xettercap 1.5.7xerob
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/bin/xettercap +61 -0
- data/lib/bettercap/banner +2 -0
- data/lib/bettercap/context.rb +259 -0
- data/lib/bettercap/discovery/agents/arp.rb +37 -0
- data/lib/bettercap/discovery/agents/base.rb +73 -0
- data/lib/bettercap/discovery/agents/icmp.rb +44 -0
- data/lib/bettercap/discovery/agents/udp.rb +30 -0
- data/lib/bettercap/discovery/thread.rb +128 -0
- data/lib/bettercap/error.rb +16 -0
- data/lib/bettercap/firewalls/base.rb +103 -0
- data/lib/bettercap/firewalls/bsd.rb +74 -0
- data/lib/bettercap/firewalls/linux.rb +65 -0
- data/lib/bettercap/firewalls/redirection.rb +42 -0
- data/lib/bettercap/loader.rb +27 -0
- data/lib/bettercap/logger.rb +131 -0
- data/lib/bettercap/memory.rb +56 -0
- data/lib/bettercap/monkey/celluloid/actor.rb +23 -0
- data/lib/bettercap/monkey/celluloid/io/udp_socket.rb +26 -0
- data/lib/bettercap/monkey/em-proxy/proxy.rb +23 -0
- data/lib/bettercap/monkey/openssl/server.rb +35 -0
- data/lib/bettercap/monkey/packetfu/pcap.rb +51 -0
- data/lib/bettercap/monkey/packetfu/utils.rb +210 -0
- data/lib/bettercap/monkey/system.rb +25 -0
- data/lib/bettercap/network/arp_reader.rb +91 -0
- data/lib/bettercap/network/hw-prefixes +21326 -0
- data/lib/bettercap/network/network.rb +102 -0
- data/lib/bettercap/network/packet_queue.rb +129 -0
- data/lib/bettercap/network/protos/base.rb +154 -0
- data/lib/bettercap/network/protos/dhcp.rb +227 -0
- data/lib/bettercap/network/protos/mysql.rb +40 -0
- data/lib/bettercap/network/protos/ntlm.rb +97 -0
- data/lib/bettercap/network/protos/snmp.rb +49 -0
- data/lib/bettercap/network/protos/teamviewer.rb +119 -0
- data/lib/bettercap/network/servers/dnsd.rb +152 -0
- data/lib/bettercap/network/servers/httpd.rb +55 -0
- data/lib/bettercap/network/services +2182 -0
- data/lib/bettercap/network/target.rb +168 -0
- data/lib/bettercap/network/validator.rb +96 -0
- data/lib/bettercap/options/core_options.rb +197 -0
- data/lib/bettercap/options/options.rb +165 -0
- data/lib/bettercap/options/proxy_options.rb +314 -0
- data/lib/bettercap/options/server_options.rb +73 -0
- data/lib/bettercap/options/sniff_options.rb +90 -0
- data/lib/bettercap/options/spoof_options.rb +71 -0
- data/lib/bettercap/pluggable.rb +37 -0
- data/lib/bettercap/proxy/http/module.rb +105 -0
- data/lib/bettercap/proxy/http/modules/injectcss.rb +79 -0
- data/lib/bettercap/proxy/http/modules/injecthtml.rb +80 -0
- data/lib/bettercap/proxy/http/modules/injectjs.rb +79 -0
- data/lib/bettercap/proxy/http/proxy.rb +184 -0
- data/lib/bettercap/proxy/http/request.rb +192 -0
