xettercap 1.5.7xerob

data/lib/bettercap/firewalls/base.rb

@@ -0,0 +1,103 @@
+# encoding: UTF-8
+=begin
+
+BETTERCAP
+
+Author : Simone 'evilsocket' Margaritelli
+Email  : evilsocket@gmail.com
+Blog   : http://www.evilsocket.net/
+
+This project is released under the GPL 3 license.
+
+=end
+module BetterCap
+module Firewalls
+# Base class for BetterCap::Firewalls objects.
+class Base
+  # Instance of the loaded firewall.
+  @@instance = nil
+
+  class << self
+    # Save and return an instance of the appropriate BetterCap::Firewalls object.
+    def get
+      return @@instance unless @@instance.nil?
+
+      if RUBY_PLATFORM =~ /.+bsd/ or RUBY_PLATFORM =~ /darwin/
+        @@instance = Firewalls::BSD.new
+      elsif RUBY_PLATFORM =~ /linux/
+        @@instance = Firewalls::Linux.new
+      else
+        raise BetterCap::Error, 'Unsupported operating system'
+      end
+
+      @@instance
+    end
+
+    # Clear the instance of the BetterCap::Firewalls object.
+    def clear
+      @@instance = nil
+    end
+  end
+
+  # Initialize the firewall object.
+  # Raise NotImplementedError
+  def initialize
+    @frwd_initial_state = forwarding_enabled?
+  end
+
+  # If +enabled+ is true will enable packet forwarding, otherwise it will
+  # disable it.
+  # Raise NotImplementedError
+  def enable_forwarding(enabled)
+    not_implemented_method!
+  end
+
+  # If +enabled+ is true will enable icmp_echo_ignore_broadcasts, otherwise it will
+  # disable it.
+  # Raise NotImplementedError
+  def enable_icmp_bcast(enabled)
+    not_implemented_method!
+  end
+
+  # If +enabled+ is true will enable send_redirects, otherwise it will
+  # disable it.
+  # Raise NotImplementedError
+  def enable_send_redirects(enabled)
+    not_implemented_method!
+  end
+
+  # Return true if packet forwarding is currently enabled, otherwise false.
+  # Raise NotImplementedError
+  def forwarding_enabled?
+    not_implemented_method!
+  end
+
+  # Apply the +r+ BetterCap::Firewalls::Redirection port redirection object.
+  # Raise NotImplementedError
+  def add_port_redirection( r )
+    not_implemented_method!
+  end
+
+  # Remove the +r+ BetterCap::Firewalls::Redirection port redirection object.
+  # Raise NotImplementedError
+  def del_port_redirection( r )
+    not_implemented_method!
+  end
+
+  # Restore the system's original packet forwarding state.
+  # Raise NotImplementedError
+  def restore
+    if forwarding_enabled? != @frwd_initial_state
+      enable_forwarding @frwd_initial_state
+    end
+  end
+
+private
+
+  # Method used to raise NotImplementedError exception.
+  def not_implemented_method!
+    raise NotImplementedError, 'Firewalls::Base: Unimplemented method!'
+  end
+end
+end
+end

