bettercap 1.2.1 → 1.2.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 14c3df538db89404723e56bde2c2a8a92446d8f9
-  data.tar.gz: 7b48c98712b2c2b879f6e7bfc67529627ba1668d
+  metadata.gz: 54766752ef4193add9d30875e978316b4489c9f2
+  data.tar.gz: dd4a0475d6156464f1bbb7b2b0bc55be09e32afc
 SHA512:
-  metadata.gz: c35e2b12effaa67a2236427922d0f7af6d200f177304e3d2f09adb3b38db1b7c7cc6b0c7f9f6ee7f70a3d8155a99f8dedcc0351f099871819357277338e54148
-  data.tar.gz: 1477fda71236367e364c3e392f2b44b1edbef1d19f3a792231d0a32bc613500a9b6dea86881d699a92b1afcfe5a58a61c604963df3ad16eecc99abb2a60d3d09
+  metadata.gz: e073d1158b3cc7f6125d7e7b98cf6f41712c491d4687418bed7d647a2435c1ff10f8c41cda3987a19c894a33351648c1fdda1e5db090286280e8f7224136e284
+  data.tar.gz: 538f6f46aaf601822f7b582e5da4a3432bbe57f3bb17f71f197163ea46447cac9377f909dcf98fca39cd18f67385cb2299a528a495d0137ade3530e25364e93a

data/README.md

@@ -1,8 +1,7 @@
-![logo](http://www.bettercap.org/assets/img/navbar-logo.png)
-
+![logo](http://www.bettercap.org/assets/img/homepage-logo.png)  
 http://www.bettercap.org/
 
-[![Gem Version](https://badge.fury.io/rb/bettercap.svg)](http://badge.fury.io/rb/bettercap) [![Code Climate](https://codeclimate.com/github/evilsocket/bettercap/badges/gpa.svg)](https://codeclimate.com/github/evilsocket/bettercap) [![Join the chat at https://gitter.im/evilsocket/bettercap-proxy-modules](https://badges.gitter.im/evilsocket/bettercap-proxy-modules.svg)](https://gitter.im/evilsocket/bettercap-proxy-modules?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
+[![Gem Version](https://badge.fury.io/rb/bettercap.svg)](http://badge.fury.io/rb/bettercap) [![Code Climate](https://codeclimate.com/github/evilsocket/bettercap/badges/gpa.svg)](https://codeclimate.com/github/evilsocket/bettercap) [![Join the chat at https://gitter.im/evilsocket/bettercap](https://badges.gitter.im/evilsocket/bettercap.svg)](https://gitter.im/evilsocket/bettercap?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
 ---
 
 **bettercap** is a complete, modular, portable and easily extensible **MITM** tool and framework with every kind of diagnostic

data/lib/bettercap.rb

@@ -28,8 +28,8 @@ require 'bettercap/update_checker'
 require 'bettercap/error'
 require 'bettercap/loader'
 require 'bettercap/options'
-require 'bettercap/arp_reader'
-require 'bettercap/packet_queue'
+require 'bettercap/network/arp_reader'
+require 'bettercap/network/packet_queue'
 require 'bettercap/discovery/thread'
 require 'bettercap/discovery/agents/base'
 require 'bettercap/discovery/agents/arp'
@@ -42,9 +42,9 @@ require 'bettercap/factories/spoofer'
 require 'bettercap/factories/parser'
 require 'bettercap/logger'
 require 'bettercap/shell'
-require 'bettercap/network'
+require 'bettercap/network/network'
 require 'bettercap/version'
-require 'bettercap/target'
+require 'bettercap/network/target'
 require 'bettercap/sniffer/sniffer'
 require 'bettercap/firewalls/redirection'
 require 'bettercap/proxy/stream_logger'

data/lib/bettercap/context.rb

@@ -100,7 +100,7 @@ class Context
     end
     Logger.debug "--------------------------------\n"
 
