bettercap 1.4.5 → 1.4.6
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/bettercap/context.rb +10 -0
- data/lib/bettercap/firewalls/base.rb +2 -0
- data/lib/bettercap/firewalls/openbsd.rb +77 -0
- data/lib/bettercap/monkey/packetfu/utils.rb +42 -6
- data/lib/bettercap/network/arp_reader.rb +5 -1
- data/lib/bettercap/network/packet_queue.rb +2 -0
- data/lib/bettercap/spoofers/base.rb +5 -3
- data/lib/bettercap/version.rb +1 -1
- metadata +28 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 5e80ed7cf8ff695b09a19be15f3fd7e38bb9e4fd
|
4
|
+
data.tar.gz: 359ad3c86019ae9fe19a42f121293aada476638a
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: aacecd1696e02cfae46e23345fa4d48915c7c7539027acbf310ba3da604db4d36974b18a0e8535b9f5bf95315fd4767deda95168be553ac842ef4ca162d93e45
|
7
|
+
data.tar.gz: a779eecb8aaadf88dc818fbc58af27398653c3ed0cdc871e414058702e2ed2893add104e5c0e53b6a8c258e379e387dd2d231af8710d2be6c61da09328a925bc
|
data/lib/bettercap/context.rb
CHANGED
@@ -51,6 +51,12 @@ class Context
|
|
51
51
|
@@instance ||= self.new
|
52
52
|
end
|
53
53
|
|
54
|
+
# Runs a minor GC to collect young, short-lived objects.
|
55
|
+
def self.run_gc
|
56
|
+
Logger.debug "Running Ruby garbage collector ..."
|
57
|
+
GC.start( full_mark: false )
|
58
|
+
end
|
59
|
+
|
54
60
|
# Initialize the global context object.
|
55
61
|
def initialize
|
56
62
|
begin
|
@@ -156,6 +162,10 @@ class Context
|
|
156
162
|
( @options.sniffer and @options.parsers.include?('POST') )
|
157
163
|
end
|
158
164
|
|
165
|
+
def need_gateway?
|
166
|
+
( @options.arpcache == false or @options.has_spoofer? )
|
167
|
+
end
|
168
|
+
|
159
169
|
# Stop every running daemon that was started and reset system state.
|
160
170
|
def finalize
|
161
171
|
@running = false
|
@@ -26,6 +26,8 @@ class Base
|
|
26
26
|
@@instance = Firewalls::OSX.new
|
27
27
|
elsif RUBY_PLATFORM =~ /linux/
|
28
28
|
@@instance = Firewalls::Linux.new
|
29
|
+
elsif RUBY_PLATFORM =~ /openbsd/
|
30
|
+
@@instance = Firewalls::OpenBSD.new
|
29
31
|
else
|
30
32
|
raise BetterCap::Error, 'Unsupported operating system'
|
31
33
|
end
|
@@ -0,0 +1,77 @@
|
|
1
|
+
# encoding: UTF-8
|
2
|
+
=begin
|
3
|
+
|
4
|
+
BETTERCAP
|
5
|
+
|
6
|
+
Author : Angelos D. Keromytis
|
7
|
+
Email : angelos@cs.columbia.edu
|
8
|
+
|
9
|
+
This project is released under the GPL 3 license.
|
10
|
+
|
11
|
+
=end
|
12
|
+
|
13
|
+
module BetterCap
|
14
|
+
module Firewalls
|
15
|
+
# OpenBSD Firewall class; for now, it's a direct copy of the OSX firewall
|
16
|
+
class OpenBSD < Base
|
17
|
+
# If +enabled+ is true will enable packet forwarding, otherwise it will
|
18
|
+
# disable it.
|
19
|
+
def enable_forwarding(enabled)
|
20
|
+
Shell.execute("sysctl -w net.inet.ip.forwarding=#{enabled ? 1 : 0}")
|
21
|
+
end
|
22
|
+
|
23
|
+
# If +enabled+ is true will enable packet icmp_echo_ignore_broadcasts, otherwise it will
|
24
|
+
# disable it.
|
25
|
+
def enable_icmp_bcast(enabled)
|
26
|
+
Shell.execute("sysctl -w net.inet.icmp.bmcastecho=#{enabled ? 1 : 0}")
|
27
|
+
end
|
28
|
+
|
29
|
+
# Return true if packet forwarding is currently enabled, otherwise false.
|
30
|
+
def forwarding_enabled?