data/lib/bettercap/firewalls/bsd.rb

@@ -0,0 +1,74 @@
+# encoding: UTF-8
+=begin
+
+BETTERCAP
+
+Author : Simone 'evilsocket' Margaritelli
+Email  : evilsocket@gmail.com
+Blog   : http://www.evilsocket.net/
+
+This project is released under the GPL 3 license.
+
+=end
+
+module BetterCap
+module Firewalls
+# *BSD and OSX Firewall class.
+class BSD < Base
+  # If +enabled+ is true will enable packet forwarding, otherwise it will
+  # disable it.
+  def enable_forwarding(enabled)
+    Shell.execute("sysctl -w net.inet.ip.forwarding=#{enabled ? 1 : 0}")
+  end
+
+  # If +enabled+ is true will enable packet icmp_echo_ignore_broadcasts, otherwise it will
+  # disable it.
+  def enable_icmp_bcast(enabled)
+    Shell.execute("sysctl -w net.inet.icmp.bmcastecho=#{enabled ? 1 : 0}")
+  end
+
+  # Return true if packet forwarding is currently enabled, otherwise false.
+  def forwarding_enabled?
+    Shell.execute('sysctl net.inet.ip.forwarding').strip.split(' ')[1] == '1'
+  end
+
+  # This method is ignored on OSX.
+  def enable_send_redirects(enabled); end
+
+  # If +enabled+ is true, the PF firewall will be enabled, otherwise it will
+  # be disabled.
+  def enable(enabled)
+    Shell.execute("pfctl -#{enabled ? 'e' : 'd'} >/dev/null 2>&1")
+  rescue
+  end
+
+  # Apply the +r+ BetterCap::Firewalls::Redirection port redirection object.
+  def add_port_redirection( r )
+    # create the pf config file
+    config_file = "/tmp/bettercap_pf_#{Process.pid}.conf"
+
+    File.open( config_file, 'a+t' ) do |f|
+      f.write "rdr pass on #{r.interface} proto #{r.protocol} from any to #{r.src_address.nil? ? 'any' : r.src_address} port #{r.src_port} -> #{r.dst_address} port #{r.dst_port}\n"
+    end
+
+    # load the rule
+    Shell.execute("pfctl -f #{config_file} >/dev/null 2>&1")
+    # enable pf
+    enable true
+  end
+
+  # Remove the +r+ BetterCap::Firewalls::Redirection port redirection object.
+  def del_port_redirection( r )
+    # FIXME: This should search for multiple rules inside the
+    # file and remove only this one.
+
+    # disable pf
+    enable false
+
+    # remove the pf config file
+    File.delete( "/tmp/bettercap_pf_#{Process.pid}.conf" )
+  rescue
+  end
+end
+end
+end

data/lib/bettercap/firewalls/linux.rb

@@ -0,0 +1,65 @@
+# encoding: UTF-8
+=begin
+
+BETTERCAP
+
+Author : Simone 'evilsocket' Margaritelli
+Email  : evilsocket@gmail.com
+Blog   : http://www.evilsocket.net/
+
+This project is released under the GPL 3 license.
+
+=end
+
+module BetterCap
+module Firewalls
+# Linux firewall class.
+class Linux < Base
+
+  IPV4_PATH = "/proc/sys/net/ipv4"
+  IP_FORWARD_PATH = IPV4_PATH + "/ip_forward"
+  ICMP_BCAST_PATH = IPV4_PATH + "/icmp_echo_ignore_broadcasts"
+  SEND_REDIRECTS_PATH = IPV4_PATH + "/conf/all/send_redirects"
+  # If +enabled+ is true will enable packet forwarding, otherwise it will
+  # disable it.
+  def enable_forwarding(enabled)
+    File.open(IP_FORWARD_PATH,'w') { |f| f.puts "#{enabled ? 1 : 0}" }
+  end
+
+  # Return true if packet forwarding is currently enabled, otherwise false.
+  def forwarding_enabled?
+    File.open(IP_FORWARD_PATH) { |f| f.read.strip == '1' }
+  end
+
+  # If +enabled+ is true will enable packet icmp_echo_ignore_broadcasts, otherwise it will
+  # disable it.
+  def enable_icmp_bcast(enabled)
+    File.open(ICMP_BCAST_PATH,'w') { |f| f.puts "#{enabled ? 1 : 0}" }
+  end
+
+  # If +enabled+ is true will enable send_redirects, otherwise it will
+  # disable it.
+  def enable_send_redirects(enabled)
+    File.open(SEND_REDIRECTS_PATH,'w') { |f| f.puts "#{enabled ? 1 : 0}" }
+  end
+
+  # Apply the +r+ BetterCap::Firewalls::Redirection port redirection object.
+  def add_port_redirection( r )
+    # post route
+    Shell.execute('iptables -t nat -I POSTROUTING -s 0/0 -j MASQUERADE')
+    # accept all
+    Shell.execute('iptables -P FORWARD ACCEPT')
+    # add redirection
+    Shell.execute("iptables -t nat -A PREROUTING -i #{r.interface} -p #{r.protocol} #{r.src_address.nil? ? '' : "-d #{r.src_address}"} --dport #{r.src_port} -j DNAT --to #{r.dst_address}:#{r.dst_port}")
+  end
+
+  # Remove the +r+ BetterCap::Firewalls::Redirection port redirection object.
+  def del_port_redirection( r )
+    # remove post route
+    Shell.execute('iptables -t nat -D POSTROUTING -s 0/0 -j MASQUERADE')
+    # remove redirection
+    Shell.execute("iptables -t nat -D PREROUTING -i #{r.interface} -p #{r.protocol} #{r.src_address.nil? ? '' : "-d #{r.src_address}"} --dport #{r.src_port} -j DNAT --to #{r.dst_address}:#{r.dst_port}")
+  end
+end
+end
+end