-    @packets = PacketQueue.new( @ifconfig[:iface], 4 )
+    @packets = Network::PacketQueue.new( @ifconfig[:iface], @options.packet_throttle, 4 )
   end
 
   # Find a target given its +ip+ and +mac+ addresses inside the #targets
@@ -128,7 +128,7 @@ class Context
   def create_proxies
     if @options.has_proxy_module?
       Proxy::Module.register_modules
-      
+
       raise BetterCap::Error, "#{@options.proxy_module} is not a valid bettercap proxy module." if Proxy::Module.modules.empty?
     end
 

data/lib/bettercap/discovery/thread.rb

@@ -54,6 +54,7 @@ class Thread
         @ctx.targets.each do |target|
           msg += "  #{target}\n"
         end
+        msg += "\n"
         Logger.raw msg
       end
 

data/lib/bettercap/{arp_reader.rb → network/arp_reader.rb}

@@ -8,6 +8,7 @@ This project is released under the GPL 3 license.
 require 'bettercap/error'
 
 module BetterCap
+module Network
 # This class is responsible for reading the computer ARP table.
 class ArpReader
   # Parse the current ARP cache and return a list of BetterCap::Target
@@ -76,3 +77,4 @@ class ArpReader
   end
 end
 end
+end

data/lib/bettercap/{network.rb → network/network.rb}

@@ -13,7 +13,7 @@ require 'thread'
 
 module BetterCap
 # Handles various network related tasks.
-class Network
+module Network
 class << self
   # Return true if +ip+ is a valid IP address, otherwise false.
   def is_ip?(ip)

data/lib/bettercap/{packet_queue.rb → network/packet_queue.rb}

@@ -8,15 +8,20 @@ This project is released under the GPL 3 license.
 require 'bettercap/error'
 
 module BetterCap
+module Network
 # This class is responsible for sending various network packets.
 class PacketQueue
   # Initialize the PacketQueue, it will spawn +nworkers+ thread and
   # will send packets to the +iface+ network interface.
-  def initialize( iface, nworkers = 4 )
+  # If +packet_throttle+ is different than 0.0, it will be used as
+  # a delay between each packet to be sent.
+  def initialize( iface, packet_throttle = 0.0, nworkers = 4 )
     @iface    = iface
     @nworkers = nworkers
+    @throttle = packet_throttle;
     @running  = true
-    @injector = PacketFu::Inject.new(:iface => iface)
+    @stream   = Pcap.open_live( iface, 0xffff, false , 1 )
+    @mutex    = Mutex.new
     @udp      = UDPSocket.new
     @queue    = Queue.new
     @workers  = (0...nworkers).map { ::Thread.new { worker } }
@@ -49,14 +54,17 @@ class PacketQueue
 
   def dispatch_udp_packet(packet)
     ip, port, data = packet
-    Logger.debug "Sending UDP data packet to #{ip}:#{port} ..."
-    @udp.send( data, 0, ip, port )
+    @mutex.synchronize {
+      Logger.debug "Sending UDP data packet to #{ip}:#{port} ..."
+      @udp.send( data, 0, ip, port )
+    }
   end
 
   def dispatch_raw_packet(packet)
-    Logger.debug "Sending #{packet.class.name} packet ..."
-    @injector.array = [packet.headers[0].to_s]
-    @injector.inject
+    @mutex.synchronize {
+      Logger.debug "Sending #{packet.class.name} packet ..."
+      @stream.inject( packet.headers[0].to_s )
+    }
   end
 
   def worker
@@ -77,6 +85,9 @@ class PacketQueue
         when Object
           dispatch_raw_packet(packet)
         end
+
+        sleep(@throttle) if @throttle != 0.0
+
       rescue Exception => e
         Logger.debug "#{self.class.name} ( #{packet.class.name} ) : #{e.message}"
 
