 62981206dccd1fbaa956db5f2316dfe29f2a5e05dd495334f740c408adaf64ab1eb64da925cebe171f16ba00691131135cb26c0f3cffaec1abd967882a341b56
|
data/TODO.md
CHANGED
|
@@ -2,20 +2,14 @@ This is a list of TODOs I use to keep track of tasks and upcoming features.
|
|
|
2
2
|
|
|
3
3
|
---
|
|
4
4
|
|
|
5
|
-
- [x]
|
|
6
|
-
- [
|
|
7
|
-
- [
|
|
8
|
-
- [x] BeEF proxy module ( [BeefBOX](https://github.com/evilsocket/bettercap-proxy-modules/blob/master/beefbox.rb) ).
|
|
9
|
-
- [x] Use raw file arp parsing instead of "arp -a" to improve speed. ( Solved with arp -a -n )
|
|
10
|
-
- [x] sslmitm
|
|
11
|
-
- [x] Implement --custom-proxy option to redirect traffic to [3rd party tools such as Burp](https://twitter.com/c3c/status/670335125662601216).
|
|
5
|
+
- [x] Implement `--ignore ADDR,ADDR,ADDR` option to filter out specific addresses from the targets list.
|
|
6
|
+
- [ ] Rewrite proxy class using [em-proxy](https://github.com/igrigorik/em-proxy) library.
|
|
7
|
+
- [ ] [Active packet filtering/injection/etc](https://github.com/evilsocket/bettercap/issues/75) ( maybe using [this](https://github.com/gdelugre/ruby-nfqueue) ).
|
|
12
8
|
- [ ] *BSD Support.
|
|
13
9
|
- [ ] HTTP/2 Support.
|
|
14
|
-
- [ ] [Active packet filtering/injection/etc](https://github.com/evilsocket/bettercap/issues/75) ( maybe using [this](https://github.com/gdelugre/ruby-nfqueue) ).
|
|
15
10
|
|
|
16
11
|
**Maybe**
|
|
17
12
|
|
|
18
|
-
- [ ] Replace webrick with thin ( proxy too? )
|
|
19
13
|
- [ ] ICMP Redirect ? ( only half duplex and filtered by many firewalls anyway ... dunno ).
|
|
20
14
|
- [ ] DNS Spoofing ( not sure if it actually makes any sense ).
|
|
21
15
|
- [ ] Windows Support? ( OMG PLZ NO! )
|
data/bin/bettercap
CHANGED
|
@@ -40,6 +40,10 @@ begin
|
|
|
40
40
|
ctx.options[:target] = v
|
|
41
41
|
end
|
|
42
42
|
|
|
43
|
+
opts.on( '--ignore ADDRESS1,ADDRESS2', 'Ignore these addresses if found while searching for targets.' ) do |v|
|
|
44
|
+
ctx.options[:ignore] = v
|
|
45
|
+
end
|
|
46
|
+
|
|
43
47
|
opts.on( '-O', '--log LOG_FILE', 'Log all messages into a file, if not specified the log messages will be only print into the shell.' ) do |v|
|
|
44
48
|
ctx.options[:logfile] = v
|
|
45
49
|
end
|
|
@@ -205,6 +209,22 @@ begin
|
|
|
205
209
|
ctx.targets = valid_targets.map { |target| Target.new(target) }
|
|
206
210
|
end
|
|
207
211
|
|
|
212
|
+
unless ctx.options[:ignore].nil?
|
|
213
|
+
ignore = ctx.options[:ignore].split(",")
|
|
214
|
+
valid = ignore.select { |target| Network.is_ip?(target) }
|
|
215
|
+
|
|
216
|
+
raise BetterCap::Error, "Invalid ignore addresses specified." if valid.empty?
|
|
217
|
+
|
|
218
|
+
invalid = ignore - valid
|
|
219
|
+
invalid.each do |target|
|
|
220
|
+
Logger.warn "Not a valid address: #{target}"
|
|
221
|
+
end
|
|
222
|
+
|
|
223
|
+
ctx.options[:ignore] = valid
|
|
224
|
+
|
|
225
|
+
Logger.warn "Ignoring #{valid.join(", ")} ."
|
|
226
|
+
end
|
|
227
|
+
|
|
208
228
|
ctx.spoofer = []
|
|
209
229
|
spoofer_modules_names = ctx.options[:spoofer].split(",")
|
|
210
230
|
spoofer_modules_names.each do |module_name|
|
data/lib/bettercap/context.rb
CHANGED
|
@@ -28,9 +28,13 @@ class ArpAgent < BaseAgent
|
|
|
28
28
|
m = /[^\s]+\s+\(([0-9\.]+)\)\s+at\s+([a-f0-9:]+).+#{ctx.ifconfig[:iface]}.*/i.match(line)
|
|
29
29
|
if !m.nil?
|
|
30
30
|
if m[1] != ctx.gateway and m[1] != ctx.ifconfig[:ip_saddr] and m[2] != 'ff:ff:ff:ff:ff:ff'
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
31
|
+
if !ctx.options[:ignore].nil? and ctx.options[:ignore].include?( m[1] )
|
|
32
|
+
Logger.debug "Ignoring #{m[1]} ..."
|
|
33
|
+
else
|
|
34
|
+
target = Target.new( m[1], m[2] )
|
|
35
|
+
targets << target
|
|
36
|
+
Logger.debug "FOUND #{target}"
|
|
37
|
+
end
|
|
34
38
|
end
|
|
35
39
|
end
|
|
36
40
|
end
|
|
@@ -31,14 +31,14 @@ class LinuxFirewall < IFirewall
|
|
|
31
31
|
# accept all
|
|
32
32
|
shell.execute('iptables -P FORWARD ACCEPT')
|
|
33
33
|
# add redirection
|
|
34
|
-
shell.execute("iptables -t nat -A PREROUTING -i #{iface} -p #{proto} --dport #{from} -j
|
|
34
|
+
shell.execute("iptables -t nat -A PREROUTING -i #{iface} -p #{proto} --dport #{from} -j DNAT --to #{addr}:#{to}")
|
|
35
35
|
end
|
|
36
36
|
|
|
37
37
|
def del_port_redirection( iface, proto, from, addr, to )
|
|
38
38
|
# remove post route
|
|
39
39
|
shell.execute('iptables -t nat -D POSTROUTING -s 0/0 -j MASQUERADE')
|
|
40
40
|
# remove redirection
|
|
41
|
-
shell.execute("iptables -t nat -D PREROUTING -i #{iface} -p #{proto} --dport #{from} -j
|
|
41
|
+
shell.execute("iptables -t nat -D PREROUTING -i #{iface} -p #{proto} --dport #{from} -j DNAT --to #{addr}:#{to}")
|
|
42
42
|
end
|
|
43
43
|
|
|
44
44
|
private
|
data/lib/bettercap/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: bettercap
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.1.
|
|
4
|
+
version: 1.1.7
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Simone Margaritelli
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2015-
|
|
11
|
+
date: 2015-12-01 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: colorize
|