- data/lib/bettercap/proxy/http/response.rb +226 -0
- data/lib/bettercap/proxy/http/ssl/authority.rb +182 -0
- data/lib/bettercap/proxy/http/ssl/bettercap-ca.pem +49 -0
- data/lib/bettercap/proxy/http/ssl/server.rb +63 -0
- data/lib/bettercap/proxy/http/sslstrip/cookiemonitor.rb +67 -0
- data/lib/bettercap/proxy/http/sslstrip/lock.ico +0 -0
- data/lib/bettercap/proxy/http/sslstrip/strip.rb +325 -0
- data/lib/bettercap/proxy/http/streamer.rb +225 -0
- data/lib/bettercap/proxy/stream_logger.rb +181 -0
- data/lib/bettercap/proxy/tcp/module.rb +75 -0
- data/lib/bettercap/proxy/tcp/proxy.rb +123 -0
- data/lib/bettercap/proxy/thread_pool.rb +194 -0
- data/lib/bettercap/shell.rb +70 -0
- data/lib/bettercap/sniffer/parsers/base.rb +87 -0
- data/lib/bettercap/sniffer/parsers/cookie.rb +45 -0
- data/lib/bettercap/sniffer/parsers/creditcard.rb +62 -0
- data/lib/bettercap/sniffer/parsers/custom.rb +26 -0
- data/lib/bettercap/sniffer/parsers/dhcp.rb +45 -0
- data/lib/bettercap/sniffer/parsers/dict.rb +37 -0
- data/lib/bettercap/sniffer/parsers/ftp.rb +24 -0
- data/lib/bettercap/sniffer/parsers/httpauth.rb +44 -0
- data/lib/bettercap/sniffer/parsers/https.rb +42 -0
- data/lib/bettercap/sniffer/parsers/irc.rb +24 -0
- data/lib/bettercap/sniffer/parsers/mail.rb +24 -0
- data/lib/bettercap/sniffer/parsers/mpd.rb +36 -0
- data/lib/bettercap/sniffer/parsers/mysql.rb +27 -0
- data/lib/bettercap/sniffer/parsers/nntp.rb +24 -0
- data/lib/bettercap/sniffer/parsers/ntlmss.rb +34 -0
- data/lib/bettercap/sniffer/parsers/pgsql.rb +36 -0
- data/lib/bettercap/sniffer/parsers/post.rb +33 -0
- data/lib/bettercap/sniffer/parsers/redis.rb +39 -0
- data/lib/bettercap/sniffer/parsers/rlogin.rb +45 -0
- data/lib/bettercap/sniffer/parsers/snmp.rb +44 -0
- data/lib/bettercap/sniffer/parsers/snpp.rb +37 -0
- data/lib/bettercap/sniffer/parsers/teamviewer.rb +30 -0
- data/lib/bettercap/sniffer/parsers/url.rb +30 -0
- data/lib/bettercap/sniffer/parsers/whatsapp.rb +33 -0
- data/lib/bettercap/sniffer/sniffer.rb +142 -0
- data/lib/bettercap/spoofers/arp.rb +150 -0
- data/lib/bettercap/spoofers/base.rb +152 -0
- data/lib/bettercap/spoofers/icmp.rb +202 -0
- data/lib/bettercap/spoofers/none.rb +57 -0
- data/lib/bettercap/update_checker.rb +57 -0
- data/lib/bettercap/version.rb +18 -0
- data/lib/bettercap.rb +70 -0
- metadata +276 -0
@@ -0,0 +1,210 @@
|
|
1
|
+
# encoding: UTF-8
|
2
|
+
=begin
|
3
|
+
|
4
|
+
BETTERCAP
|
5
|
+
|
6
|
+
Author : Simone 'evilsocket' Margaritelli
|
7
|
+
Email : evilsocket@gmail.com
|
8
|
+
Blog : http://www.evilsocket.net/
|
9
|
+
|
10
|
+
This project is released under the GPL 3 license.