@@ -94,3 +105,4 @@ class PacketQueue
   end
 end
 end
+end

data/lib/bettercap/{target.rb → network/target.rb}

@@ -13,6 +13,7 @@ require 'bettercap/logger'
 require 'socket'
 
 module BetterCap
+module Network
 # This class represents a target, namely a single endpoint device on the
 # network.
 class Target
@@ -153,3 +154,4 @@ private
   end
 end
 end
+end

data/lib/bettercap/options.rb

@@ -83,6 +83,8 @@ class Options
   # If true, bettercap won't forward packets for any target, causing
   # connections to be killed.
   attr_accessor :kill
+  # If different than 0, this time will be used as a delay while sending packets.
+  attr_accessor :packet_throttle
 
   # Create a BetterCap::Options class instance using the specified network interface.
   def initialize( iface )
@@ -97,6 +99,7 @@ class Options
     @arpcache = false
     @no_target_nbns = false
     @kill = false
+    @packet_throttle = 0.0
 
     @ignore = nil
 
@@ -250,13 +253,8 @@ class Options
         ctx.options.proxy_pem_file = File.expand_path v
       end
 
-      opts.on( '--proxy-module MODULE', 'Ruby proxy module to load.' ) do |v|
-        ctx.options.proxy = true
-        ctx.options.proxy_module = File.expand_path v
-
-        require ctx.options.proxy_module
-
-        Proxy::Module.register_options(opts)
+      opts.on( '--proxy-module MODULE', 'Ruby proxy module to load, either a custom file or one of the following: ' + Proxy::Module.available.join(', ') + ' .' ) do |v|
+        Proxy::Module.load(ctx, opts, v)
       end
 
       opts.on( '--custom-proxy ADDRESS', 'Use a custom HTTP upstream proxy instead of the builtin one.' ) do |v|
@@ -293,6 +291,11 @@ class Options
         ctx.options.kill = true
       end
 
+      opts.on( '--packet-throttle NUMBER', 'Number of seconds ( can be a decimal number ) to wait between each packet to be sent.' ) do |v|
+        ctx.options.packet_throttle = v.to_f
+        raise BetterCap::Error, "Invalid packet throttle value specified." if ctx.options.packet_throttle <= 0.0
+      end
+
       opts.on( '--check-updates', 'Will check if any update is available and then exit.' ) do
         ctx.options.check_updates = true
       end
@@ -407,7 +410,7 @@ class Options
       Logger.warn "Invalid target specified: #{target}"
     end
 
-    valid_targets.map { |target| Target.new(target) }
+    valid_targets.map { |target| Network::Target.new(target) }
   end
 
   # Parse spoofers and return a list of BetterCap::Spoofers objects. Raise a

data/lib/bettercap/proxy/module.rb

@@ -15,7 +15,44 @@ module BetterCap
 module Proxy
 # Base class for transparent proxy modules.
 class Module
+  @@path    = File.dirname(__FILE__) + '/modules/'
   @@modules = []
+
+  # Return a list of available builtin proxy module names.
+  def self.available
+    avail = []
+    Dir.foreach( @@path ) do |file|
+      if file =~ /.rb/
+        avail << file.gsub('.rb','')
+      end
+    end
+    avail
+  end
+
+  # Check if the module with +name+ is within the builtin ones.
+  def self.is_builtin?(name)
+    self.available.include?(name)
+  end
+
+  # Load the module with +name+.
+  def self.load(ctx, opts, name)
+    ctx.options.proxy = true
+
+    if self.is_builtin?(name)
+      ctx.options.proxy_module = "#{@@path}/#{name}.rb"
+    else
+      ctx.options.proxy_module = File.expand_path(name)
+    end
+
+    begin
+      require ctx.options.proxy_module
+
+      self.register_options(opts)
+    rescue LoadError
+      raise BetterCap::Error, "Invalid proxy module name '#{name}' ."
+    end
+  end
+
   # Return a list of registered modules.
   def self.modules
     @@modules