data/lib/bettercap/firewalls/redirection.rb

@@ -0,0 +1,42 @@
+# encoding: UTF-8
+=begin
+
+BETTERCAP
+
+Author : Simone 'evilsocket' Margaritelli
+Email  : evilsocket@gmail.com
+Blog   : http://www.evilsocket.net/
+
+This project is released under the GPL 3 license.
+
+=end
+module BetterCap
+module Firewalls
+# This class represents a firewall port redirection rule.
+class Redirection
+  # Network interface name.
+  attr_reader :interface
+  # Protocol name.
+  attr_reader :protocol
+  # Source address.
+  attr_reader :src_address
+  # Source port.
+  attr_reader :src_port
+  # Destination address.
+  attr_reader :dst_address
+  # Destionation port.
+  attr_reader :dst_port
+
+  # Create the redirection rule for the specified +interface+ and +protocol+.
+  # Redirect +src_address+:+src_port+ to +dst_address+:+dst_port+
+  def initialize( interface, protocol, src_address, src_port, dst_address, dst_port )
+    @interface   = interface
+    @protocol    = protocol
+    @src_address = src_address
+    @src_port    = src_port
+    @dst_address = dst_address
+    @dst_port    = dst_port
+  end
+end
+end
+end

data/lib/bettercap/loader.rb

@@ -0,0 +1,27 @@
+# encoding: UTF-8
+=begin
+
+BETTERCAP
+
+Author : Simone 'evilsocket' Margaritelli
+Email  : evilsocket@gmail.com
+Blog   : http://www.evilsocket.net/
+
+This project is released under the GPL 3 license.
+
+=end
+
+module BetterCap
+# This class is responsible for dynamically loading modules.
+class Loader
+  # Dynamically load a class given its +name+.
+  # @see https://github.com/evilsocket/bettercap/issues/88
+  def self.load(name)
+    root = Kernel
+    name.split('::').each do |part|
+      root = root.const_get(part)
+    end
+    root
+  end
+end
+end