|
11
|
+
|
12
|
+
=end
|
13
|
+
|
14
|
+
# PacketFu::Utils.ifconfig is broken under OS X, it does
|
15
|
+
# not correctly parse the netmask field due to a wrong
|
16
|
+
# regular expression.
|
17
|
+
#
|
18
|
+
# ORIGINAL: https://github.com/packetfu/packetfu/blob/master/lib/packetfu/utils.rb#L204
|
19
|
+
module PacketFu
|
20
|
+
class Packet
|
21
|
+
def eth2s(which = :src)
|
22
|
+
case which
|
23
|
+
when :src
|
24
|
+
self.eth_src.bytes.map(&(Proc.new {|x| sprintf('%02X',x) })).join(':')
|
25
|
+
when :dst
|
26
|
+
self.eth_dst.bytes.map(&(Proc.new {|x| sprintf('%02X',x) })).join(':')
|
27
|
+
end
|
28
|
+
end
|
29
|
+
end
|
30
|
+
|
31
|
+
class Utils
|
32
|
+
def self.ifconfig(iface='eth0')
|
33
|
+
ret = {}
|
34
|
+
|
35
|
+
BetterCap::Logger.debug "ifconfig #{iface}"
|
36
|
+
|
37
|
+
if BetterCap::Shell.available?('ifconfig')
|
38
|
+
BetterCap::Logger.debug "Using ifconfig"
|
39
|
+
|
40
|
+
data = BetterCap::Shell.ifconfig(iface)
|
41
|
+
if data =~ /#{iface}/i
|
42
|
+
data = data.split(/[\s]*\n[\s]*/)
|
43
|
+
else
|
44
|
+
raise ArgumentError, "Cannot ifconfig #{iface}"
|
45
|
+
end
|
46
|
+
|
47
|
+
case RUBY_PLATFORM
|
48
|
+
when /linux/i
|
49
|
+
ret = linux_ifconfig iface, data
|
50
|
+
when /darwin/i
|
51
|
+
ret = darwin_ifconfig iface, data
|
52
|
+
when /.+bsd/i
|
53
|
+
ret = openbsd_ifconfig iface, data
|
54
|
+
end
|
55
|
+
elsif BetterCap::Shell.available?('ip')
|
56
|
+
BetterCap::Logger.debug "Using iproute2"
|
57
|
+
|
58
|
+
data = BetterCap::Shell.ip(iface)
|
59
|
+
ret = linux_ip iface, data
|
60
|
+
else
|
61
|
+
raise BetterCap::Error, 'Unsupported operating system'
|
62
|
+
end
|
63
|
+
|
64
|
+
ret
|
65
|
+
end
|
66
|
+
|
67
|
+
private
|
68
|
+
|
69
|
+
def self.linux_ip(iface='eth0',data)
|
70
|
+
BetterCap::Logger.debug "Linux ip #{iface}:\n#{data}"
|
71
|
+
|
72
|
+
ret = {
|
73
|
+
:iface => iface,
|
74
|
+
:eth_saddr => nil,
|
75
|
+
:eth_src => nil,
|
76
|
+
:ip_saddr => nil,
|
77
|
+
:ip_src => nil,
|
78
|
+
:ip4_obj => nil
|
79
|
+
}
|
80
|
+
|
81
|
+
lines = data.split("\n").map(&:strip)
|
82
|
+
|
83
|
+
# search for interface
|
84
|
+
lines.each_with_index do |line,i|
|
85
|
+
if line =~ /\d+:\s+#{iface}:.+/i
|
86
|
+
# start parsing this block
|
87
|
+
lines[i..lines.size].each do |line|
|
88
|
+
case line
|
89
|
+
when /^.+([0-9a-f:]{17})\s+.+[0-9a-f:]{17}$/i
|
90
|
+
ret[:eth_saddr] = $1.downcase
|
91
|
+
ret[:eth_src] = EthHeader.mac2str(ret[:eth_saddr])
|
92
|
+
when /^inet\s+([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)\/(\d+)\s.+([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)\s.+$/i
|
93
|
+
addr = $1
|
94
|
+
bits = $2
|