data/lib/bettercap/proxy/modules/injectcss.rb

@@ -0,0 +1,60 @@
+=begin
+
+BETTERCAP
+
+Author : Simone 'evilsocket' Margaritelli
+Email  : evilsocket@gmail.com
+Blog   : http://www.evilsocket.net/
+
+This project is released under the GPL 3 license.
+
+=end
+class Injectcss < BetterCap::Proxy::Module
+  @@cssdata = nil
+  @@cssurl  = nil
+
+  def self.on_options(opts)
+    opts.separator ""
+    opts.separator "Inject CSS Proxy Module Options:"
+    opts.separator ""
+
+    opts.on( '--css-data STRING', 'CSS code to be injected.' ) do |v|
+      @@cssdata = v
+      unless @@jsdata.include?("<style>")
+        @@cssdata = "<style>\n#{@@cssdata}\n</style>"
+      end
+    end
+
+    opts.on( '--css-file PATH', 'Path of the CSS file to be injected.' ) do |v|
+      filename = File.expand_path v
+      raise BetterCap::Error, "#{filename} invalid file." unless File.exists?(filename)
+      @@cssdata = File.read( filename )
+      unless @@cssdata.include?("<style>")
+        @@cssdata = "<style>\n#{@@cssdata}\n</style>"
+      end
+    end
+
+    opts.on( '--css-url URL', 'URL the CSS file to be injected.' ) do |v|
+      @@cssurl = v
+    end
+  end
+
+  def on_request( request, response )
+    # is it a html page?
+    if response.content_type =~ /^text\/html.*/
+      # check command line arguments.
+      if @@cssdata.nil? and @@cssurl.nil?
+        BetterCap::Logger.warn "No --css-file or --css-url options specified, this proxy module won't work."
+      else
+        BetterCap::Logger.info "Injecting CSS #{if @@cssdata.nil? then "URL" else "file" end} into http://#{request.host}#{request.url}"
+        # inject URL
+        if @@cssdata.nil?
+          response.body.sub!( '</head>', "  <link rel=\"stylesheet\" href=\"#{@cssurl}\"></script></head>" )
+        # inject data
+        else
+          response.body.sub!( '</head>', "#{@@cssdata}</head>" )
+        end
+      end
+    end
+  end
+end

data/lib/bettercap/proxy/modules/injectjs.rb

@@ -0,0 +1,60 @@
+=begin
+
+BETTERCAP
+
+Author : Simone 'evilsocket' Margaritelli
+Email  : evilsocket@gmail.com
+Blog   : http://www.evilsocket.net/
+
+This project is released under the GPL 3 license.
+
+=end
+class Injectjs < BetterCap::Proxy::Module
+  @@jsdata = nil
+  @@jsurl  = nil
+
+  def self.on_options(opts)
+    opts.separator ""
+    opts.separator "Inject JS Proxy Module Options:"
+    opts.separator ""
+
+    opts.on( '--js-data STRING', 'Javascript code to be injected.' ) do |v|
+      @@jsdata = v
+      unless @@jsdata.include?("<script")
+        @@jsdata = "<script type=\"text/javascript\">\n#{@@jsdata}\n</script>"
+      end
+    end
+
+    opts.on( '--js-file PATH', 'Path of the javascript file to be injected.' ) do |v|
+      filename = File.expand_path v
+      raise BetterCap::Error, "#{filename} invalid file." unless File.exists?(filename)
+      @@jsdata = File.read( filename )
+      unless @@jsdata.include?("<script")
+        @@jsdata = "<script type=\"text/javascript\">\n#{@@jsdata}\n</script>"
+      end
+    end
+
+    opts.on( '--js-url URL', 'URL the javascript file to be injected.' ) do |v|
+      @@jsurl = v
+    end
+  end
+
+  def on_request( request, response )
+    # is it a html page?
+    if response.content_type =~ /^text\/html.*/
+      # check command line arguments.
+      if @@jsdata.nil? and @@jsurl.nil?
+        BetterCap::Logger.warn "No --js-file or --js-url options specified, this proxy module won't work."
+      else
+        BetterCap::Logger.info "Injecting javascript #{if @@jsdata.nil? then "URL" else "file" end} into http://#{request.host}#{request.url}"
+        # inject URL
+        if @@jsdata.nil?
+          response.body.sub!( '</head>', "<script src=\"#{@@jsurl}\" type=\"text/javascript\"></script></head>" )
+        # inject data
+        else
+          response.body.sub!( '</head>', "#{@@jsdata}</head>" )
+        end
+      end
+    end
+  end
+end

