RubyGems - bettercap - Versions diffs - 1.3.3 → 1.3.4 - Mend

bettercap 1.3.3 → 1.3.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (12) hide show

checksums.yaml +4 -4
data/bin/bettercap +1 -38
data/lib/bettercap.rb +2 -1
data/lib/bettercap/context.rb +93 -31
data/lib/bettercap/discovery/thread.rb +1 -1
data/lib/bettercap/network/servers/dnsd.rb +127 -0
data/lib/bettercap/{httpd/server.rb → network/servers/httpd.rb} +7 -3
data/lib/bettercap/options.rb +37 -23
data/lib/bettercap/proxy/proxy.rb +1 -1
data/lib/bettercap/proxy/response.rb +8 -1
data/lib/bettercap/version.rb +1 -1
metadata +25 -4

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 31a820a7730bbf4c4b05afeffaa33bbdddd5c4a3
-  data.tar.gz: 6983bea70e9ed11c583aa03ed1eddf4a746a8363
+  metadata.gz: 1b8517e99862edfe8f3472280ccfd8e340436054
+  data.tar.gz: dfeb4b57db59af6fb71cc2ed4f81ed0284bcf21f
 SHA512:
-  metadata.gz: 222922d21c654249874b8c3de9fdad45844dc3bd31766d71ac930bcef3ea2620d54502654f4439636c92cd79b6da745669172bf30cffc3825ee0c698c468ee68
-  data.tar.gz: b70724787a5dc6f6979f1dd00aa367b605c7b30bde931d79695187a0880ae686e669dd2cf11394e6f801d5052b50db1c665bba86c8231874173f9a49887cb642
+  metadata.gz: 6db3475b1b3311b317dafe674239a32bfe1ea03c89461c4b722775be121c0d3eb6ac132a641d5714b825261ee2bf1e796aa55f5819d990a1d38759035f92bbd7
+  data.tar.gz: a82cc75c27c49a844b19b57a849b2ea64c90d822fc63c6b1a9f3d5dfeb3325e9b588fa1e7c65db1f30587995f363ae6a778c223dbfd92809157d4c5fef14fac1

data/bin/bettercap CHANGED Viewed

@@ -26,44 +26,7 @@ begin
   # error checking.
   ctx = BetterCap::Options.parse!
-  # Start targets auto discovery if needed.
-  if ctx.options.target.nil?
-    BetterCap::Logger.info( "Targeting the whole subnet #{ctx.ifconfig[:ip4_obj].to_range} ..." ) unless ctx.options.has_spoofer?
-    ctx.discovery.start
-    # give some time to the discovery thread to spawn its workers,
-    # this will prevent 'Too many open files' errors to delay host
-    # discovery.
-    sleep 1.5
-  end
-  # Start network spoofers if any.
-  ctx.spoofer.each do |spoofer|
-    spoofer.start
-  end
-  # Start proxies and setup port redirection.
-  if ctx.options.proxy
-    if ctx.options.has_http_sniffer_enabled?
-      BetterCap::Logger.warn "WARNING: Both HTTP transparent proxy and URL parser are enabled, you're gonna see duplicated logs."
-    end
-    ctx.create_proxies
-  end
-  ctx.enable_port_redirection!
-  # Start local HTTP server.
-  if ctx.options.httpd
-    ctx.httpd = BetterCap::HTTPD::Server.new( ctx.options.httpd_port, ctx.options.httpd_path )
-    ctx.httpd.start
-  end
-  # Start network sniffer.
-  if ctx.options.sniffer
-    BetterCap::Sniffer.start ctx
-  elsif ctx.options.has_spoofer?
-    BetterCap::Logger.warn 'WARNING: Sniffer module was NOT enabled ( -X argument ), this '\
-                           'will cause the MITM to run but no data to be collected.' unless ctx.options.has_spoofer?
-  end
+  ctx.start!
   loop do
     sleep 10

data/lib/bettercap.rb CHANGED Viewed

@@ -60,4 +60,5 @@ require 'bettercap/proxy/proxy'
 require 'bettercap/proxy/streamer'
 require 'bettercap/proxy/module'
 require 'bettercap/proxy/certstore'
-require 'bettercap/httpd/server'
+require 'bettercap/network/servers/httpd'
+require 'bettercap/network/servers/dnsd'

