RubyGems - bettercap - Versions diffs - 1.3.3 → 1.3.4 - Mend

bettercap 1.3.3 → 1.3.4

Files changed (12) hide show

checksums.yaml +4 -4
data/bin/bettercap +1 -38
data/lib/bettercap.rb +2 -1
data/lib/bettercap/context.rb +93 -31
data/lib/bettercap/discovery/thread.rb +1 -1
data/lib/bettercap/network/servers/dnsd.rb +127 -0
data/lib/bettercap/{httpd/server.rb → network/servers/httpd.rb} +7 -3
data/lib/bettercap/options.rb +37 -23
data/lib/bettercap/proxy/proxy.rb +1 -1
data/lib/bettercap/proxy/response.rb +8 -1
data/lib/bettercap/version.rb +1 -1
metadata +25 -4

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 31a820a7730bbf4c4b05afeffaa33bbdddd5c4a3
-  data.tar.gz: 6983bea70e9ed11c583aa03ed1eddf4a746a8363
+  metadata.gz: 1b8517e99862edfe8f3472280ccfd8e340436054
+  data.tar.gz: dfeb4b57db59af6fb71cc2ed4f81ed0284bcf21f
 SHA512:
-  metadata.gz: 222922d21c654249874b8c3de9fdad45844dc3bd31766d71ac930bcef3ea2620d54502654f4439636c92cd79b6da745669172bf30cffc3825ee0c698c468ee68
-  data.tar.gz: b70724787a5dc6f6979f1dd00aa367b605c7b30bde931d79695187a0880ae686e669dd2cf11394e6f801d5052b50db1c665bba86c8231874173f9a49887cb642
+  metadata.gz: 6db3475b1b3311b317dafe674239a32bfe1ea03c89461c4b722775be121c0d3eb6ac132a641d5714b825261ee2bf1e796aa55f5819d990a1d38759035f92bbd7
+  data.tar.gz: a82cc75c27c49a844b19b57a849b2ea64c90d822fc63c6b1a9f3d5dfeb3325e9b588fa1e7c65db1f30587995f363ae6a778c223dbfd92809157d4c5fef14fac1

data/bin/bettercap CHANGED Viewed

@@ -26,44 +26,7 @@ begin
   # error checking.
   ctx = BetterCap::Options.parse!
-  # Start targets auto discovery if needed.
-  if ctx.options.target.nil?
-    BetterCap::Logger.info( "Targeting the whole subnet #{ctx.ifconfig[:ip4_obj].to_range} ..." ) unless ctx.options.has_spoofer?
-    ctx.discovery.start
-    # give some time to the discovery thread to spawn its workers,
-    # this will prevent 'Too many open files' errors to delay host
-    # discovery.
-    sleep 1.5
-  end
-  # Start network spoofers if any.
-  ctx.spoofer.each do |spoofer|
-    spoofer.start
-  end
-  # Start proxies and setup port redirection.
-  if ctx.options.proxy
-    if ctx.options.has_http_sniffer_enabled?
-      BetterCap::Logger.warn "WARNING: Both HTTP transparent proxy and URL parser are enabled, you're gonna see duplicated logs."
-    end
-    ctx.create_proxies
-  end
-  ctx.enable_port_redirection!
-  # Start local HTTP server.
-  if ctx.options.httpd
-    ctx.httpd = BetterCap::HTTPD::Server.new( ctx.options.httpd_port, ctx.options.httpd_path )
-    ctx.httpd.start
-  end
-  # Start network sniffer.
-  if ctx.options.sniffer
-    BetterCap::Sniffer.start ctx
-  elsif ctx.options.has_spoofer?
-    BetterCap::Logger.warn 'WARNING: Sniffer module was NOT enabled ( -X argument ), this '\
-                           'will cause the MITM to run but no data to be collected.' unless ctx.options.has_spoofer?
-  end
+  ctx.start!
   loop do
     sleep 10

data/lib/bettercap.rb CHANGED Viewed

@@ -60,4 +60,5 @@ require 'bettercap/proxy/proxy'
 require 'bettercap/proxy/streamer'
 require 'bettercap/proxy/module'
 require 'bettercap/proxy/certstore'
-require 'bettercap/httpd/server'
+require 'bettercap/network/servers/httpd'
+require 'bettercap/network/servers/dnsd'

