bettercap 1.2.3 → 1.2.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 5a754804a6aed2eab487b2fbe33417c222946953
-  data.tar.gz: 0ba2e64fc445000c10b7dd9d2d3ec94c47108dbe
+  metadata.gz: d277978f66ed5f5cd7f82b8fb071c5869c1f6c4b
+  data.tar.gz: ff6e06d690813d5898c0ba8f20564604b185ee96
 SHA512:
-  metadata.gz: 4bda0263ceae34eee565a7d5b46400f573b623a7a46f343dd9396a95078cdf2a4118fe2580f748d5c77a0174f589a5b505f466d125585824f5d54dd43457dbb3
-  data.tar.gz: 4fa729af4ff2b4a890ab87f53aed5559702e8d82efee9e55986467f28337f652234ca5322b69c20761758d6f6ec0916368f8ae922649100dda50c1d8695e268a
+  metadata.gz: 4ac7c66a0e57e773cfd69d448e3f558588f5816267b1d6fd2513a2b1696a124ad1d2886b880be4ef5116f0c042d9ef182c71f04e6d5081f20ec08df8b75892e6
+  data.tar.gz: b4580bc7a43f897d592ba531dedda3d71230f669d22737b81785a94cfb815eaebb568eb57aca89c66b09cde476165702f299cf53bba146e1e54cf6c79d79db2a

data/README.md

@@ -1,19 +1,68 @@
-![logo](http://www.bettercap.org/assets/img/homepage-logo.png)  
-http://www.bettercap.org/
-
-[![Gem Version](https://badge.fury.io/rb/bettercap.svg)](http://badge.fury.io/rb/bettercap) [![Code Climate](https://codeclimate.com/github/evilsocket/bettercap/badges/gpa.svg)](https://codeclimate.com/github/evilsocket/bettercap) [![Join the chat at https://gitter.im/evilsocket/bettercap](https://badges.gitter.im/evilsocket/bettercap.svg)](https://gitter.im/evilsocket/bettercap?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge)
----
-
 **bettercap** is a complete, modular, portable and easily extensible **MITM** tool and framework with every kind of diagnostic
 and offensive feature you could need in order to perform a man in the middle attack.
 
-Contact me at:
-
-- Twitter: [@evilsocket](https://twitter.com/evilsocket)
-- Email: evilsocket@gmail.com
-
 Before submitting issues, please read the relevant [section](http://www.bettercap.org/docs/contribute/) in the documentation.
 
+<table>
+    <tr>
+        <th>Version</th>
+        <td>
+          <a href="http://badge.fury.io/rb/bettercap" target="_blank">
+            <img src="https://badge.fury.io/rb/bettercap.svg"/>
+          </a>
+        </td>
+    </tr>
+    <tr>
+        <th>Homepage</th>
+        <td><a href="http://www.bettercap.org/">http://www.bettercap.org/</a></td>
+    </tr>
+    <tr>
+        <th>Blog</th>
+        <td><a href="http://www.bettercap.org/blog/">http://www.bettercap.org/blog/</a></td>
+    <tr>
+        <th>Github</th>
+        <td><a href="https://github.com/evilsocket/bettercap">http://github.com/evilsocket/bettercap</a></td>
+     <tr/>
+    <tr>
+        <th>Documentation</th>
+        <td><a href="http://www.bettercap.org/docs/">http://www.bettercap.org/docs/</a></td>
+    </tr>
+    <tr>
+        <th>Code Documentation</th>
+        <td>
+          <a href="http://www.rubydoc.info/github/evilsocket/bettercap">http://www.rubydoc.info/github/evilsocket/bettercap</a>
+          &nbsp;
+          <a href="https://codeclimate.com/github/evilsocket/bettercap" target="_blank">
+            <img src="https://codeclimate.com/github/evilsocket/bettercap/badges/gpa.svg"/>
+          </a>
+        </td>
+    </tr>
+    <tr>
+       <th>Author</th>
+       <td><a href="http://www.evilsocket.net/">Simone Margaritelli</a> (<a href="http://twitter.com/evilsocket">@evilsocket</a>)</td>
+    </tr>
+    <tr>
+        <th>Twitter</th>
+        <td><a href="http://twitter.com/bettercap">@bettercap</a></td>
+    </tr>
+    <tr>
+        <th>Chat</th>
+        <td>
+          <a href="https://gitter.im/evilsocket/bettercap" target="_blank">
+            <img src="https://badges.gitter.im/evilsocket/bettercap.svg"/>
+          </a>
+        </td>
+    </tr>
+    <tr>
+        <th>Copyright</th>
+        <td>2015-2016 Simone Margaritelli</td>
+    </tr>
+    <tr>
+        <th>License</th>
+        <td>GPL v3.0 - (see LICENSE file)</td>
+    </tr>
+</table>
+
 Installation
 ============
 