data/lib/bettercap/context.rb CHANGED Viewed

@@ -31,8 +31,10 @@ class Context
   attr_accessor :discovery
   # A list of BetterCap::Spoofers class instances.
   attr_accessor :spoofer
-  # Instance of BetterCap::HTTPD::Server class.
+  # Instance of BetterCap::Network::Servers::HTTPD class.
   attr_accessor :httpd
+  # Instance of BetterCap::Network::Servers::DNSD class.
+  attr_accessor :dnsd
   # Instance of OpenSSL::X509::Certificate class used
   # for the HTTPS transparent proxy.
   attr_accessor :certificate
@@ -71,6 +73,7 @@ class Context
     @proxy_processor = nil
     @spoofer         = nil
     @httpd           = nil
+    @dnsd            = nil
     @certificate     = nil
     @proxies         = []
     @redirections    = []
@@ -115,6 +118,82 @@ class Context
     nil
   end
+  # Start everything!
+  def start!
+    # Start targets auto discovery if needed.
+    if @options.target.nil?
+      BetterCap::Logger.info( "Targeting the whole subnet #{@ifconfig[:ip4_obj].to_range} ..." ) unless @options.has_spoofer? or @options.arpcache
+      @discovery.start
+      # give some time to the discovery thread to spawn its workers,
+      # this will prevent 'Too many open files' errors to delay host
+      # discovery.
+      sleep 1.5
+    end
+    # Start network spoofers if any.
+    @spoofer.each do |spoofer|
+      spoofer.start
+    end
+    # Start proxies and setup port redirection.
+    if @options.proxy
+      if @options.has_http_sniffer_enabled?
+        BetterCap::Logger.warn "WARNING: Both HTTP transparent proxy and URL parser are enabled, you're gonna see duplicated logs."
+      end
+      create_proxies!
+    end
+    enable_port_redirection!
+    create_servers!
+    # Start network sniffer.
+    if @options.sniffer
+      Sniffer.start ctx
+    elsif @options.has_spoofer?
+      Logger.warn 'WARNING: Sniffer module was NOT enabled ( -X argument ), this '\
+                  'will cause the MITM to run but no data to be collected.' unless @options.has_spoofer?
+    end
+  end
+  # Stop every running daemon that was started and reset system state.
+  def finalize
+    @running = false
+    # Logger is silent if @running == false
+    puts "\nShutting down, hang on ...\n"
+    Logger.debug 'Stopping target discovery manager ...'
+    @discovery.stop
+    Logger.debug 'Stopping spoofers ...'
+    @spoofer.each do |spoofer|
+      spoofer.stop
+    end
+    # Spoofer might be sending some last packets to restore the targets,
+    # the packet queue must be stopped here.
+    @packets.stop
+    Logger.debug 'Stopping proxies ...'
+    @proxies.each do |proxy|
+      proxy.stop
+    end
+    Logger.debug 'Disabling port redirections ...'
+    @redirections.each do |r|
+      @firewall.del_port_redirection( r )
+    end
+    Logger.debug 'Restoring firewall state ...'
+    @firewall.restore
+    @dnsd.stop unless @dnsd.nil?
+    @httpd.stop unless @httpd.nil?
+  end
+  private
   # Apply needed BetterCap::Firewalls::Redirection objects.
   def enable_port_redirection!
     @redirections = @options.to_redirections @ifconfig
@@ -126,7 +205,7 @@ class Context
   # Initialize the needed transparent proxies and the processor routined which
   # is needed in order to run proxy modules.
-  def create_proxies
+  def create_proxies!
     if @options.has_proxy_module?
       Proxy::Module.register_modules
@@ -181,39 +260,22 @@ class Context
     end
   end
-  # Stop every running daemon that was started and reset system state.
-  def finalize
-    @running = false
-    # Logger is silent if @running == false
-    puts "\nShutting down, hang on ...\n"
-    Logger.debug 'Stopping target discovery manager ...'
-    @discovery.stop
+  # Initialize and start the needed servers.
+  def create_servers!
+    # Start local DNS server.
+    if @options.dnsd
+      Logger.warn "Starting DNS server with spoofing disabled, bettercap will only reply to local DNS queries." unless @options.has_spoofer?
-    Logger.debug 'Stopping spoofers ...'
-    @spoofer.each do |spoofer|
-      spoofer.stop
+      @dnsd = Network::Servers::DNSD.new( @options.dnsd_file, @ifconfig[:ip_saddr], @options.dnsd_port )
+      @dnsd.start
     end
-    # Spoofer might be sending some last packets to restore the targets,
-    # the packet queue must be stopped here.
-    @packets.stop
-    Logger.debug 'Stopping proxies ...'
-    @proxies.each do |proxy|
-      proxy.stop
+    # Start local HTTP server.
+    if @options.httpd
+      @httpd = Network::Servers::HTTPD.new( @options.httpd_port, @options.httpd_path )
+      @httpd.start
     end
-    Logger.debug 'Disabling port redirections ...'
-    @redirections.each do |r|
-      @firewall.del_port_redirection( r )
-    end
-    Logger.debug 'Restoring firewall state ...'
-    @firewall.restore
-    @httpd.stop unless @httpd.nil?
   end
 end
 end