95
|
+
|
96
|
+
ret[:ip_saddr] = addr
|
97
|
+
ret[:ip_src] = [IPAddr.new(addr).to_i].pack('N')
|
98
|
+
ret[:ip4_obj] = IPAddr.new(addr)
|
99
|
+
ret[:ip4_obj] = ret[:ip4_obj].mask(bits) if bits
|
100
|
+
end
|
101
|
+
end
|
102
|
+
break
|
103
|
+
end
|
104
|
+
end
|
105
|
+
|
106
|
+
ret
|
107
|
+
end
|
108
|
+
|
109
|
+
def self.linux_ifconfig(iface='eth0',ifconfig_data)
|
110
|
+
BetterCap::Logger.debug "Linux ifconfig #{iface}:\n#{ifconfig_data}"
|
111
|
+
|
112
|
+
ret = {}
|
113
|
+
real_iface = ifconfig_data.first
|
114
|
+
ret[:iface] = real_iface.split.first.downcase.gsub(':','')
|
115
|
+
|
116
|
+
if real_iface =~ /[\s]HWaddr[\s]+([0-9a-fA-F:]{17})/i
|
117
|
+
ret[:eth_saddr] = $1.downcase
|
118
|
+
ret[:eth_src] = EthHeader.mac2str(ret[:eth_saddr])
|
119
|
+
end
|
120
|
+
|
121
|
+
ifconfig_data.each do |s|
|
122
|
+
case s
|
123
|
+
when /inet [a-z]+:[\s]*([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)(.*[a-z]+:([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+))?/i
|
124
|
+
ret[:ip_saddr] = $1
|
125
|
+
ret[:ip_src] = [IPAddr.new($1).to_i].pack('N')
|
126
|
+
ret[:ip4_obj] = IPAddr.new($1)
|
127
|
+
ret[:ip4_obj] = ret[:ip4_obj].mask($3) if $3
|
128
|
+
when /inet[\s]+([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)(.*Mask[\s]+([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+))?/i
|
129
|
+
ret[:ip_saddr] = $1
|
130
|
+
ret[:ip_src] = [IPAddr.new($1).to_i].pack('N')
|
131
|
+
ret[:ip4_obj] = IPAddr.new($1)
|
132
|
+
ret[:ip4_obj] = ret[:ip4_obj].mask($3) if $3
|
133
|
+
when /inet6 [a-z]+:[\s]*([0-9a-fA-F:\x2f]+)/
|
134
|
+
begin
|
135
|
+
ret[:ip6_saddr] = $1
|
136
|
+
ret[:ip6_obj] = IPAddr.new($1)
|
137
|
+
rescue; end
|
138
|
+
when /ether[\s]+([0-9a-fA-F:]{17})/i
|
139
|
+
ret[:eth_saddr] = $1.downcase
|
140
|
+
ret[:eth_src] = EthHeader.mac2str(ret[:eth_saddr])
|
141
|
+
end
|
142
|
+
end
|
143
|
+
|
144
|
+
ret
|
145
|
+
end
|
146
|
+
|
147
|
+
def self.darwin_ifconfig(iface='eth0',ifconfig_data)
|
148
|
+
BetterCap::Logger.debug "OSX ifconfig #{iface}:\n#{ifconfig_data}"
|
149
|
+
|
150
|
+
ret = {}
|
151
|
+
real_iface = ifconfig_data.first
|
152
|
+
ret[:iface] = real_iface.split(':')[0]
|
153
|
+
|
154
|
+
ifconfig_data.each do |s|
|
155
|
+
case s
|
156
|
+
when /ether[\s]([0-9a-fA-F:]{17})/i
|
157
|
+
ret[:eth_saddr] = $1
|
158
|
+
ret[:eth_src] = EthHeader.mac2str(ret[:eth_saddr])
|
159
|
+
when /inet[\s]*([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)(.*Mask[\s]+(0x[a-f0-9]+))?/i
|
160
|
+
imask = 0
|
161
|
+
if $3
|
162
|
+
imask = $3.to_i(16).to_s(2).count("1")
|
163
|
+
end
|
164
|
+
|
165
|
+
ret[:ip_saddr] = $1
|
166
|
+
