bettercap 1.4.6 → 1.5.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 5e80ed7cf8ff695b09a19be15f3fd7e38bb9e4fd
-  data.tar.gz: 359ad3c86019ae9fe19a42f121293aada476638a
+  metadata.gz: e9a2d2ef953dadd1f83f919602e1ce9ea7412196
+  data.tar.gz: 3f72b7be236e36d547ea39d8542946202c2299d1
 SHA512:
-  metadata.gz: aacecd1696e02cfae46e23345fa4d48915c7c7539027acbf310ba3da604db4d36974b18a0e8535b9f5bf95315fd4767deda95168be553ac842ef4ca162d93e45
-  data.tar.gz: a779eecb8aaadf88dc818fbc58af27398653c3ed0cdc871e414058702e2ed2893add104e5c0e53b6a8c258e379e387dd2d231af8710d2be6c61da09328a925bc
+  metadata.gz: ab73ae16afddedccdc90f7a4e5c1a370ff6e020514562dfaa06b46123b838cfee1166751bec560c63143d3c24cf9e5c3bf25c7120aedf1abde3d31b2ea39503b
+  data.tar.gz: 43286b7a2efabda473a34c333d5cbe37c1fb83706aba9a8beced40c314c84b7799062084cb2ce5eafdd9b183aa1973a664bf96aba1b5adb661d298807eb52255

data/bin/bettercap

@@ -32,7 +32,7 @@ begin
     sleep 10
   end
 
-rescue SystemExit, Interrupt
+rescue SystemExit, Interrupt, SignalException
   BetterCap::Logger.raw "\n"
 
 rescue OptionParser::InvalidOption,

data/lib/bettercap.rb

@@ -36,6 +36,7 @@ require 'thread'
 require 'uri'
 require 'webrick'
 require 'zlib'
+require 'em-proxy'
 
 Object.send :remove_const, :Config rescue nil
 Config = RbConfig

data/lib/bettercap/context.rb

@@ -21,10 +21,8 @@ class Context
   attr_accessor :ifconfig
   # Instance of the current BetterCap::Firewalls class.
   attr_accessor :firewall
-  # Network gateway IP address.
+  # Network gateway ( as an instance of BetterCap::Network::Target ).
   attr_accessor :gateway
-  # A boolean value indicating if the gateway mac address was already resolved.
-  attr_accessor :gateway_mac_resolved
   # A list of BetterCap::Target objects which is periodically updated.
   attr_accessor :targets
   # Instance of BetterCap::Discovery::Thread class.
@@ -42,6 +40,8 @@ class Context
   attr_reader   :timeout
   # Instance of BetterCap::PacketQueue.
   attr_reader   :packets
+  # Instance of BetterCap::Memory.
+  attr_reader   :memory
 
   @@instance = nil
 
@@ -51,12 +51,6 @@ class Context
     @@instance ||= self.new
   end
 
-  # Runs a minor GC to collect young, short-lived objects.
-  def self.run_gc
-    Logger.debug "Running Ruby garbage collector ..."
-    GC.start( full_mark: false )
-  end
-
   # Initialize the global context object.
   def initialize
     begin
@@ -66,47 +60,51 @@ class Context
       Logger.exception e
     end
 
-    @running         = true
-    @timeout         = 5
-    @options         = Options.new iface
-    @ifconfig        = nil
-    @firewall        = nil
-    @gateway         = nil
-    @gateway_mac_resolved = false
-    @targets         = []
-    @spoofer         = nil
-    @httpd           = nil
-    @dnsd            = nil
-    @proxies         = []
-    @redirections    = []
-    @discovery       = Discovery::Thread.new self
-    @firewall        = Firewalls::Base.get
-    @packets         = nil
+    @running      = true
+    @timeout      = 5
+    @options      = Options.new iface
+    @ifconfig     = nil
+    @firewall     = nil
+    @gateway      = nil
+    @targets      = []
+    @spoofer      = nil
+    @httpd        = nil
+    @dnsd         = nil
+    @proxies      = []
+    @redirections = []
+    @discovery    = Discovery::Thread.new self
+    @firewall     = Firewalls::Base.get
+    @packets      = nil
+    @memory       = Memory.new
   end
 