data/lib/bettercap/context.rb

@@ -118,7 +118,7 @@ class Context
   def enable_port_redirection!
     @redirections = @options.to_redirections @ifconfig
     @redirections.each do |r|
-      Logger.warn "Redirecting #{r.protocol} traffic from port #{r.src_port} to #{r.dst_address}:#{r.dst_port}"
+      Logger.debug "Redirecting #{r.protocol} traffic from port #{r.src_port} to #{r.dst_address}:#{r.dst_port}"
       @firewall.add_port_redirection( r )
     end
   end

data/lib/bettercap/discovery/thread.rb

@@ -40,25 +40,71 @@ class Thread
 
   private
 
+  # Return true if the +list+ of targets includes +target+.
+  def list_include_target?( list, target )
+    list.each do |t|
+      if t.equals?(target.ip, target.mac)
+        return true
+      end
+    end
+    false
+  end
+
+  # Print informations about new and lost targets.
+  def print_differences( prev )
+    diff = { :new => [], :lost => [] }
+
+    @ctx.targets.each do |target|
+      unless list_include_target?( prev, target )
+        diff[:new] << target
+      end
+    end
+
+    prev.each do |target|
+      unless list_include_target?( @ctx.targets, target )
+        diff[:lost] << target
+      end
+    end
+
+    unless diff[:new].empty? and diff[:lost].empty?
+      if diff[:new].empty?
+        snew = ""
+      else
+        snew = "Acquired #{diff[:new].size} new target#{if diff[:new].size > 1 then "s" else "" end}"
+      end
+
+      if diff[:lost].empty?
+        slost = ""
+      else
+        slost = "#{if snew == "" then 'L' else ', l' end}ost #{diff[:lost].size} target#{if diff[:lost].size > 1 then "s" else "" end}"
+      end
+
+      Logger.info "#{snew}#{slost} :"
+
+      msg = "\n"
+      diff[:new].each do |target|
+        msg += "  [#{'NEW'.green}] #{target.to_s(false)}\n"
+      end
+      diff[:lost].each do |target|
+        msg += "  [#{'LOST'.red}] #{target.to_s(false)}\n"
+      end
+      msg += "\n"
+      Logger.raw msg
+    end
+  end
+
   # This method implements the main discovery logic, it will be executed within
   # the spawned thread.
   def worker
     Logger.debug( 'Network discovery thread started.' ) unless @ctx.options.arpcache
 
+    prev = []
     while @running
-      was_empty = @ctx.targets.empty?
       @ctx.targets = Network.get_alive_targets(@ctx).sort_by { |t| t.sortable_ip }
 
-      if was_empty and not @ctx.targets.empty?
-        Logger.info "Collected #{@ctx.targets.size} total target#{if @ctx.targets.size > 1 then "s" else "" end}."
+      print_differences prev
 
-        msg = "\n"
-        @ctx.targets.each do |target|
-          msg += "  #{target}\n"
-        end
-        msg += "\n"
-        Logger.raw msg
-      end
+      prev = @ctx.targets
 
       sleep(5) if @ctx.options.arpcache
     end

data/lib/bettercap/options.rb

@@ -322,9 +322,6 @@ class Options
 
     Logger.init( ctx.options.debug, ctx.options.logfile, ctx.options.silent )
 
-    Logger.warn "You are running an unstable/beta version of this software, please" \
-                " update to a stable one if available." if BetterCap::VERSION =~ /[\d\.+]b/
-
     if ctx.options.check_updates
       UpdateChecker.check
       exit
@@ -333,6 +330,8 @@ class Options
     raise BetterCap::Error, 'This software must run as root.' unless Process.uid == 0
     raise BetterCap::Error, 'No default interface found, please specify one with the -I argument.' if ctx.options.iface.nil?
 