data/lib/bettercap/context.rb CHANGED Viewed

@@ -31,8 +31,10 @@ class Context
   attr_accessor :discovery
   # A list of BetterCap::Spoofers class instances.
   attr_accessor :spoofer
-  # Instance of BetterCap::HTTPD::Server class.
+  # Instance of BetterCap::Network::Servers::HTTPD class.
   attr_accessor :httpd
+  # Instance of BetterCap::Network::Servers::DNSD class.
+  attr_accessor :dnsd
   # Instance of OpenSSL::X509::Certificate class used
   # for the HTTPS transparent proxy.
   attr_accessor :certificate
@@ -71,6 +73,7 @@ class Context
     @proxy_processor = nil
     @spoofer         = nil
     @httpd           = nil
+    @dnsd            = nil
     @certificate     = nil
     @proxies         = []
     @redirections    = []
@@ -115,6 +118,82 @@ class Context
     nil
   end
+  # Start everything!
+  def start!
+    # Start targets auto discovery if needed.
+    if @options.target.nil?
+      BetterCap::Logger.info( "Targeting the whole subnet #{@ifconfig[:ip4_obj].to_range} ..." ) unless @options.has_spoofer? or @options.arpcache
+      @discovery.start
+      # give some time to the discovery thread to spawn its workers,
+      # this will prevent 'Too many open files' errors to delay host
+      # discovery.
+      sleep 1.5
+    end
+    # Start network spoofers if any.
+    @spoofer.each do |spoofer|
+      spoofer.start
+    end
+    # Start proxies and setup port redirection.
+    if @options.proxy
+      if @options.has_http_sniffer_enabled?
+        BetterCap::Logger.warn "WARNING: Both HTTP transparent proxy and URL parser are enabled, you're gonna see duplicated logs."
+      end
+      create_proxies!
+    end
+    enable_port_redirection!
+    create_servers!
+    # Start network sniffer.
+    if @options.sniffer
+      Sniffer.start ctx
+    elsif @options.has_spoofer?
+      Logger.warn 'WARNING: Sniffer module was NOT enabled ( -X argument ), this '\
+                  'will cause the MITM to run but no data to be collected.' unless @options.has_spoofer?
+    end
+  end
+  # Stop every running daemon that was started and reset system state.
+  def finalize
+    @running = false
+    # Logger is silent if @running == false
+    puts "\nShutting down, hang on ...\n"
+    Logger.debug 'Stopping target discovery manager ...'
+    @discovery.stop
+    Logger.debug 'Stopping spoofers ...'
+    @spoofer.each do |spoofer|
+      spoofer.stop
+    end
+    # Spoofer might be sending some last packets to restore the targets,
+    # the packet queue must be stopped here.
+    @packets.stop
+    Logger.debug 'Stopping proxies ...'
+    @proxies.each do |proxy|
+      proxy.stop
+    end
+    Logger.debug 'Disabling port redirections ...'
+    @redirections.each do |r|
+      @firewall.del_port_redirection( r )
+    end
+    Logger.debug 'Restoring firewall state ...'
+    @firewall.restore
+    @dnsd.stop unless @dnsd.nil?
+    @httpd.stop unless @httpd.nil?
+  end
+  private
   # Apply needed BetterCap::Firewalls::Redirection objects.
   def enable_port_redirection!
     @redirections = @options.to_redirections @ifconfig
@@ -126,7 +205,7 @@ class Context
   # Initialize the needed transparent proxies and the processor routined which
   # is needed in order to run proxy modules.
-  def create_proxies
+  def create_proxies!
     if @options.has_proxy_module?
       Proxy::Module.register_modules
@@ -181,39 +260,22 @@ class Context
     end
   end
-  # Stop every running daemon that was started and reset system state.
-  def finalize
-    @running = false
-    # Logger is silent if @running == false
-    puts "\nShutting down, hang on ...\n"
-    Logger.debug 'Stopping target discovery manager ...'
-    @discovery.stop
+  # Initialize and start the needed servers.
+  def create_servers!
+    # Start local DNS server.
+    if @options.dnsd
+      Logger.warn "Starting DNS server with spoofing disabled, bettercap will only reply to local DNS queries." unless @options.has_spoofer?
-    Logger.debug 'Stopping spoofers ...'
-    @spoofer.each do |spoofer|
-      spoofer.stop
+      @dnsd = Network::Servers::DNSD.new( @options.dnsd_file, @ifconfig[:ip_saddr], @options.dnsd_port )
+      @dnsd.start
     end
-    # Spoofer might be sending some last packets to restore the targets,
-    # the packet queue must be stopped here.
-    @packets.stop
-    Logger.debug 'Stopping proxies ...'
-    @proxies.each do |proxy|
-      proxy.stop
+    # Start local HTTP server.
+    if @options.httpd
+      @httpd = Network::Servers::HTTPD.new( @options.httpd_port, @options.httpd_path )
+      @httpd.start
     end
-    Logger.debug 'Disabling port redirections ...'
-    @redirections.each do |r|
-      @firewall.del_port_redirection( r )
-    end
-    Logger.debug 'Restoring firewall state ...'
-    @firewall.restore
-    @httpd.stop unless @httpd.nil?
   end
 end
 end