data/lib/bettercap/discovery/thread.rb CHANGED Viewed

@@ -103,7 +103,7 @@ class Thread
     while @running
       @ctx.targets = Network.get_alive_targets(@ctx).sort_by { |t| t.sortable_ip }
-      print_differences prev
+      print_differences( prev ) unless @ctx.options.arpcache
       prev = @ctx.targets

data/lib/bettercap/network/servers/dnsd.rb ADDED Viewed

@@ -0,0 +1,127 @@
+# encoding: UTF-8
+=begin
+BETTERCAP
+Author : Simone 'evilsocket' Margaritelli
+Email  : evilsocket@gmail.com
+Blog   : http://www.evilsocket.net/
+This project is released under the GPL 3 license.
+=end
+require 'rubydns'
+module BetterCap
+module Network
+module Servers
+# Class to wrap RubyDNS::RuleBasedServer and add some utility methods.
+class DnsWrapper < RubyDNS::RuleBasedServer
+  # Instantiate a server with a block.
+  def initialize(options = {}, &block)
+    super(options,&block)
+    @rules = options[:rules]
+  end
+  # Give a name and a record type, try to match a rule and use it for processing the given arguments.
+  def process(name, resource_class, transaction)
+    Logger.debug "[#{'DNS'.green}] Received #{resource_class.name} request for #{name} ..."
+    super
+  end
+end
+# Simple DNS server class used for DNS spoofing.
+class DNSD
+  # Initialize the DNS server with the specified +address+ and tcp/udp +port+.
+  # The server will load +hosts_filename+ composed by 'regexp -> ip' entries
+  # to do custom DNS spoofing/resolution.
+  def initialize( hosts_filename, address = '0.0.0.0', port = 5300 )
+    @port    = port
+    @address = address
+    @server  = nil
+    @rules   = []
+    @thread  = nil
+    @ifaces  = [
+      [:udp, address, port],
+      [:tcp, address, port]
+    ]
+    DNSD.parse_hosts( hosts_filename ).each do |exp,addr|
+      block = Proc.new do |transaction|
+        Logger.info "[#{transaction.options[:peer]} > #{'DNS'.green}] Received request for '#{transaction.question.to_s.yellow}', sending spoofed reply #{addr.yellow} ..."
+        transaction.respond!(addr)
+      end
+      @rules << RubyDNS::RuleBasedServer::Rule.new( [ exp, Resolv::DNS::Resource::IN::A ], block )
+    end
+    Logger.warn "Empty hosts file for DNS server." if @rules.empty?
+  end
+  # Start the server.
+  def start
+    Logger.info "[#{'DNS'.green}] Starting on #{@address}:#{@port} ( #{@rules.size} redirection rule#{if @rules.size > 1 then 's' else '' end} ) ..."
+    @thread = Thread.new {
+      RubyDNS::run_server(:listen => @ifaces, :asynchronous => true, :server_class => DnsWrapper, :rules => @rules ) do
+        # Suppress RubyDNS logging.
+        @logger.level = ::Logger::ERROR
+        @upstream ||= RubyDNS::Resolver.new([[:udp, "8.8.8.8", 53], [:tcp, "8.8.8.8", 53]])
+        # Default DNS handler
+        otherwise do |transaction|
+          Logger.debug "[#{transaction.options[:peer]} > #{'DNS'.green}] Received request for '#{transaction.question.to_s.yellow}' -> upstream DNS"
+          transaction.passthrough!(@upstream)
+        end
+      end
+    }
+  end
+  # Stop the server.
+  def stop
+    Logger.info "Stopping DNS server ..."
+    begin
+      @thread.kill
+    rescue; end
+  end
+  # Parse hosts from +filename+, example host file:
+  #
+  # # *.google.com will point to the attacker's computer.
+  # local .*google\.com
+  #
+  # # a custom redirection
+  # 12.12.12.12 wtf.idontexist.com
+  def self.parse_hosts( filename )
+    raise BetterCap::Error, "File '#{filename}' does not exist." unless File.exist?(filename)
+    hosts = {}
+    File.open(filename).each_with_index do |line,lineno|
+      line = line.strip
+      # skip empty lines and comments
+      next if line.empty? or line[0] == '#'
+      if line =~ /^([^\s]+)\s+(.+)$/
+        address    = $1
+        expression = $2
+        if address == 'local'
+          address = Context.get.ifconfig[:ip_saddr].to_s
+        end
+        raise BetterCap::Error, "Invalid IPv4 address '#{address}' on line #{lineno + 1} of '#{filename}'." unless Network.is_ip?(address)
+        begin
+          hosts[ Regexp.new(expression) ] = address
+        rescue RegexpError
+          raise BetterCap::Error, "Invalid expression '#{expression}' on line #{lineno + 1} of '#{filename}'."
+        end
+      end
+    end
+    hosts
+  end
+end
+end
+end
+end