data/lib/bettercap/proxy/proxy.rb

@@ -13,9 +13,6 @@ This project is released under the GPL 3 license.
 require 'socket'
 require 'uri'
 
-require 'bettercap/logger'
-require 'bettercap/network'
-
 module BetterCap
 module Proxy
 # Transparent proxy class.

data/lib/bettercap/sniffer/parsers/httpauth.rb

@@ -34,10 +34,10 @@ class Httpauth < Base
         decoded = Base64.decode64(encoded)
         user, pass = decoded.split(':')
 
-        StreamLogger.log_raw( pkt, '[HTTP BASIC AUTH]'.green + " http://#{hostname}#{path} - username=#{user} password=#{pass}".yellow )
+        StreamLogger.log_raw( pkt, 'HTTP BASIC AUTH', "http://#{hostname}#{path} - username=#{user} password=#{pass}".yellow )
 
       elsif line =~ /Authorization:\s*Digest\s+(.+)/i
-        StreamLogger.log_raw( pkt, '[HTTP DIGEST AUTH]'.green + " http://#{hostname}#{path}\n#{$1}".yellow )
+        StreamLogger.log_raw( pkt, 'HTTP DIGEST AUTH', "http://#{hostname}#{path}\n#{$1}".yellow )
       end
     end
   end

data/lib/bettercap/spoofers/arp.rb

@@ -10,11 +10,6 @@ This project is released under the GPL 3 license.
 
 =end
 require 'bettercap/spoofers/base'
-require 'bettercap/error'
-require 'bettercap/context'
-require 'bettercap/network'
-require 'bettercap/logger'
-require 'colorize'
 
 module BetterCap
 module Spoofers

data/lib/bettercap/spoofers/base.rb

@@ -90,7 +90,7 @@ private
   def update_gateway!
     hw = Network.get_hw_address( @ctx.ifconfig, @ctx.gateway )
     raise BetterCap::Error, "Couldn't determine router MAC" if hw.nil?
-    @gateway = Target.new( @ctx.gateway, hw )
+    @gateway = Network::Target.new( @ctx.gateway, hw )
 
     Logger.info "[#{'GATEWAY'.green}] #{@gateway.to_s(false)}"
   end

data/lib/bettercap/spoofers/icmp.rb

@@ -10,11 +10,6 @@ This project is released under the GPL 3 license.
 
 =end
 require 'bettercap/spoofers/base'
-require 'bettercap/error'
-require 'bettercap/context'
-require 'bettercap/network'
-require 'bettercap/logger'
-require 'colorize'
 require 'net/dns'
 require 'resolv'
 
@@ -123,7 +118,7 @@ class Icmp < Base
     else
       @ctx.firewall.enable_forwarding(true) unless @forwarding
     end
-    
+
     @ctx.firewall.enable_send_redirects(false)
 