data/lib/bettercap/discovery/thread.rb CHANGED Viewed

@@ -103,7 +103,7 @@ class Thread
     while @running
       @ctx.targets = Network.get_alive_targets(@ctx).sort_by { |t| t.sortable_ip }
-      print_differences prev
+      print_differences( prev ) unless @ctx.options.arpcache
       prev = @ctx.targets

data/lib/bettercap/network/servers/dnsd.rb ADDED Viewed

@@ -0,0 +1,127 @@
+# encoding: UTF-8
+=begin
+BETTERCAP
+Author : Simone 'evilsocket' Margaritelli
+Email  : evilsocket@gmail.com
+Blog   : http://www.evilsocket.net/
+This project is released under the GPL 3 license.
+=end
+require 'rubydns'
+module BetterCap
+module Network
+module Servers
+# Class to wrap RubyDNS::RuleBasedServer and add some utility methods.
+class DnsWrapper < RubyDNS::RuleBasedServer
+  # Instantiate a server with a block.
+  def initialize(options = {}, &block)
+    super(options,&block)
+    @rules = options[:rules]
+  end
+  # Give a name and a record type, try to match a rule and use it for processing the given arguments.
+  def process(name, resource_class, transaction)
+    Logger.debug "[#{'DNS'.green}] Received #{resource_class.name} request for #{name} ..."
+    super
+  end
+end
+# Simple DNS server class used for DNS spoofing.
+class DNSD
+  # Initialize the DNS server with the specified +address+ and tcp/udp +port+.
+  # The server will load +hosts_filename+ composed by 'regexp -> ip' entries
+  # to do custom DNS spoofing/resolution.
+  def initialize( hosts_filename, address = '0.0.0.0', port = 5300 )
+    @port    = port
+    @address = address
+    @server  = nil
+    @rules   = []
+    @thread  = nil
+    @ifaces  = [
+      [:udp, address, port],
+      [:tcp, address, port]
+    ]
+    DNSD.parse_hosts( hosts_filename ).each do |exp,addr|
+      block = Proc.new do |transaction|
+        Logger.info "[#{transaction.options[:peer]} > #{'DNS'.green}] Received request for '#{transaction.question.to_s.yellow}', sending spoofed reply #{addr.yellow} ..."
+        transaction.respond!(addr)
+      end
+      @rules << RubyDNS::RuleBasedServer::Rule.new( [ exp, Resolv::DNS::Resource::IN::A ], block )
+    end
+    Logger.warn "Empty hosts file for DNS server." if @rules.empty?
+  end
+  # Start the server.
+  def start
+    Logger.info "[#{'DNS'.green}] Starting on #{@address}:#{@port} ( #{@rules.size} redirection rule#{if @rules.size > 1 then 's' else '' end} ) ..."
+    @thread = Thread.new {
+      RubyDNS::run_server(:listen => @ifaces, :asynchronous => true, :server_class => DnsWrapper, :rules => @rules ) do
+        # Suppress RubyDNS logging.
+        @logger.level = ::Logger::ERROR
+        @upstream ||= RubyDNS::Resolver.new([[:udp, "8.8.8.8", 53], [:tcp, "8.8.8.8", 53]])
+        # Default DNS handler
+        otherwise do |transaction|
+          Logger.debug "[#{transaction.options[:peer]} > #{'DNS'.green}] Received request for '#{transaction.question.to_s.yellow}' -> upstream DNS"
+          transaction.passthrough!(@upstream)
+        end
+      end
+    }
+  end
+  # Stop the server.
+  def stop
+    Logger.info "Stopping DNS server ..."
+    begin
+      @thread.kill
+    rescue; end
+  end
+  # Parse hosts from +filename+, example host file:
+  #
+  # # *.google.com will point to the attacker's computer.
+  # local .*google\.com
+  #
+  # # a custom redirection
+  # 12.12.12.12 wtf.idontexist.com
+  def self.parse_hosts( filename )
+    raise BetterCap::Error, "File '#{filename}' does not exist." unless File.exist?(filename)
+    hosts = {}
+    File.open(filename).each_with_index do |line,lineno|
+      line = line.strip
+      # skip empty lines and comments
+      next if line.empty? or line[0] == '#'
+      if line =~ /^([^\s]+)\s+(.+)$/
+        address    = $1
+        expression = $2
+        if address == 'local'
+          address = Context.get.ifconfig[:ip_saddr].to_s
+        end
+        raise BetterCap::Error, "Invalid IPv4 address '#{address}' on line #{lineno + 1} of '#{filename}'." unless Network.is_ip?(address)
+        begin
+          hosts[ Regexp.new(expression) ] = address
+        rescue RegexpError
+          raise BetterCap::Error, "Invalid expression '#{expression}' on line #{lineno + 1} of '#{filename}'."
+        end
+      end
+    end
+    hosts
+  end
+end
+end
+end
+end