data/lib/bettercap/logger.rb

@@ -0,0 +1,131 @@
+# encoding: UTF-8
+=begin
+
+BETTERCAP
+
+Author : Simone 'evilsocket' Margaritelli
+Email  : evilsocket@gmail.com
+Blog   : http://www.evilsocket.net/
+
+This project is released under the GPL 3 license.
+
+=end
+module BetterCap
+# Class responsible for console and file logging.
+module Logger
+  class << self
+    @@ctx       = nil
+    @@queue     = Queue.new
+    @@debug     = false
+    @@timestamp = false
+    @@silent    = false
+    @@logfile   = nil
+    @@thread    = nil
+
+    # Initialize the logging system.
+    def init( ctx )
+      @@debug     = ctx.options.core.debug
+      @@logfile   = ctx.options.core.logfile
+      @@silent    = ctx.options.core.silent
+      @@timestamp = ctx.options.core.log_timestamp
+      @@ctx       = ctx
+      @@thread    = Thread.new { worker }
+    end
+
+    # Log the exception +e+, if this is a beta version, log it as a warning,
+    # otherwise as a debug message.
+    def exception(e)
+      msg = "Exception : #{e.class}\n" +
+            "Message   : #{e.message}\n" +
+            "Backtrace :\n\n    #{e.backtrace.join("\n    ")}\n"
+
+      if BetterCap::VERSION.end_with?('b')
+        self.warn(msg)
+      else
+        self.debug(msg)
+      end
+    end
+
+    # Log an error +message+.
+    def error(message)
+      @@queue.push formatted_message(message, 'E').red
+    end
+
+    # Log an information +message+.
+    def info(message)
+      @@queue.push( formatted_message(message, 'I') ) unless @@silent
+    end
+
+    # Log a warning +message+.
+    def warn(message)
+      @@queue.push formatted_message(message, 'W').yellow
+    end
+
+    # Log a debug +message+.
+    def debug(message)
+      if @@debug and not @@silent
+        @@queue.push formatted_message(message, 'D').light_black
+      end
+    end
+
+    # Log a +message+ as it is.
+    def raw(message)
+      @@queue.push( formatted_message( message, nil ) )
+    end
+
+    # Wait for the messages queue to be empty.
+    def wait!
+      while not @@queue.empty?
+        if @@thread.nil?
+          emit @@queue.pop
+        else
+          sleep 0.3
+        end
+      end
+    end
+
+    private
+
+    # Main logger logic.
+    def worker
+      loop do
+        message = @@queue.pop
+        if @@ctx.nil? or @@ctx.running
+          begin
+            emit message
+          rescue Exception => e
+            Logger.warn "Logger error: #{e.message}"
+            Logger.exception e
+          end
+        end
+      end
+    end
+
+    # Emit the +message+.
+    def emit(message)
+#      puts message
+      unless @@logfile.nil?
+        f = File.open( @@logfile, 'a+t' )
+        f.puts( message.gsub( /\e\[(\d+)(;\d+)*m/, '') + "\n")
+        f.close
+      end
+    end
+
+    # Format +message+ for the given +message_type+.
+    def formatted_message(message, message_type)
+      # raw message?
+      if message_type.nil?
+        if @@timestamp and !message.strip.empty?
+          "[#{Time.now}] #{message}"
+        else
+          message
+        end
+      elsif @@timestamp
+        "[#{Time.now}] [#{message_type}] #{message}"
+      else
+        "[#{message_type}] #{message}"
+      end
+    end
+  end
+end
+end

data/lib/bettercap/memory.rb

@@ -0,0 +1,56 @@
+# encoding: UTF-8
+=begin
+
+BETTERCAP
+
+Author : Simone 'evilsocket' Margaritelli
+Email  : evilsocket@gmail.com
+Blog   : http://www.evilsocket.net/
+
+This project is released under the GPL 3 license.
+
+=end
+
+module BetterCap
+# This class is responsible for garbage collection and memory stats printing.
+class Memory
+  def initialize
+    GC.enable
+    s = GC.stat
+    @total_allocs = s[:total_allocated_objects]
+    @total_freed  = s[:total_freed_objects]
+  end
+
+  def optimize!
+    GC.start
+    begin
+      s          = GC.stat
+      new_allocs = s[:total_allocated_objects]
+      new_freed  = s[:total_freed_objects]
+      allocs_d   = nil
+      freed_d    = nil
+
+      if new_allocs < @total_allocs
+        allocs_d = new_allocs.to_s.green
+      elsif new_allocs > @total_allocs
+        allocs_d = new_allocs.to_s.red
+      else
+        allocs_d = new_allocs
+      end
+
+      if new_freed < @total_freed
+        freed_d = new_freed.to_s.red
+      elsif new_freed > @total_freed
+        freed_d = new_freed.to_s.green
+      else
+        freed_d = new_freed
+      end
+
+      # Logger.debug "GC: allocd objects: #{allocs_d} freed objects: #{freed_d}"
+
+      @total_allocs = new_allocs
+      @total_freed  = new_freed
+    rescue; end
+  end
+end
+end

data/lib/bettercap/monkey/celluloid/actor.rb

@@ -0,0 +1,23 @@
+# encoding: UTF-8
+=begin
+
+BETTERCAP
+
+Author : Simone 'evilsocket' Margaritelli
+Email  : evilsocket@gmail.com
+Blog   : http://www.evilsocket.net/
+
+This project is released under the GPL 3 license.
+
+=end
+
+# Monkey patching to remove Internals::Logger.crash calls.
+module Celluloid
+class Actor
+  # Handle any exceptions that occur within a running actor
+  def handle_crash(exception)
+    shutdown ExitEvent.new(behavior_proxy, exception)
+  rescue
+  end
+end
+end