     @spoof_thread = Thread.new { icmp_spoofer }

data/lib/bettercap/version.rb

@@ -11,7 +11,7 @@ This project is released under the GPL 3 license.
 =end
 module BetterCap
   # Current version of bettercap.
-  VERSION = '1.2.1'
+  VERSION = '1.2.2'
   # Program banner.
   BANNER = File.read( File.dirname(__FILE__) + '/banner' ).gsub( '#VERSION#', "v#{VERSION}")
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: bettercap
 version: !ruby/object:Gem::Version
-  version: 1.2.1
+  version: 1.2.2
 platform: ruby
 authors:
 - Simone Margaritelli
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-01-13 00:00:00.000000000 Z
+date: 2016-01-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: colorize
@@ -90,8 +90,6 @@ files:
 - CONTRIBUTING.md
 - LICENSE.md
 - README.md
-- TODO.md
-- lib/bettercap/arp_reader.rb
 - lib/bettercap/banner
 - lib/bettercap/context.rb
 - lib/bettercap/discovery/agents/arp.rb
@@ -108,15 +106,19 @@ files:
 - lib/bettercap/firewalls/osx.rb
 - lib/bettercap/firewalls/redirection.rb
 - lib/bettercap/httpd/server.rb
-- lib/bettercap/hw-prefixes
 - lib/bettercap/loader.rb
 - lib/bettercap/logger.rb
 - lib/bettercap/monkey/packetfu/utils.rb
-- lib/bettercap/network.rb
+- lib/bettercap/network/arp_reader.rb
+- lib/bettercap/network/hw-prefixes
+- lib/bettercap/network/network.rb
+- lib/bettercap/network/packet_queue.rb
+- lib/bettercap/network/target.rb
 - lib/bettercap/options.rb
-- lib/bettercap/packet_queue.rb
 - lib/bettercap/proxy/certstore.rb
 - lib/bettercap/proxy/module.rb
+- lib/bettercap/proxy/modules/injectcss.rb
+- lib/bettercap/proxy/modules/injectjs.rb
 - lib/bettercap/proxy/proxy.rb
 - lib/bettercap/proxy/request.rb
 - lib/bettercap/proxy/response.rb
@@ -139,7 +141,6 @@ files:
 - lib/bettercap/spoofers/base.rb
 - lib/bettercap/spoofers/icmp.rb
 - lib/bettercap/spoofers/none.rb
-- lib/bettercap/target.rb
 - lib/bettercap/update_checker.rb
 - lib/bettercap/version.rb
 - lib/bettercap.rb

data/TODO.md

@@ -1,30 +0,0 @@
-This is a list of TODOs I use to keep track of tasks and upcoming features.
-
----
-
-- [x] Implement `--ignore ADDR,ADDR,ADDR` option to filter out specific addresses from the targets list.
-- [x] HTTP 1.1 chunked response support.
-- [x] Ip address to hostname resolution.
-- [x] Wrap every class with `module BetterCap` and refactor old code.
-- [x] Use StreamLogger for both Proxy and Sniffer traffic.
-- [x] Implement `--custom-parser REGEX` option.
-- [x] Let `-T|--target` [support MAC addresses](https://github.com/evilsocket/bettercap/issues/82).
-- [x] Fix modules structure by folder.
-- [x] Document classes with RDoc.
-- [x] ICMP Redirect ( double direct )
-- [ ] Implement `--mkcert FILENAME` option to create custom HTTPS `crt` files.
-- [ ] Implement sslstrip+ support.
-- [ ] Rewrite proxy class using [em-proxy](https://github.com/igrigorik/em-proxy) library.
-- [ ] HTTP/2 Support.
-
-**Platform Specific**
-
-- [ ] *BSD Support.
-- [ ] Windows Support? ( OMG PLZ NO! )
-- [ ] GNU/Linux [Active packet filtering/injection/etc](https://github.com/evilsocket/bettercap/issues/75) ( maybe using [this](https://github.com/gdelugre/ruby-nfqueue) ).
-
-**Maybe**
-
-- [ ] Implement event-driven core plugin infrastructure ( for webui, etc ).
-- [ ] Implement web-ui core plugin.
-- [ ] IPV6 Support.