data/lib/bettercap/{httpd/server.rb → network/servers/httpd.rb} RENAMED Viewed

@@ -15,9 +15,11 @@ require 'webrick'
 require 'bettercap/logger'
 module BetterCap
-module HTTPD
+module Network
+module Servers
 # Simple HTTP server class used to serve static assets when needed.
-class Server
+class HTTPD
   # Initialize the HTTP server with the specified tcp +port+ using
   # +path+ as the document root.
   def initialize( port = 8081, path = './' )
@@ -33,7 +35,7 @@ class Server
   # Start the server.
   def start
-    Logger.info "Starting HTTPD on port #{@port} and path #{@path} ..."
+    Logger.info "[#{'HTTPD'.green}] Starting on port #{@port} and path #{@path} ..."
     @thread = Thread.new {
       @server.start
     }
@@ -47,5 +49,7 @@ class Server
     @thread.join
   end
 end
+end
 end
 end

data/lib/bettercap/options.rb CHANGED Viewed

@@ -79,12 +79,18 @@ class Options
   attr_accessor :custom_https_proxy
   # Custom HTTPS transparent proxy port.
   attr_accessor :custom_https_proxy_port
-  # If true, BetterCap::HTTPD::Server will be enabled.
+  # If true, BetterCap::Network::Servers::HTTPD will be enabled.
   attr_accessor :httpd
-  # The port to bind BetterCap::HTTPD::Server to.
+  # The port to bind HTTP server to.
   attr_accessor :httpd_port
-  # Web root of the BetterCap::HTTPD::Server.
+  # Web root of the HTTP server.
   attr_accessor :httpd_path
+  # If true, BetterCap::Network::Servers::DNSD will be enabled.
+  attr_accessor :dnsd
+  # The port to bind DNS server to.
+  attr_accessor :dnsd_port
+  # The host resolution file to use with the DNS server.
+  attr_accessor :dnsd_file
   # If true, bettercap will check for updates then exit.
   attr_accessor :check_updates
   # If true, targets NBNS hostname resolution won't be performed.
@@ -114,6 +120,10 @@ class Options
     @https_ports = [ 443 ]
     @ignore = nil
+    @dnsd = false
+    @dnsd_port = 5300
+    @dnsd_file = nil
     @sniffer = false
     @sniffer_pcap = nil
     @sniffer_filter = nil
@@ -311,6 +321,15 @@ class Options
         ctx.options.httpd_port = v.to_i
       end
+      opts.on( '--dns FILE', 'Enable DNS server and use this file as a hosts resolution table.' ) do |v|
+        ctx.options.dnsd      = true
+        ctx.options.dnsd_file = File.expand_path v
+      end
+      opts.on( '--dns-port PORT', 'Set DNS server port, default to ' + ctx.options.dnsd_port.to_s +  '.' ) do |v|
+        ctx.options.dnsd_port = v.to_i
+      end
       opts.on( '--httpd-path PATH', 'Set HTTP server path, default to ' + ctx.options.httpd_path +  '.' ) do |v|
         ctx.options.httpd = true
         ctx.options.httpd_path = v
@@ -478,48 +497,42 @@ class Options
     spoofers
   end
+  # Helper method to create a Firewalls::Redirection object.
+  def redir( address, port, to, proto = 'TCP' )
+    Firewalls::Redirection.new( @iface, proto, port, address, to )
+  end
   # Create a list of BetterCap::Firewalls::Redirection objects which are needed
   # given the specified command line arguments.
   def to_redirections ifconfig
     redirections = []
+    if @dnsd
+      redirections << redir( ifconfig[:ip_saddr], 53, @dnsd_port )
+      redirections << redir( ifconfig[:ip_saddr], 53, @dnsd_port, 'UDP' )
+    end
     if @proxy
       @http_ports.each do |port|
-        redirections << Firewalls::Redirection.new( @iface,
-                                         'TCP',
-                                         port,
-                                         ifconfig[:ip_saddr],
-                                         @proxy_port )
+        redirections << redir( ifconfig[:ip_saddr], port, @proxy_port )
       end
     end
     if @proxy_https
       @https_ports.each do |port|
-        redirections << Firewalls::Redirection.new( @iface,
-                                         'TCP',
-                                         port,
-                                         ifconfig[:ip_saddr],
-                                         @proxy_https_port )
+        redirections << redir( ifconfig[:ip_saddr], port, @proxy_https_port )
       end
     end
     if @custom_proxy
       @http_ports.each do |port|
-        redirections << Firewalls::Redirection.new( @iface,
-                                         'TCP',
-                                         port,
-                                         @custom_proxy,
-                                         @custom_proxy_port )
+        redirections << redir( @custom_proxy, port, @custom_proxy_port )
       end
     end
     if @custom_https_proxy
       @https_ports.each do |port|
-        redirections << Firewalls::Redirection.new( @iface,
-                                         'TCP',
-                                         port,
-                                         @custom_https_proxy,
-                                         @custom_https_proxy_port )
+        redirections << redir( @custom_https_proxy, port, @custom_https_proxy_port )
       end
     end
@@ -538,6 +551,7 @@ class Options
       'https-proxy' => if proxy_https then on else off end,
       'sslstrip'    => if proxy and sslstrip then on else off end,
       'http-server' => if httpd then on else off end,
+      'dns-server'  => if dnsd then on else off end
     }
     msg = "Starting [ "