data/lib/bettercap/{httpd/server.rb → network/servers/httpd.rb} RENAMED Viewed

@@ -15,9 +15,11 @@ require 'webrick'
 require 'bettercap/logger'
 module BetterCap
-module HTTPD
+module Network
+module Servers
 # Simple HTTP server class used to serve static assets when needed.
-class Server
+class HTTPD
   # Initialize the HTTP server with the specified tcp +port+ using
   # +path+ as the document root.
   def initialize( port = 8081, path = './' )
@@ -33,7 +35,7 @@ class Server
   # Start the server.
   def start
-    Logger.info "Starting HTTPD on port #{@port} and path #{@path} ..."
+    Logger.info "[#{'HTTPD'.green}] Starting on port #{@port} and path #{@path} ..."
     @thread = Thread.new {
       @server.start
     }
@@ -47,5 +49,7 @@ class Server
     @thread.join
   end
 end
+end
 end
 end

data/lib/bettercap/options.rb CHANGED Viewed

@@ -79,12 +79,18 @@ class Options
   attr_accessor :custom_https_proxy
   # Custom HTTPS transparent proxy port.
   attr_accessor :custom_https_proxy_port
-  # If true, BetterCap::HTTPD::Server will be enabled.
+  # If true, BetterCap::Network::Servers::HTTPD will be enabled.
   attr_accessor :httpd
-  # The port to bind BetterCap::HTTPD::Server to.
+  # The port to bind HTTP server to.
   attr_accessor :httpd_port
-  # Web root of the BetterCap::HTTPD::Server.
+  # Web root of the HTTP server.
   attr_accessor :httpd_path
+  # If true, BetterCap::Network::Servers::DNSD will be enabled.
+  attr_accessor :dnsd
+  # The port to bind DNS server to.
+  attr_accessor :dnsd_port
+  # The host resolution file to use with the DNS server.
+  attr_accessor :dnsd_file
   # If true, bettercap will check for updates then exit.
   attr_accessor :check_updates
   # If true, targets NBNS hostname resolution won't be performed.
@@ -114,6 +120,10 @@ class Options
     @https_ports = [ 443 ]
     @ignore = nil
+    @dnsd = false
+    @dnsd_port = 5300
+    @dnsd_file = nil
     @sniffer = false
     @sniffer_pcap = nil
     @sniffer_filter = nil
@@ -311,6 +321,15 @@ class Options
         ctx.options.httpd_port = v.to_i
       end
+      opts.on( '--dns FILE', 'Enable DNS server and use this file as a hosts resolution table.' ) do |v|
+        ctx.options.dnsd      = true
+        ctx.options.dnsd_file = File.expand_path v
+      end
+      opts.on( '--dns-port PORT', 'Set DNS server port, default to ' + ctx.options.dnsd_port.to_s +  '.' ) do |v|
+        ctx.options.dnsd_port = v.to_i
+      end
       opts.on( '--httpd-path PATH', 'Set HTTP server path, default to ' + ctx.options.httpd_path +  '.' ) do |v|
         ctx.options.httpd = true
         ctx.options.httpd_path = v
@@ -478,48 +497,42 @@ class Options
     spoofers
   end
+  # Helper method to create a Firewalls::Redirection object.
+  def redir( address, port, to, proto = 'TCP' )
+    Firewalls::Redirection.new( @iface, proto, port, address, to )
+  end
   # Create a list of BetterCap::Firewalls::Redirection objects which are needed
   # given the specified command line arguments.
   def to_redirections ifconfig
     redirections = []
+    if @dnsd
+      redirections << redir( ifconfig[:ip_saddr], 53, @dnsd_port )
+      redirections << redir( ifconfig[:ip_saddr], 53, @dnsd_port, 'UDP' )
+    end
     if @proxy
       @http_ports.each do |port|
-        redirections << Firewalls::Redirection.new( @iface,
-                                         'TCP',
-                                         port,
-                                         ifconfig[:ip_saddr],
-                                         @proxy_port )
+        redirections << redir( ifconfig[:ip_saddr], port, @proxy_port )
       end
     end
     if @proxy_https
       @https_ports.each do |port|
-        redirections << Firewalls::Redirection.new( @iface,
-                                         'TCP',
-                                         port,
-                                         ifconfig[:ip_saddr],
-                                         @proxy_https_port )
+        redirections << redir( ifconfig[:ip_saddr], port, @proxy_https_port )
       end
     end
     if @custom_proxy
       @http_ports.each do |port|
-        redirections << Firewalls::Redirection.new( @iface,
-                                         'TCP',
-                                         port,
-                                         @custom_proxy,
-                                         @custom_proxy_port )
+        redirections << redir( @custom_proxy, port, @custom_proxy_port )
       end
     end
     if @custom_https_proxy
       @https_ports.each do |port|
-        redirections << Firewalls::Redirection.new( @iface,
-                                         'TCP',
-                                         port,
-                                         @custom_https_proxy,
-                                         @custom_https_proxy_port )
+        redirections << redir( @custom_https_proxy, port, @custom_https_proxy_port )
       end
     end
@@ -538,6 +551,7 @@ class Options
       'https-proxy' => if proxy_https then on else off end,
       'sslstrip'    => if proxy and sslstrip then on else off end,
       'http-server' => if httpd then on else off end,
+      'dns-server'  => if dnsd then on else off end
     }
     msg = "Starting [ "