|
31
|
+
Shell.execute('sysctl net.inet.ip.forwarding').strip.split(' ')[1] == '1'
|
32
|
+
end
|
33
|
+
|
34
|
+
# This method is ignored on OpenBSD.
|
35
|
+
def enable_send_redirects(enabled); end
|
36
|
+
|
37
|
+
# If +enabled+ is true, the PF firewall will be enabled, otherwise it will
|
38
|
+
# be disabled.
|
39
|
+
def enable(enabled)
|
40
|
+
begin
|
41
|
+
Shell.execute("pfctl -#{enabled ? 'e' : 'd'} >/dev/null 2>&1")
|
42
|
+
rescue; end
|
43
|
+
end
|
44
|
+
|
45
|
+
# Apply the +r+ BetterCap::Firewalls::Redirection port redirection object.
|
46
|
+
def add_port_redirection( r )
|
47
|
+
# create the pf config file
|
48
|
+
config_file = "/tmp/bettercap_pf_#{Process.pid}.conf"
|
49
|
+
|
50
|
+
File.open( config_file, 'a+t' ) do |f|
|
51
|
+
f.write "rdr pass on #{r.interface} proto #{r.protocol} from any to any port #{r.src_port} -> #{r.dst_address} port #{r.dst_port}\n"
|
52
|
+
end
|
53
|
+
|
54
|
+
# load the rule
|
55
|
+
Shell.execute("pfctl -f #{config_file} >/dev/null 2>&1")
|
56
|
+
# enable pf
|
57
|
+
enable true
|
58
|
+
end
|
59
|
+
|
60
|
+
# Remove the +r+ BetterCap::Firewalls::Redirection port redirection object.
|
61
|
+
def del_port_redirection( r )
|
62
|
+
# FIXME: This should search for multiple rules inside the
|
63
|
+
# file and remove only this one.
|
64
|
+
|
65
|
+
# disable pf
|
66
|
+
enable false
|
67
|
+
|
68
|
+
begin
|
69
|
+
# remove the pf config file
|
70
|
+
File.delete( "/tmp/bettercap_pf_#{Process.pid}.conf" )
|
71
|
+
rescue
|
72
|
+
end
|
73
|
+
|
74
|
+
end
|
75
|
+
end
|
76
|
+
end
|
77
|
+
end
|
@@ -35,12 +35,7 @@ module PacketFu
|
|
35
35
|
|
36
36
|
BetterCap::Logger.debug "ifconfig #{iface}"
|
37
37
|
|
38
|
-
if BetterCap::Shell.available?('
|
39
|
-
BetterCap::Logger.debug "Using iproute2"
|
40
|
-
|
41
|
-
data = BetterCap::Shell.ip(iface)
|
42
|
-
ret = linux_ip iface, data
|
43
|
-
else
|
38
|
+
if BetterCap::Shell.available?('ifconfig')
|
44
39
|
BetterCap::Logger.debug "Using ifconfig"
|
45
40
|
|
46
41
|
data = BetterCap::Shell.ifconfig(iface)
|
@@ -55,7 +50,16 @@ module PacketFu
|
|
55
50
|
ret = linux_ifconfig iface, data
|
56
51
|
when /darwin/i
|
57
52
|
ret = darwin_ifconfig iface, data
|
53
|
+
when /openbsd/i
|
54
|
+
ret = openbsd_ifconfig iface, data
|
58
55
|
end
|
56
|
+
elsif BetterCap::Shell.available?('ip')
|
57
|
+
BetterCap::Logger.debug "Using iproute2"
|
58
|
+
|
59
|
+
data = BetterCap::Shell.ip(iface)
|
60
|
+
ret = linux_ip iface, data
|
61
|
+
else
|
62
|
+
raise BetterCap::Error, 'Unsupported operating system'
|
59
63
|
end
|
60
64
|
|
61
65
|
ret
|
@@ -171,5 +175,37 @@ module PacketFu
|
|
171
175
|
|
172
176
|
ret
|
173
177
|
end
|
178
|
+
|
179
|
+
def self.openbsd_ifconfig(iface='em0',ifconfig_data)
|
180
|
+