   # Update the Context state parsing network related informations.
   def update!
-    @ifconfig = PacketFu::Utils.ifconfig @options.iface
-    @gateway  = Network.get_gateway if @gateway.nil?
-
-    raise BetterCap::Error, "Could not determine IPv4 address of '#{@options.iface}', make sure this interface "\
-                            'is active and connected.' if @ifconfig[:ip4_obj].nil?
-
-    raise BetterCap::Error, "Could not detect the gateway address for interface #{@options.iface}, "\
+    gw = @options.core.gateway || Network.get_gateway
+    raise BetterCap::Error, "Could not detect the gateway address for interface #{@options.core.iface}, "\
                             'make sure you\'ve specified the correct network interface to use and to have the '\
                             'correct network configuration, this could also happen if bettercap '\
-                            'is launched from a virtual environment.' unless Network::Validator.is_ip?(@gateway)
+                            'is launched from a virtual environment.' unless Network::Validator.is_ip?(gw)
+
+    @gateway  = Network::Target.new gw
+    @targets  = @options.core.targets unless @options.core.targets.nil?
+    @ifconfig = PacketFu::Utils.ifconfig @options.core.iface
+
+    raise BetterCap::Error, "Could not determine IPv4 address of '#{@options.core.iface}', make sure this interface "\
+                            'is active and connected.' if @ifconfig[:ip4_obj].nil?
 
     Logger.debug '----- NETWORK INFORMATIONS -----'
     Logger.debug "  network  = #{@ifconfig[:ip4_obj]}"
-    Logger.debug "  gateway  = #{@gateway}"
+    Logger.debug "  gateway  = #{@gateway.ip}"
     Logger.debug "  local_ip = #{@ifconfig[:ip_saddr]}\n"
     @ifconfig.each do |key,value|
       Logger.debug "  ifconfig[:#{key}] = #{value}"
     end
     Logger.debug "--------------------------------\n"
 
-    @packets = Network::PacketQueue.new( @ifconfig[:iface], @options.packet_throttle, 4 )
+    @packets = Network::PacketQueue.new( @ifconfig[:iface], @options.core.packet_throttle, 4 )
+    # Spoofers need the context network data to be initialized.
+    @spoofer = @options.spoof.parse_spoofers
   end
 
   # Find a target given its +ip+ and +mac+ addresses inside the #targets
@@ -122,15 +120,13 @@ class Context
 
   # Start everything!
   def start!
-    # Start targets auto discovery if needed.
-    if @options.target.nil?
-      BetterCap::Logger.info( "Targeting the whole subnet #{@ifconfig[:ip4_obj].to_range} ..." ) unless @options.has_spoofer? or @options.arpcache
-      @discovery.start
-      # give some time to the discovery thread to spawn its workers,
-      # this will prevent 'Too many open files' errors to delay host
-      # discovery.
-      sleep 1.5
-    end
+    # Start targets auto discovery.
+    BetterCap::Logger.info( "Targeting the whole subnet #{@ifconfig[:ip4_obj].to_range} ..." ) unless @options.spoof.enabled? or @options.core.arpcache
+    @discovery.start
+    # give some time to the discovery thread to spawn its workers,
+    # this will prevent 'Too many open files' errors to delay host
+    # discovery.
+    sleep(1.5) unless @options.core.arpcache
 
     # Start network spoofers if any.
     @spoofer.each do |spoofer|
@@ -138,8 +134,8 @@ class Context
     end
 
     # Start proxies and setup port redirection.
-    if @options.proxy or @options.proxy_https
-      if @options.has_http_sniffer_enabled?
+    if @options.proxies.any?
+      if ( @options.proxies.proxy or @options.proxies.proxy_https ) and @options.sniff.enabled?('URL')
         BetterCap::Logger.warn "WARNING: Both HTTP transparent proxy and URL parser are enabled, you're gonna see duplicated logs."
       end
       create_proxies!
@@ -150,22 +146,14 @@ class Context
     create_servers!
 
