bettercap 1.1.6 → 1.1.7

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: bf6cb814001171e091631b3082e258cd807d0462
-  data.tar.gz: de972dee2ca398ac9911c62e4c45b94cdda64bc1
+  metadata.gz: 99ec69d1a1e157a94b36b3f9162d807a2dea9238
+  data.tar.gz: 616717ef0f681792c14ba6ff5dd4341462f175c2
 SHA512:
-  metadata.gz: 4f92ecfd53401918b86eb687ab998063480d2ede0130a87df395381eb25e7d5f92524d5da9f33f4c8e57744bb26af355b22b6f640fdf6d5700b9a75bd90c2259
-  data.tar.gz: ace7626589c3c9b307c463320f227d0a52a6c9472132b201fe77be22d5d73c05a3f702dc69ebd5d7309974d8dc05cdc83768880b698c7a0656ce14ec0042161c
+  metadata.gz: f0cfae6e9605ffe0226b3d5bb3a85dafb2d808fd9e1ca3f3f020961769b3ba10fb5d87c9c7747de0fa2e4c3fc3a7a03fd3c0eca3f4710f9b19c1ffd9e5171fdf
+  data.tar.gz: 62981206dccd1fbaa956db5f2316dfe29f2a5e05dd495334f740c408adaf64ab1eb64da925cebe171f16ba00691131135cb26c0f3cffaec1abd967882a341b56

data/TODO.md

@@ -2,20 +2,14 @@ This is a list of TODOs I use to keep track of tasks and upcoming features.
 
 ---
 
-- [x] Replace PacketFu::Utils::whoami? with something else.
-- [x] Capture to .pcap file.
-- [x] BPF filters.
-- [x] BeEF proxy module ( [BeefBOX](https://github.com/evilsocket/bettercap-proxy-modules/blob/master/beefbox.rb) ).
-- [x] Use raw file arp parsing instead of "arp -a" to improve speed. ( Solved with arp -a -n )
-- [x] sslmitm
-- [x] Implement --custom-proxy option to redirect traffic to [3rd party tools such as Burp](https://twitter.com/c3c/status/670335125662601216).
+- [x] Implement `--ignore ADDR,ADDR,ADDR` option to filter out specific addresses from the targets list.
+- [ ] Rewrite proxy class using [em-proxy](https://github.com/igrigorik/em-proxy) library.
+- [ ] [Active packet filtering/injection/etc](https://github.com/evilsocket/bettercap/issues/75) ( maybe using [this](https://github.com/gdelugre/ruby-nfqueue) ).
 - [ ] *BSD Support.
 - [ ] HTTP/2 Support.
-- [ ] [Active packet filtering/injection/etc](https://github.com/evilsocket/bettercap/issues/75) ( maybe using [this](https://github.com/gdelugre/ruby-nfqueue) ).
 
 **Maybe**
 
-- [ ] Replace webrick with thin ( proxy too? )
 - [ ] ICMP Redirect ? ( only half duplex and filtered by many firewalls anyway ... dunno ).
 - [ ] DNS Spoofing ( not sure if it actually makes any sense ).
 - [ ] Windows Support? ( OMG PLZ NO! )

data/bin/bettercap

@@ -40,6 +40,10 @@ begin
       ctx.options[:target] = v
     end
 
+    opts.on( '--ignore ADDRESS1,ADDRESS2', 'Ignore these addresses if found while searching for targets.' ) do |v|
+      ctx.options[:ignore] = v
+    end
+
     opts.on( '-O', '--log LOG_FILE', 'Log all messages into a file, if not specified the log messages will be only print into the shell.' ) do |v|
       ctx.options[:logfile] = v
     end
@@ -205,6 +209,22 @@ begin
     ctx.targets = valid_targets.map { |target| Target.new(target) }
   end
 
+  unless ctx.options[:ignore].nil?
+    ignore = ctx.options[:ignore].split(",")
+    valid = ignore.select { |target| Network.is_ip?(target) }
+
+    raise BetterCap::Error, "Invalid ignore addresses specified." if valid.empty?
+
+    invalid = ignore - valid
+    invalid.each do |target|
+      Logger.warn "Not a valid address: #{target}"
+    end
+
+    ctx.options[:ignore] = valid
+
+    Logger.warn "Ignoring #{valid.join(", ")} ."
+  end
+
   ctx.spoofer = []
   spoofer_modules_names = ctx.options[:spoofer].split(",")
   spoofer_modules_names.each do |module_name|

data/lib/bettercap/context.rb

@@ -45,6 +45,8 @@ class Context
       debug: false,
       arpcache: false,
 
+      ignore: nil,
+
       sniffer: false,
       sniffer_pcap: nil,
       sniffer_filter: nil,

data/lib/bettercap/discovery/arp.rb

@@ -28,9 +28,13 @@ class ArpAgent < BaseAgent
       m = /[^\s]+\s+\(([0-9\.]+)\)\s+at\s+([a-f0-9:]+).+#{ctx.ifconfig[:iface]}.*/i.match(line)
       if !m.nil?
         if m[1] != ctx.gateway and m[1] != ctx.ifconfig[:ip_saddr] and m[2] != 'ff:ff:ff:ff:ff:ff'
-          target = Target.new( m[1], m[2] )
-          targets << target
-          Logger.debug "FOUND  #{target}"
+          if !ctx.options[:ignore].nil? and ctx.options[:ignore].include?( m[1] )
+            Logger.debug "Ignoring #{m[1]} ..."
+          else
+            target = Target.new( m[1], m[2] )
+            targets << target
+            Logger.debug "FOUND  #{target}"
+          end
         end
       end
     end

data/lib/bettercap/firewalls/linux.rb

@@ -31,14 +31,14 @@ class LinuxFirewall < IFirewall
     # accept all
     shell.execute('iptables -P FORWARD ACCEPT')
     # add redirection
-    shell.execute("iptables -t nat -A PREROUTING -i #{iface} -p #{proto} --dport #{from} -j REDIRECT --to #{addr}:#{to}")
+    shell.execute("iptables -t nat -A PREROUTING -i #{iface} -p #{proto} --dport #{from} -j DNAT --to #{addr}:#{to}")
   end
 
   def del_port_redirection( iface, proto, from, addr, to )
     # remove post route
     shell.execute('iptables -t nat -D POSTROUTING -s 0/0 -j MASQUERADE')
     # remove redirection
-    shell.execute("iptables -t nat -D PREROUTING -i #{iface} -p #{proto} --dport #{from} -j REDIRECT --to #{addr}:#{to}")
+    shell.execute("iptables -t nat -D PREROUTING -i #{iface} -p #{proto} --dport #{from} -j DNAT --to #{addr}:#{to}")
   end
 
   private

data/lib/bettercap/version.rb

@@ -10,6 +10,6 @@ This project is released under the GPL 3 license.
 
 =end
 module BetterCap
-  VERSION = '1.1.6'
+  VERSION = '1.1.7'
   BANNER = File.read( File.dirname(__FILE__) + '/banner' ).gsub( '#VERSION#', "v#{VERSION}")
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: bettercap
 version: !ruby/object:Gem::Version
-  version: 1.1.6
+  version: 1.1.7
 platform: ruby
 authors:
 - Simone Margaritelli
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-11-29 00:00:00.000000000 Z
+date: 2015-12-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: colorize