ret[:ip_src] = [IPAddr.new($1).to_i].pack("N")
|
167
|
+
ret[:ip4_obj] = IPAddr.new($1)
|
168
|
+
ret[:ip4_obj] = ret[:ip4_obj].mask(imask) if imask
|
169
|
+
when /inet6[\s]*([0-9a-fA-F:\x2f]+)/
|
170
|
+
ret[:ip6_saddr] = $1
|
171
|
+
ret[:ip6_obj] = IPAddr.new($1)
|
172
|
+
end
|
173
|
+
end
|
174
|
+
|
175
|
+
ret
|
176
|
+
end
|
177
|
+
|
178
|
+
def self.openbsd_ifconfig(iface='em0',ifconfig_data)
|
179
|
+
BetterCap::Logger.debug "OpenBSD ifconfig #{iface}:\n#{ifconfig_data}"
|
180
|
+
|
181
|
+
ret = {}
|
182
|
+
real_iface = ifconfig_data.first
|
183
|
+
ret[:iface] = real_iface.split(':')[0]
|
184
|
+
|
185
|
+
ifconfig_data.each do |s|
|
186
|
+
case s
|
187
|
+
when /lladdr[\s]([0-9a-fA-F:]{17})/i
|
188
|
+
ret[:eth_saddr] = $1
|
189
|
+
ret[:eth_src] = EthHeader.mac2str(ret[:eth_saddr])
|
190
|
+
when /inet[\s]*([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)(.*Mask[\s]+(0x[a-f0-9]+))?/i
|
191
|
+
imask = 0
|
192
|
+
if $3
|
193
|
+
imask = $3.to_i(16).to_s(2).count("1")
|
194
|
+
end
|
195
|
+
|
196
|
+
ret[:ip_saddr] = $1
|
197
|
+
ret[:ip_src] = [IPAddr.new($1).to_i].pack("N")
|
198
|
+
ret[:ip4_obj] = IPAddr.new($1)
|
199
|
+
ret[:ip4_obj] = ret[:ip4_obj].mask(imask) if imask
|
200
|
+
when /inet6[\s]*([0-9a-fA-F:\x2f]+)/
|
201
|
+
ret[:ip6_saddr] = $1
|
202
|
+
ret[:ip6_obj] = IPAddr.new($1)
|
203
|
+
end
|
204
|
+
end
|
205
|
+
|
206
|
+
ret
|
207
|
+
end
|
208
|
+
|
209
|
+
end
|
210
|
+
end
|
@@ -0,0 +1,25 @@
|
|
1
|
+
# encoding: UTF-8
|
2
|
+
=begin
|
3
|
+
|
4
|
+
BETTERCAP
|
5
|
+
|
6
|
+
Author : Simone 'evilsocket' Margaritelli
|
7
|
+
Email : evilsocket@gmail.com
|
8
|
+
Blog : http://www.evilsocket.net/
|
9
|
+
|
10
|
+
This project is released under the GPL 3 license.
|
11
|
+
|
12
|
+
=end
|
13
|
+
|
14
|
+
# http://stackoverflow.com/questions/891537/detect-number-of-cpus-installed
|
15
|
+
module System
|
16
|
+
extend self
|
17
|
+
def cpu_count
|
18
|
+
return Java::Java.lang.Runtime.getRuntime.availableProcessors if defined? Java::Java
|
19
|
+
return File.read('/proc/cpuinfo').scan(/^processor\s*:/).size if File.exist? '/proc/cpuinfo'
|
20
|
+
require 'win32ole'
|
21
|
+
WIN32OLE.connect("winmgmts://").ExecQuery("select * from Win32_ComputerSystem").NumberOfProcessors
|
22
|
+
rescue LoadError
|
23
|
+
Integer `sysctl -n hw.ncpu 2>/dev/null` rescue 4
|
24
|
+
end
|
25
|
+
end
|
@@ -0,0 +1,91 @@
|
|
1
|
+
# encoding: UTF-8
|
2
|
+
=begin
|
3
|
+
|
4
|
+
BETTERCAP
|
5
|
+
|
6
|
+
Author : Simone 'evilsocket' Margaritelli
|
7
|
+
Email : evilsocket@gmail.com
|
8
|
+
Blog : http://www.evilsocket.net/
|
9
|
+
|
10
|
+
This project is released under the GPL 3 license.