data/lib/bettercap/proxy/proxy.rb CHANGED Viewed

@@ -91,7 +91,7 @@ class Proxy
   # Main server thread, will accept incoming connections and push them to
   # the thread pool.
   def server_thread
-    Logger.info "#{@type} Proxy started on #{@address}:#{@port} ...\n"
+    Logger.info "[#{@type.green}] Proxy starting on #{@address}:#{@port} ...\n"
     @running = true

data/lib/bettercap/proxy/response.rb CHANGED Viewed

@@ -124,14 +124,21 @@ class Response
     ""
   end
-  # If the header with +name+ is found, then a +value+ is assigned to it.
+  # If the header with +name+ is found, then a +value+ is assigned to it,
+  # otherwise it's created.
   def []=(name, value)
+    found = false
     @headers.each_with_index do |header,i|
       if header =~ /^#{name}:\s*.+$/i
         @headers[i] = "#{name}: #{value}"
+        found = true
         break
       end
     end
+    unless found
+      @headers << "#{name}: #{value}"
+    end
   end
   # Return a string representation of this response object, patching the

data/lib/bettercap/version.rb CHANGED Viewed

@@ -12,7 +12,7 @@ This project is released under the GPL 3 license.
 =end
 module BetterCap
   # Current version of bettercap.
-  VERSION = '1.3.3'
+  VERSION = '1.3.4'
   # Program banner.
   BANNER = File.read( File.dirname(__FILE__) + '/banner' ).gsub( '#VERSION#', "v#{VERSION}")
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: bettercap
 version: !ruby/object:Gem::Version
-  version: 1.3.3
+  version: 1.3.4
 platform: ruby
 authors:
 - Simone Margaritelli
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2016-01-30 00:00:00.000000000 Z
+date: 2016-01-31 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: colorize
@@ -86,8 +86,28 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: 0.8.0
+- !ruby/object:Gem::Dependency
+  name: rubydns
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.0.3
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.0'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 1.0.3
 description: BetterCap is the state of the art, modular, portable and easily extensible
-  MITM framework featuring ARP and ICMP spoofing, sslstripping, credentials harvesting
+  MITM framework featuring ARP, DNS and ICMP spoofing, sslstripping, credentials harvesting
   and more.
 email: evilsocket@gmail.com
 executables:
@@ -115,7 +135,6 @@ files:
 - lib/bettercap/firewalls/linux.rb
 - lib/bettercap/firewalls/osx.rb
 - lib/bettercap/firewalls/redirection.rb
-- lib/bettercap/httpd/server.rb
 - lib/bettercap/loader.rb
 - lib/bettercap/logger.rb
 - lib/bettercap/monkey/packetfu/utils.rb
@@ -123,6 +142,8 @@ files:
 - lib/bettercap/network/hw-prefixes
 - lib/bettercap/network/network.rb
 - lib/bettercap/network/packet_queue.rb
+- lib/bettercap/network/servers/dnsd.rb
+- lib/bettercap/network/servers/httpd.rb
 - lib/bettercap/network/target.rb
 - lib/bettercap/options.rb
 - lib/bettercap/proxy/certstore.rb