BetterCap::Logger.debug "OpenBSD ifconfig #{iface}:\n#{ifconfig_data}"
|
181
|
+
|
182
|
+
ret = {}
|
183
|
+
real_iface = ifconfig_data.first
|
184
|
+
ret[:iface] = real_iface.split(':')[0]
|
185
|
+
|
186
|
+
ifconfig_data.each do |s|
|
187
|
+
case s
|
188
|
+
when /lladdr[\s]([0-9a-fA-F:]{17})/i
|
189
|
+
ret[:eth_saddr] = $1
|
190
|
+
ret[:eth_src] = EthHeader.mac2str(ret[:eth_saddr])
|
191
|
+
when /inet[\s]*([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)(.*Mask[\s]+(0x[a-f0-9]+))?/i
|
192
|
+
imask = 0
|
193
|
+
if $3
|
194
|
+
imask = $3.to_i(16).to_s(2).count("1")
|
195
|
+
end
|
196
|
+
|
197
|
+
ret[:ip_saddr] = $1
|
198
|
+
ret[:ip_src] = [IPAddr.new($1).to_i].pack("N")
|
199
|
+
ret[:ip4_obj] = IPAddr.new($1)
|
200
|
+
ret[:ip4_obj] = ret[:ip4_obj].mask(imask) if imask
|
201
|
+
when /inet6[\s]*([0-9a-fA-F:\x2f]+)/
|
202
|
+
ret[:ip6_saddr] = $1
|
203
|
+
ret[:ip6_obj] = IPAddr.new($1)
|
204
|
+
end
|
205
|
+
end
|
206
|
+
|
207
|
+
ret
|
208
|
+
end
|
209
|
+
|
174
210
|
end
|
175
211
|
end
|
@@ -80,7 +80,11 @@ class ArpReader
|
|
80
80
|
|
81
81
|
# Parse a single ARP cache +line+ related to the +iface+ network interface.
|
82
82
|
def self.parse_cache_line( iface, line )
|
83
|
-
/
|
83
|
+
if RUBY_PLATFORM =~ /openbsd/i
|
84
|
+
/([0-9\.]+)\s+([a-f0-9:]+)\s+#{iface}\s+.*/i.match(line)
|
85
|
+
else
|
86
|
+
/[^\s]+\s+\(([0-9\.]+)\)\s+at\s+([a-f0-9:]+).+#{iface}.*/i.match(line)
|
87
|
+
end
|
84
88
|
end
|
85
89
|
end
|
86
90
|
end
|
@@ -107,12 +107,14 @@ private
|
|
107
107
|
# Get the MAC address of the gateway and update it.
|
108
108
|
def update_gateway!
|
109
109
|
hw = Network.get_hw_address( @ctx, @ctx.gateway )
|
110
|
-
|
110
|
+
|
111
|
+
raise BetterCap::Error, "Couldn't determine router MAC" if ( @ctx.need_gateway? and hw.nil? )
|
112
|
+
|
111
113
|
@gateway = Network::Target.new( @ctx.gateway, hw )
|
112
|
-
|
114
|
+
|
113
115
|
# notify the system that the gateway mac is resolved, this will prevent
|
114
116
|
# the gateway ip to be unnecessarily probed from discovery agents.
|
115
|
-
@ctx.gateway_mac_resolved =
|
117
|
+
@ctx.gateway_mac_resolved = !hw.nil?
|
116
118
|
|
117
119
|
Logger.info "[#{'GATEWAY'.green}] #{@gateway.to_s(false)}"
|
118
120
|
end
|
data/lib/bettercap/version.rb
CHANGED
@@ -12,7 +12,7 @@ This project is released under the GPL 3 license.
|
|
12
12
|
=end
|
13
13
|
module BetterCap
|
14
14
|
# Current version of bettercap.
|
15
|
-
VERSION = '1.4.
|
15
|
+
VERSION = '1.4.6'
|
16
16
|
# Program banner.
|
17
17
|
BANNER = File.read( File.dirname(__FILE__) + '/banner' ).gsub( '#VERSION#', "v#{VERSION}")
|
18
18
|
end
|
metadata
CHANGED
@@ -1,20 +1,23 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: bettercap
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.4.
