github/bettercap
1
0
Fork 0
mirror of https://github.com/bettercap/bettercap synced 2025-08-19 04:59:25 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 7

new: new arp.spoof.skip_restore option (fixes #874)

Browse source
This commit is contained in:
Simone Margaritelli 2021-05-11 12:20:10 +02:00
commit 4fc84f2907
1 changed files with 39 additions and 18 deletions
Download patch file Download diff file Expand all files Collapse all files

57
modules/arp_spoof/arp_spoof.go
View file

@ -3,6 +3,7 @@ package arp_spoof
import ( import (
"bytes" "bytes"
"net" "net"
"strings"
"sync" "sync"
"time" "time"
@ -15,14 +16,15 @@ import (
type ArpSpoofer struct { type ArpSpoofer struct {
session.SessionModule session.SessionModule
addresses []net.IP addresses []net.IP
macs []net.HardwareAddr macs []net.HardwareAddr
wAddresses []net.IP wAddresses []net.IP
wMacs []net.HardwareAddr wMacs []net.HardwareAddr
fullDuplex bool fullDuplex bool
internal bool internal bool
ban bool ban bool
waitGroup *sync.WaitGroup skipRestore bool
waitGroup *sync.WaitGroup
} }
func NewArpSpoofer(s *session.Session) *ArpSpoofer { func NewArpSpoofer(s *session.Session) *ArpSpoofer {
@ -35,6 +37,7 @@ func NewArpSpoofer(s *session.Session) *ArpSpoofer {
ban: false, ban: false,
internal: false, internal: false,
fullDuplex: false, fullDuplex: false,
skipRestore: false,
waitGroup: &sync.WaitGroup{}, waitGroup: &sync.WaitGroup{},
} }
@ -52,6 +55,20 @@ func NewArpSpoofer(s *session.Session) *ArpSpoofer {
"false", "false",
"If true, both the targets and the gateway will be attacked, otherwise only the target (if the router has ARP spoofing protections in place this will make the attack fail).")) "If true, both the targets and the gateway will be attacked, otherwise only the target (if the router has ARP spoofing protections in place this will make the attack fail)."))
noRestore := session.NewBoolParameter("arp.spoof.skip_restore",
"false",
"If set to true, targets arp cache won't be restored when spoofing is stopped.")
mod.AddObservableParam(noRestore, func(v string) {
if strings.ToLower(v) == "true" || v == "1" {
mod.skipRestore = true
mod.Warning("arp cache restoration after spoofing disabled")
} else {
mod.skipRestore = false
mod.Info("arp cache restoration after spoofing enabled")
}
})
mod.AddHandler(session.NewModuleHandler("arp.spoof on", "", mod.AddHandler(session.NewModuleHandler("arp.spoof on", "",
"Start ARP spoofer.", "Start ARP spoofer.",
func(args []string) error { func(args []string) error {
@ -171,20 +188,24 @@ func (mod *ArpSpoofer) Start() error {
} }
func (mod *ArpSpoofer) unSpoof() error { func (mod *ArpSpoofer) unSpoof() error {
nTargets := len(mod.addresses) + len(mod.macs) if !mod.skipRestore {
mod.Info("restoring ARP cache of %d targets.", nTargets) nTargets := len(mod.addresses) + len(mod.macs)
mod.arpSpoofTargets(mod.Session.Gateway.IP, mod.Session.Gateway.HW, false, false) mod.Info("restoring ARP cache of %d targets.", nTargets)
mod.arpSpoofTargets(mod.Session.Gateway.IP, mod.Session.Gateway.HW, false, false)
if mod.internal { if mod.internal {
list, _ := iprange.ParseList(mod.Session.Interface.CIDR()) list, _ := iprange.ParseList(mod.Session.Interface.CIDR())
neighbours := list.Expand() neighbours := list.Expand()
for _, address := range neighbours { for _, address := range neighbours {
if !mod.Session.Skip(address) { if !mod.Session.Skip(address) {
if realMAC, err := mod.Session.FindMAC(address, false); err == nil { if realMAC, err := mod.Session.FindMAC(address, false); err == nil {
mod.arpSpoofTargets(address, realMAC, false, false) mod.arpSpoofTargets(address, realMAC, false, false)
}
} }
} }
} }
} else {
mod.Warning("arp cache restoration is disabled")
} }
return nil return nil