     # Start network sniffer.
-    if @options.sniffer
+    if @options.sniff.enabled?
       Sniffer.start self
-    elsif @options.has_spoofer?
+    elsif @options.spoof.enabled? and !@options.proxies.any?
       Logger.warn 'WARNING: Sniffer module was NOT enabled ( -X argument ), this '\
-                  'will cause the MITM to run but no data to be collected.' unless @options.has_spoofer?
+                  'will cause the MITM to run but no data to be collected.'
     end
   end
 
-  def post_sniffer_enabled?
-    ( @options.sniffer and @options.parsers.include?('POST') )
-  end
-
-  def need_gateway?
-    ( @options.arpcache == false or @options.has_spoofer? )
-  end
-
   # Stop every running daemon that was started and reset system state.
   def finalize
     @running = false
@@ -208,7 +196,7 @@ class Context
   def enable_port_redirection!
     @redirections = @options.get_redirections(@ifconfig)
     @redirections.each do |r|
-      Logger.debug "Redirecting #{r.protocol} traffic from port #{r.src_port} to #{r.dst_address}:#{r.dst_port}"
+      Logger.debug "Redirecting #{r.protocol} traffic from #{r.src_address.nil? ? '*' : r.src_address}:#{r.src_port} to #{r.dst_address}:#{r.dst_port}"
       @firewall.add_port_redirection( r )
     end
   end
@@ -216,19 +204,24 @@ class Context
   # Initialize the needed transparent proxies and the processor routined which
   # is needed in order to run proxy modules.
   def create_proxies!
-    if @options.has_proxy_module?
-      Proxy::Module.register_modules
-      raise BetterCap::Error, "#{@options.proxy_module} is not a valid bettercap proxy module." if Proxy::Module.modules.empty?
+    if @options.proxies.has_proxy_module?
+      Proxy::HTTP::Module.register_modules
+      raise BetterCap::Error, "#{@options.proxies.proxy_module} is not a valid bettercap proxy module." if Proxy::HTTP::Module.modules.empty?
     end
 
     # create HTTP proxy
-    if @options.proxy
-      @proxies << Proxy::Proxy.new( @ifconfig[:ip_saddr], @options.proxy_port, false )
+    if @options.proxies.proxy
+      @proxies << Proxy::HTTP::Proxy.new( @ifconfig[:ip_saddr], @options.proxies.proxy_port, false )
     end
 
     # create HTTPS proxy
-    if @options.proxy_https
-      @proxies << Proxy::Proxy.new( @ifconfig[:ip_saddr], @options.proxy_https_port, true )
+    if @options.proxies.proxy_https
+      @proxies << Proxy::HTTP::Proxy.new( @ifconfig[:ip_saddr], @options.proxies.proxy_https_port, true )
+    end
+
+    # create TCP proxy
+    if @options.proxies.tcp_proxy
+      @proxies << Proxy::TCP::Proxy.new( @ifconfig[:ip_saddr], @options.proxies.tcp_proxy_port, @options.proxies.tcp_proxy_upstream_address, @options.proxies.tcp_proxy_upstream_port )
     end
 
     @proxies.each do |proxy|
@@ -239,16 +232,16 @@ class Context
   # Initialize and start the needed servers.
   def create_servers!
     # Start local DNS server.
-    if @options.dnsd
-      Logger.warn "Starting DNS server with spoofing disabled, bettercap will only reply to local DNS queries." unless @options.has_spoofer?
+    if @options.servers.dnsd
+      Logger.warn "Starting DNS server with spoofing disabled, bettercap will only reply to local DNS queries." unless @options.spoof.enabled?
 
-      @dnsd = Network::Servers::DNSD.new( @options.dnsd_file, @ifconfig[:ip_saddr], @options.dnsd_port )
+      @dnsd = Network::Servers::DNSD.new( @options.servers.dnsd_file, @ifconfig[:ip_saddr], @options.servers.dnsd_port )
       @dnsd.start
     end
 