+    ctx.options.starting_message
+
     unless ctx.options.gateway.nil?
       raise BetterCap::Error, "The specified gateway '#{ctx.options.gateway}' is not a valid IPv4 address." unless Network.is_ip?(ctx.options.gateway)
       ctx.gateway = ctx.options.gateway
@@ -510,5 +509,30 @@ class Options
 
     redirections
   end
+
+  # Print the starting status message.
+  def starting_message
+    on = '✔'.green
+    off = '✘'.red
+    status = {
+      'spoofing'    => if has_spoofer? then on else off end,
+      'discovery'   => if !target.nil? or arpcache then off else on end,
+      'sniffer'     => if sniffer then on else off end,
+      'http-proxy'  => if proxy then on else off end,
+      'https-proxy' => if proxy_https then on else off end,
+      'http-server' => if httpd then on else off end,
+    }
+
+    msg = "Starting [ "
+    status.each do |k,v|
+      msg += "#{k}:#{v} "
+    end
+    msg += "] ...\n\n"
+
+    Logger.info msg
+
+    Logger.warn "You are running an unstable/beta version of this software, please" \
+                " update to a stable one if available." if BetterCap::VERSION =~ /[\d\.+]b/
+  end
 end
 end

data/lib/bettercap/proxy/module.rb

@@ -86,7 +86,7 @@ class Module
   # one of them for the given code block.
   def self.each_module
     Object.constants.each do |klass|
-      const = Kernel.const_get(klass)
+      const = Kernel.const_get(klass.to_s)
       if const.respond_to?(:superclass) and const.superclass == self
         yield const
       end

data/lib/bettercap/proxy/modules/injectcss.rb

@@ -11,7 +11,7 @@ This project is released under the GPL 3 license.
 =end
 
 # This proxy module will take care of CSS code injection.
-class Injectcss < BetterCap::Proxy::Module
+class InjectCSS < BetterCap::Proxy::Module
   # CSS data to be injected.
   @@cssdata = nil
   # CSS file URL to be injected.

data/lib/bettercap/proxy/modules/injecthtml.rb

@@ -0,0 +1,55 @@
+=begin
+
+BETTERCAP
+
+Author : Simone 'evilsocket' Margaritelli
+Email  : evilsocket@gmail.com
+Blog   : http://www.evilsocket.net/
+
+This project is released under the GPL 3 license.
+
+=end
+
+# This proxy module will take care of HTML code injection.
+class InjectHTML < BetterCap::Proxy::Module
+  # URL of the iframe if --html-iframe-url was specified.
+  @@iframe = nil
+  # HTML data to be injected.
+  @@data = nil
+
+  # Add custom command line arguments to the +opts+ OptionParser instance.
+  def self.on_options(opts)
+    opts.separator ""
+    opts.separator "Inject HTML Proxy Module Options:"
+    opts.separator ""
+
+    opts.on( '--html-data STRING', 'HTML code to be injected.' ) do |v|
+      @@data = v
+    end
+
+    opts.on( '--html-iframe-url URL', 'URL of the iframe that will be injected, if this option is specified an "iframe" tag will be injected.' ) do |v|
+      @@iframe = v
+    end
+  end
+
+  # Create an instance of this module and raise a BetterCap::Error if command
+  # line arguments weren't correctly specified.
+  def initialize
+    raise BetterCap::Error, "No --html-data or --html-iframe-url options specified for the proxy module." if @@data.nil? and @@iframe.nil?
+  end
+
+  # Called by the BetterCap::Proxy::Proxy processor on each HTTP +request+ and
+  # +response+.
+  def on_request( request, response )
+    # is it a html page?
+    if response.content_type =~ /^text\/html.*/
+      BetterCap::Logger.info "Injecting HTML code into http://#{request.host}#{request.url}"
+
+      if @@data.nil?
+        response.body.sub!( '</body>', "<iframe src=\"#{@@iframe}\" frameborder=\"0\" height=\"0\" width=\"0\"></iframe></body>" )
+      else
+        response.body.sub!( '</body>', "#{@@data}</body>" )
+      end
+    end
+  end
+end

data/lib/bettercap/proxy/modules/injectjs.rb

@@ -11,7 +11,7 @@ This project is released under the GPL 3 license.
 =end
 
 # This proxy module will take care of Javascript code injection.
-class Injectjs < BetterCap::Proxy::Module
+class InjectJS < BetterCap::Proxy::Module
   # JS data to be injected.
   @@jsdata = nil
   # JS file URL to be injected.

data/lib/bettercap/proxy/proxy.rb

@@ -122,7 +122,7 @@ class Proxy
 
       # someone is having fun with us =)
       if is_self_request? request
-        @streamer.rickroll client
+        @streamer.rickroll client, @is_https
       # handle request
       else
         @streamer.handle( request, client, @is_https )

data/lib/bettercap/proxy/streamer.rb

@@ -21,8 +21,10 @@ class Streamer
   end
 
   # Redirect the +client+ to a funny video.
-  def rickroll( client )
-    Logger.warn "#{client_ip} is connecting to us directly."
+  def rickroll( client, is_https )
+    client_ip, client_port = get_client_details( is_https, client )
+
+    Logger.warn "#{client_ip}:#{client_port} is connecting to us directly."
 