|
11
|
+
|
12
|
+
=end
|
13
|
+
|
14
|
+
module BetterCap
|
15
|
+
module Network
|
16
|
+
# This class is responsible for reading the computer ARP table.
|
17
|
+
class ArpReader
|
18
|
+
# Parse the current ARP cache and return a list of BetterCap::Target
|
19
|
+
# objects which are found inside it, using the +ctx+ BetterCap::Context
|
20
|
+
# instance.
|
21
|
+
def self.parse( ctx )
|
22
|
+
targets = []
|
23
|
+
self.parse_cache do |ip,mac|
|
24
|
+
if ip != ctx.gateway.ip and ip != ctx.iface.ip
|
25
|
+
if ctx.options.core.ignore_ip?(ip)
|
26
|
+
Logger.debug "Ignoring #{ip} ..."
|
27
|
+
else
|
28
|
+
# reuse Target object if it's already a known address
|
29
|
+
known = ctx.find_target ip, mac
|
30
|
+
if known.nil?
|
31
|
+
targets << Target.new( ip, mac )
|
32
|
+
else
|
33
|
+
targets << known
|
34
|
+
end
|
35
|
+
end
|
36
|
+
end
|
37
|
+
end
|
38
|
+
targets
|
39
|
+
end
|
40
|
+
|
41
|
+
# Parse the ARP cache searching for the given IP +address+ and return its
|
42
|
+
# MAC if found, otherwise nil.
|
43
|
+
def self.find_address( address )
|
44
|
+
self.parse_cache do |ip,mac|
|
45
|
+
if ip == address
|
46
|
+
return mac
|
47
|
+
end
|
48
|
+
end
|
49
|
+
nil
|
50
|
+
end
|
51
|
+
|
52
|
+
# Parse the ARP cache searching for the given MAC +address+ and return its
|
53
|
+
# IP if found, otherwise nil.
|
54
|
+
def self.find_mac( address )
|
55
|
+
self.parse_cache do |ip,mac|
|
56
|
+
if mac == address
|
57
|
+
return ip
|
58
|
+
end
|
59
|
+
end
|
60
|
+
nil
|
61
|
+
end
|
62
|
+
|
63
|
+
private
|
64
|
+
|
65
|
+
# Read the computer ARP cache and parse each line, it will yield each
|
66
|
+
# ip and mac address it will be able to extract.
|
67
|
+
def self.parse_cache
|
68
|
+
iface = Context.get.iface.name
|
69
|
+
Shell.arp.split("\n").each do |line|
|
70
|
+
m = self.parse_cache_line(iface,line)
|
71
|
+
unless m.nil?
|
72
|
+
ip = m[1]
|
73
|
+
hw = Target.normalized_mac( m[2] )
|
74
|
+
if hw != 'FF:FF:FF:FF:FF:FF'
|
75
|
+
yield( ip, hw )
|
76
|
+
end
|
77
|
+
end
|
78
|
+
end
|
79
|
+
end
|
80
|
+
|
81
|
+
# Parse a single ARP cache +line+ related to the +iface+ network interface.
|
82
|
+
def self.parse_cache_line( iface, line )
|
83
|
+
if RUBY_PLATFORM =~ /openbsd/i
|
84
|
+
/([0-9\.]+)\s+([a-f0-9:]+)\s+#{iface}\s+.*/i.match(line)
|
85
|
+
else
|
86
|
+
/[^\s]+\s+\(([0-9\.]+)\)\s+at\s+([a-f0-9:]+).+#{iface}.*/i.match(line)
|
87
|
+
end
|
88
|
+
end
|
89
|
+
end
|
90
|
+
end
|
91
|
+
end
|