data/lib/bettercap/monkey/celluloid/io/udp_socket.rb

@@ -0,0 +1,26 @@
+# encoding: UTF-8
+=begin
+
+BETTERCAP
+
+Author : Simone 'evilsocket' Margaritelli
+Email  : evilsocket@gmail.com
+Blog   : http://www.evilsocket.net/
+
+This project is released under the GPL 3 license.
+
+=end
+
+# Monkey patching fix for https://github.com/evilsocket/bettercap/issues/154
+module Celluloid
+  module IO
+    class UDPSocket
+      def initialize(address_family = ::Socket::AF_INET)
+        @socket = ::UDPSocket.new(address_family)
+      rescue Errno::EMFILE
+        sleep 0.5
+        retry
+      end
+    end
+  end
+end

data/lib/bettercap/monkey/em-proxy/proxy.rb

@@ -0,0 +1,23 @@
+class Proxy
+
+  def self.start(options, &blk)
+    # epoll is not supported on OSX!
+    # EM.epoll
+    EM.run do
+      # We'll take care of this.
+      #
+      # trap("TERM") { stop }
+      # trap("INT")  { stop }
+
+      EventMachine::start_server(options[:host], options[:port],
+                                 EventMachine::ProxyServer::Connection, options) do |c|
+        c.instance_eval(&blk)
+      end
+    end
+  end
+
+  def self.stop
+    EventMachine.stop
+  rescue
+  end
+end

data/lib/bettercap/monkey/openssl/server.rb

@@ -0,0 +1,35 @@
+# encoding: UTF-8
+=begin
+
+BETTERCAP
+
+Author : Simone 'evilsocket' Margaritelli
+Email  : evilsocket@gmail.com
+Blog   : http://www.evilsocket.net/
+
+This project is released under the GPL 3 license.
+
+=end
+
+# Add accept_nonblock method to OpenSSL::SSL::SSLServer
+module OpenSSL
+  module SSL
+    class SSLServer
+      unless public_method_defined? :accept_nonblock
+        def accept_nonblock
+          sock = @svr.accept_nonblock
+
+          begin
+            ssl = OpenSSL::SSL::SSLSocket.new(sock, @ctx)
+            ssl.sync_close = true
+            ssl.accept if @start_immediately
+            ssl
+          rescue SSLError => ex
+            sock.close
+            raise ex
+          end
+        end
+      end
+    end
+  end
+end

data/lib/bettercap/monkey/packetfu/pcap.rb

@@ -0,0 +1,51 @@
+# encoding: UTF-8
+=begin
+
+BETTERCAP
+
+Author : Simone 'evilsocket' Margaritelli
+Email  : evilsocket@gmail.com
+Blog   : http://www.evilsocket.net/
+
+This project is released under the GPL 3 license.
+
+=end
+module PacketFu
+
+class PcapHeader
+  # Reads a string to populate the object.
+  # Conversion from big to little shouldn't be that big of a deal.
+  def read(str)
+    force_binary(str)
+    return self if str.nil?
+    str.force_encoding(Encoding::BINARY) if str.respond_to? :force_encoding
+
+    # Handle little endian pcap
+    if str[0,4] == self[:magic].to_s
+      self[:magic].read str[0,4]
+      self[:ver_major].read str[4,2]
+      self[:ver_minor].read str[6,2]
+      self[:thiszone].read str[8,4]
+      self[:sigfigs].read str[12,4]
+      self[:snaplen].read str[16,4]
+      self[:network].read str[20,4]
+    # Handle big endian pcap
+    elsif str[0,4] == MAGIC_BIG.to_s
+      # Since PcapFile.read uses our endianess, set it to 'big' anyway.
+      self[:endian] = :big
+
+      self[:magic].read     str[0,4].reverse
+      self[:ver_major].read str[4,2].reverse
+      self[:ver_minor].read str[6,2].reverse
+      self[:thiszone].read  str[8,4].reverse
+      self[:sigfigs].read   str[12,4].reverse
+      self[:snaplen].read   str[16,4].reverse
+      self[:network].read   str[20,4].reverse
+    else
+      raise "Incorrect magic for libpcap"
+    end
+    self
+  end
+end
+
+end