     client.write "HTTP/1.1 302 Found\n"
     client.write "Location: https://www.youtube.com/watch?v=dQw4w9WgXcQ\n\n"

data/lib/bettercap/sniffer/parsers/nntp.rb

@@ -0,0 +1,24 @@
+=begin
+
+BETTERCAP
+
+Author : Simone 'evilsocket' Margaritelli
+Email  : evilsocket@gmail.com
+Blog   : http://www.evilsocket.net/
+
+This project is released under the GPL 3 license.
+
+=end
+require 'bettercap/sniffer/parsers/base'
+
+module BetterCap
+module Parsers
+# NNTP authentication parser.
+class Nntp < Base
+  def initialize
+    @filters = [ /AUTHINFO\s+(USER|PASS)\s+.+/i ]
+    @name = 'NNTP'
+  end
+end
+end
+end

data/lib/bettercap/spoofers/base.rb

@@ -59,41 +59,8 @@ private
     end
   end
 
-  # Print informations about new and lost targets.
-  def print_differences( prev_targets )
-    size      = @ctx.targets.size
-    prev_size = prev_targets.size
-    diff      = nil
-    label     = nil
-
-    if size > prev_size
-      diff  = @ctx.targets - prev_targets
-      delta = diff.size
-      label = 'NEW'.green
-
-      Logger.warn "Acquired #{delta} new target#{if delta > 1 then "s" else "" end}."
-    elsif size < prev_size
-      diff  = prev_targets - @ctx.targets
-      delta = diff.size
-      label = 'LOST'.red
-
-      Logger.warn "Lost #{delta} target#{if delta > 1 then "s" else "" end}."
-    end
-
-    unless diff.nil?
-      msg = "\n"
-      diff.each do |target|
-        msg += "  [#{label}] #{target.to_s(false)}\n"
-      end
-      msg += "\n"
-      Logger.raw msg
-    end
-  end
-
   # Main spoof loop repeated each +delay+ seconds.
   def spoof_loop( delay )
-    prev_targets = @ctx.targets
-
     loop do
       unless @running
           Logger.debug 'Stopping spoofing thread ...'
@@ -101,8 +68,6 @@ private
           break
       end
 
-      print_differences prev_targets
-
       Logger.debug "Spoofing #{@ctx.targets.size} targets ..."
 
       update_targets!
@@ -111,8 +76,6 @@ private
         yield(target)
       end
 
-      prev_targets = @ctx.targets
-
       sleep(delay)
     end
   end

data/lib/bettercap/spoofers/none.rb

@@ -18,7 +18,7 @@ module Spoofers
 class None < Base
   # Initialize the non-spoofing class.
   def initialize
-    Logger.warn 'Spoofing disabled.'
+    Logger.debug 'Spoofing disabled.'
 
     @ctx     = Context.get
     @gateway = nil

data/lib/bettercap/version.rb

@@ -11,7 +11,7 @@ This project is released under the GPL 3 license.
 =end
 module BetterCap
   # Current version of bettercap.
-  VERSION = '1.2.3'
+  VERSION = '1.2.4'
   # Program banner.
   BANNER = File.read( File.dirname(__FILE__) + '/banner' ).gsub( '#VERSION#', "v#{VERSION}")
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: bettercap
 version: !ruby/object:Gem::Version
-  version: 1.2.3
+  version: 1.2.4
 platform: ruby
 authors:
 - Simone Margaritelli
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-01-20 00:00:00.000000000 Z
+date: 2016-01-21 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: colorize
@@ -118,6 +118,7 @@ files:
 - lib/bettercap/proxy/certstore.rb
 - lib/bettercap/proxy/module.rb
 - lib/bettercap/proxy/modules/injectcss.rb
+- lib/bettercap/proxy/modules/injecthtml.rb
 - lib/bettercap/proxy/modules/injectjs.rb
 - lib/bettercap/proxy/proxy.rb
 - lib/bettercap/proxy/request.rb
@@ -133,6 +134,7 @@ files:
 - lib/bettercap/sniffer/parsers/https.rb
 - lib/bettercap/sniffer/parsers/irc.rb
 - lib/bettercap/sniffer/parsers/mail.rb
+- lib/bettercap/sniffer/parsers/nntp.rb
 - lib/bettercap/sniffer/parsers/ntlmss.rb
 - lib/bettercap/sniffer/parsers/post.rb
 - lib/bettercap/sniffer/parsers/url.rb