     # Start local HTTP server.
-    if @options.httpd
-      @httpd = Network::Servers::HTTPD.new( @options.httpd_port, @options.httpd_path )
+    if @options.servers.httpd
+      @httpd = Network::Servers::HTTPD.new( @options.servers.httpd_port, @options.servers.httpd_path )
       @httpd.start
     end
   end

data/lib/bettercap/discovery/agents/base.rb

@@ -49,8 +49,8 @@ class Base
   # Return true if +ip+ must be skipped during discovery, otherwise false.
   def skip_address?(ip)
     # don't send probes to the gateway if we already have its MAC.
-    if ip == @ctx.gateway
-      return @ctx.gateway_mac_resolved
+    if ip == @ctx.gateway.ip
+      return !@ctx.gateway.mac.nil?
     # don't send probes to our device
     elsif ip == @local_ip
       return true

data/lib/bettercap/discovery/thread.rb

@@ -31,7 +31,7 @@ class Thread
   def stop
     @running = false
     if @thread != nil
-      Logger.info( 'Stopping network discovery thread ...' ) unless @ctx.options.arpcache
+      Logger.info( 'Stopping network discovery thread ...' ) unless @ctx.options.core.arpcache
       begin
         @thread.exit
       rescue
@@ -97,17 +97,18 @@ class Thread
   # This method implements the main discovery logic, it will be executed within
   # the spawned thread.
   def worker
-    Logger.debug( 'Network discovery thread started.' ) unless @ctx.options.arpcache
+    Logger.debug( 'Network discovery thread started.' ) unless @ctx.options.core.arpcache
 
     prev = []
     while @running
       @ctx.targets = Network.get_alive_targets(@ctx).sort_by { |t| t.sortable_ip }
 
-      print_differences( prev ) unless @ctx.options.arpcache
+      print_differences( prev ) unless @ctx.options.core.arpcache
 
       prev = @ctx.targets
 
-      sleep(5) if @ctx.options.arpcache
+      @ctx.memory.optimize!
+      sleep(1) if @ctx.options.core.arpcache
     end
   end
 end

data/lib/bettercap/firewalls/base.rb

@@ -22,12 +22,10 @@ class Base
     def get
       return @@instance unless @@instance.nil?
 
-      if RUBY_PLATFORM =~ /darwin/
-        @@instance = Firewalls::OSX.new
+      if RUBY_PLATFORM =~ /openbsd/ or RUBY_PLATFORM =~ /darwin/
+        @@instance = Firewalls::BSD.new
       elsif RUBY_PLATFORM =~ /linux/
         @@instance = Firewalls::Linux.new
-      elsif RUBY_PLATFORM =~ /openbsd/
-        @@instance = Firewalls::OpenBSD.new
       else
         raise BetterCap::Error, 'Unsupported operating system'
       end

data/lib/bettercap/firewalls/{osx.rb → bsd.rb}

@@ -13,8 +13,8 @@ This project is released under the GPL 3 license.
 
 module BetterCap
 module Firewalls
-# OSX Firewall class.
-class OSX < Base
+# *BSD and OSX Firewall class.
+class BSD < Base
   # If +enabled+ is true will enable packet forwarding, otherwise it will
   # disable it.
   def enable_forwarding(enabled)
@@ -49,7 +49,7 @@ class OSX < Base
     config_file = "/tmp/bettercap_pf_#{Process.pid}.conf"
 
     File.open( config_file, 'a+t' ) do |f|
-      f.write "rdr pass on #{r.interface} proto #{r.protocol} from any to any port #{r.src_port} -> #{r.dst_address} port #{r.dst_port}\n"
+      f.write "rdr pass on #{r.interface} proto #{r.protocol} from any to #{r.src_address.nil? ? 'any' : r.src_address} port #{r.src_port} -> #{r.dst_address} port #{r.dst_port}\n"
     end
 
     # load the rule

data/lib/bettercap/firewalls/linux.rb

@@ -50,7 +50,7 @@ class Linux < Base
     # accept all
     Shell.execute('iptables -P FORWARD ACCEPT')
     # add redirection
-    Shell.execute("iptables -t nat -A PREROUTING -i #{r.interface} -p #{r.protocol} --dport #{r.src_port} -j DNAT --to #{r.dst_address}:#{r.dst_port}")
+    Shell.execute("iptables -t nat -A PREROUTING -i #{r.interface} -p #{r.protocol} #{r.src_address.nil? ? '' : "-d #{r.src_address}"} --dport #{r.src_port} -j DNAT --to #{r.dst_address}:#{r.dst_port}")
   end
 