|
4
|
+
version: 1.4.6
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Simone Margaritelli
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2016-
|
11
|
+
date: 2016-03-09 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: colorize
|
15
15
|
requirement: !ruby/object:Gem::Requirement
|
16
16
|
requirements:
|
17
17
|
- - "~>"
|
18
|
+
- !ruby/object:Gem::Version
|
19
|
+
version: '0.7'
|
20
|
+
- - ">="
|
18
21
|
- !ruby/object:Gem::Version
|
19
22
|
version: 0.7.5
|
20
23
|
type: :runtime
|
@@ -22,6 +25,9 @@ dependencies:
|
|
22
25
|
version_requirements: !ruby/object:Gem::Requirement
|
23
26
|
requirements:
|
24
27
|
- - "~>"
|
28
|
+
- !ruby/object:Gem::Version
|
29
|
+
version: '0.7'
|
30
|
+
- - ">="
|
25
31
|
- !ruby/object:Gem::Version
|
26
32
|
version: 0.7.5
|
27
33
|
- !ruby/object:Gem::Dependency
|
@@ -49,6 +55,9 @@ dependencies:
|
|
49
55
|
requirement: !ruby/object:Gem::Requirement
|
50
56
|
requirements:
|
51
57
|
- - "~>"
|
58
|
+
- !ruby/object:Gem::Version
|
59
|
+
version: '0.12'
|
60
|
+
- - ">="
|
52
61
|
- !ruby/object:Gem::Version
|
53
62
|
version: 0.12.0
|
54
63
|
type: :runtime
|
@@ -56,6 +65,9 @@ dependencies:
|
|
56
65
|
version_requirements: !ruby/object:Gem::Requirement
|
57
66
|
requirements:
|
58
67
|
- - "~>"
|
68
|
+
- !ruby/object:Gem::Version
|
69
|
+
version: '0.12'
|
70
|
+
- - ">="
|
59
71
|
- !ruby/object:Gem::Version
|
60
72
|
version: 0.12.0
|
61
73
|
- !ruby/object:Gem::Dependency
|
@@ -63,6 +75,9 @@ dependencies:
|
|
63
75
|
requirement: !ruby/object:Gem::Requirement
|
64
76
|
requirements:
|
65
77
|
- - "~>"
|
78
|
+
- !ruby/object:Gem::Version
|
79
|
+
version: '0.0'
|
80
|
+
- - ">="
|
66
81
|
- !ruby/object:Gem::Version
|
67
82
|
version: 0.0.1
|
68
83
|
type: :runtime
|
@@ -70,6 +85,9 @@ dependencies:
|
|
70
85
|
version_requirements: !ruby/object:Gem::Requirement
|
71
86
|
requirements:
|
72
87
|
- - "~>"
|
88
|
+
- !ruby/object:Gem::Version
|
89
|
+
version: '0.0'
|
90
|
+
- - ">="
|
73
91
|
- !ruby/object:Gem::Version
|
74
92
|
version: 0.0.1
|
75
93
|
- !ruby/object:Gem::Dependency
|
@@ -77,6 +95,9 @@ dependencies:
|
|
77
95
|
requirement: !ruby/object:Gem::Requirement
|
78
96
|
requirements:
|
79
97
|
- - "~>"
|
98
|
+
- !ruby/object:Gem::Version
|
99
|
+
version: '0.8'
|
100
|
+
- - ">="
|
80
101
|
- !ruby/object:Gem::Version
|
81
102
|
version: 0.8.0
|
82
103
|
type: :runtime
|
@@ -84,6 +105,9 @@ dependencies:
|
|
84
105
|
version_requirements: !ruby/object:Gem::Requirement
|
85
106
|
requirements:
|
86
107
|
- - "~>"
|
108
|
+
- !ruby/object:Gem::Version
|
109
|
+
version: '0.8'
|
110
|
+
- - ">="
|
87
111
|
- !ruby/object:Gem::Version
|
88
112
|
version: 0.8.0
|
89
113
|
- !ruby/object:Gem::Dependency
|
@@ -129,6 +153,7 @@ files:
|
|
129
153
|
- lib/bettercap/error.rb
|
130
154
|
- lib/bettercap/firewalls/base.rb
|
131
155
|
- lib/bettercap/firewalls/linux.rb
|
156
|
+
- lib/bettercap/firewalls/openbsd.rb
|
132
157
|
- lib/bettercap/firewalls/osx.rb
|
133
158
|
- lib/bettercap/firewalls/redirection.rb
|
134
159
|
- lib/bettercap/loader.rb
|
@@ -225,3 +250,4 @@ signing_key:
|
|
225
250
|
specification_version: 4
|
226
251
|
summary: A complete, modular, portable and easily extensible MITM framework.
|
227
252
|
test_files: []
|
253
|
+
has_rdoc:
|