data/lib/bettercap/proxy/proxy.rb CHANGED Viewed

@@ -91,7 +91,7 @@ class Proxy
   # Main server thread, will accept incoming connections and push them to
   # the thread pool.
   def server_thread
-    Logger.info "#{@type} Proxy started on #{@address}:#{@port} ...\n"
+    Logger.info "[#{@type.green}] Proxy starting on #{@address}:#{@port} ...\n"
     @running = true

data/lib/bettercap/proxy/response.rb CHANGED Viewed

@@ -124,14 +124,21 @@ class Response
     ""
   end
-  # If the header with +name+ is found, then a +value+ is assigned to it.
+  # If the header with +name+ is found, then a +value+ is assigned to it,
+  # otherwise it's created.
   def []=(name, value)
+    found = false
     @headers.each_with_index do |header,i|
       if header =~ /^#{name}:\s*.+$/i
         @headers[i] = "#{name}: #{value}"
+        found = true
         break
       end
     end
+    unless found
+      @headers << "#{name}: #{value}"
+    end
   end
   # Return a string representation of this response object, patching the

data/lib/bettercap/version.rb CHANGED Viewed

@@ -12,7 +12,7 @@ This project is released under the GPL 3 license.
 =end
 module BetterCap
   # Current version of bettercap.
-  VERSION = '1.3.3'
+  VERSION = '1.3.4'
   # Program banner.
   BANNER = File.read( File.dirname(__FILE__) + '/banner' ).gsub( '#VERSION#', "v#{VERSION}")
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: bettercap
 version: !ruby/object:Gem::Version
-  version: 1.3.3
+  version: 1.3.4
 platform: ruby
 authors:
 - Simone Margaritelli
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2016-01-30 00:00:00.000000000 Z
+date: 2016-01-31 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: colorize
@@ -86,8 +86,28 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: 0.8.0
+- !ruby/object:Gem::Dependency
+  name: rubydns
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.0.3
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.0.3
 description: BetterCap is the state of the art, modular, portable and easily extensible
-  MITM framework featuring ARP and ICMP spoofing, sslstripping, credentials harvesting
+  MITM framework featuring ARP, DNS and ICMP spoofing, sslstripping, credentials harvesting
   and more.
 email: evilsocket@gmail.com
 executables:
@@ -115,7 +135,6 @@ files:
 - lib/bettercap/firewalls/linux.rb
 - lib/bettercap/firewalls/osx.rb
 - lib/bettercap/firewalls/redirection.rb
-- lib/bettercap/httpd/server.rb
 - lib/bettercap/loader.rb
 - lib/bettercap/logger.rb
 - lib/bettercap/monkey/packetfu/utils.rb
@@ -123,6 +142,8 @@ files:
 - lib/bettercap/network/hw-prefixes
 - lib/bettercap/network/network.rb
 - lib/bettercap/network/packet_queue.rb
+- lib/bettercap/network/servers/dnsd.rb
+- lib/bettercap/network/servers/httpd.rb
 - lib/bettercap/network/target.rb
 - lib/bettercap/options.rb
 - lib/bettercap/proxy/certstore.rb