   # Remove the +r+ BetterCap::Firewalls::Redirection port redirection object.
@@ -58,7 +58,7 @@ class Linux < Base
     # remove post route
     Shell.execute('iptables -t nat -D POSTROUTING -s 0/0 -j MASQUERADE')
     # remove redirection
-    Shell.execute("iptables -t nat -D PREROUTING -i #{r.interface} -p #{r.protocol} --dport #{r.src_port} -j DNAT --to #{r.dst_address}:#{r.dst_port}")
+    Shell.execute("iptables -t nat -D PREROUTING -i #{r.interface} -p #{r.protocol} #{r.src_address.nil? ? '' : "-d #{r.src_address}"} --dport #{r.src_port} -j DNAT --to #{r.dst_address}:#{r.dst_port}")
   end
 end
 end

data/lib/bettercap/firewalls/redirection.rb

@@ -18,6 +18,8 @@ class Redirection
   attr_reader :interface
   # Protocol name.
   attr_reader :protocol
+  # Source address.
+  attr_reader :src_address
   # Source port.
   attr_reader :src_port
   # Destination address.
@@ -26,10 +28,11 @@ class Redirection
   attr_reader :dst_port
 
   # Create the redirection rule for the specified +interface+ and +protocol+.
-  # Redirect *:+src_port+ to +dst_address+:+dst_port+
-  def initialize( interface, protocol, src_port, dst_address, dst_port )
+  # Redirect +src_address+:+src_port+ to +dst_address+:+dst_port+
+  def initialize( interface, protocol, src_address, src_port, dst_address, dst_port )
     @interface   = interface
     @protocol    = protocol
+    @src_address = src_address
     @src_port    = src_port
     @dst_address = dst_address
     @dst_port    = dst_port

data/lib/bettercap/logger.rb

@@ -23,18 +23,13 @@ module Logger
     @@thread    = nil
 
     # Initialize the logging system.
-    # If +debug+ is true, debug logging will be enabled.
-    # If +logfile+ is not nil, every message will be saved to that file.
-    # If +silent+ is true, all messages will be suppressed if they're not errors
-    # or warnings.
-    # If +with_timestamp+ is true, a timestamp will be prepended to each line.
-    def init( debug, logfile, silent, with_timestamp )
-      @@debug     = debug
-      @@logfile   = logfile
+    def init( ctx )
+      @@debug     = ctx.options.core.debug
+      @@logfile   = ctx.options.core.logfile
+      @@silent    = ctx.options.core.silent
+      @@timestamp = ctx.options.core.log_timestamp
+      @@ctx       = ctx
       @@thread    = Thread.new { worker }
-      @@silent    = silent
-      @@timestamp = with_timestamp
-      @@ctx       = Context.get
     end
 
     # Log the exception +e+, if this is a beta version, log it as a warning,

data/lib/bettercap/memory.rb

@@ -0,0 +1,56 @@
+# encoding: UTF-8
+=begin
+
+BETTERCAP
+
+Author : Simone 'evilsocket' Margaritelli
+Email  : evilsocket@gmail.com
+Blog   : http://www.evilsocket.net/
+
+This project is released under the GPL 3 license.
+
+=end
+
+module BetterCap
+# This class is responsible for garbage collection and memory stats printing.
+class Memory
+  def initialize
+    GC.enable
+    s = GC.stat
+    @total_allocs = s[:total_allocated_objects]
+    @total_freed  = s[:total_freed_objects]
+  end
+
+  def optimize!
+    GC.start
+    begin
+      s          = GC.stat
+      new_allocs = s[:total_allocated_objects]
+      new_freed  = s[:total_freed_objects]
+      allocs_d   = nil
+      freed_d    = nil
+
+      if new_allocs < @total_allocs
+        allocs_d = new_allocs.to_s.green
+      elsif new_allocs > @total_allocs
+        allocs_d = new_allocs.to_s.red
+      else
+        allocs_d = new_allocs
+      end
+
+      if new_freed < @total_freed
+        freed_d = new_freed.to_s.red
+      elsif new_freed > @total_freed
+        freed_d = new_freed.to_s.green
+      else
+        freed_d = new_freed
+      end
+
+      Logger.debug "GC: allocd objects: #{allocs_d} freed objects: #{freed_d}"
+
+      @total_allocs = new_allocs
+      @total_freed  = new_freed
+    rescue; end
+  end
+end
+end