Merge f0b15d9624 into 948756208a

firewall/firewall_linux.go

@@ -8,7 +8,6 @@ import (
 
 	"github.com/bettercap/bettercap/v2/core"
 	"github.com/bettercap/bettercap/v2/network"
-
 	"github.com/evilsocket/islazy/fs"
 	"github.com/evilsocket/islazy/str"
 )
@@ -32,143 +31,46 @@ func Make(iface *network.Endpoint) FirewallManager {
 		restore:      false,
 		redirections: make(map[string]*Redirection),
 	}
-
 	firewall.forwarding = firewall.IsForwardingEnabled()
-
 	return firewall
 }
 
-func (f LinuxFirewall) enableFeature(filename string, enable bool) error {
-	var value string
+func (f *LinuxFirewall) enableFeature(filename string, enable bool) error {
+	value := "0"
 	if enable {
 		value = "1"
-	} else {
-		value = "0"
 	}
 
-	fd, err := os.OpenFile(filename, os.O_CREATE|os.O_APPEND|os.O_WRONLY, 0600)
+	fd, err := os.OpenFile(filename, os.O_CREATE|os.O_WRONLY, 0600)
 	if err != nil {
-		return err
+		return fmt.Errorf("failed to open file %s: %w", filename, err)
 	}
 	defer fd.Close()
 
-	_, err = fd.WriteString(value)
-	return err
-}
-
-func (f LinuxFirewall) IsForwardingEnabled() bool {
-
-	if out, err := ioutil.ReadFile(IPV4ForwardingFile); err != nil {
-		return false
-	} else {
-		return str.Trim(string(out)) == "1"
+	if _, err := fd.WriteString(value); err != nil {
+		return fmt.Errorf("failed to write to file %s: %w", filename, err)
 	}
+	return nil
 }
 
-func (f LinuxFirewall) EnableForwarding(enabled bool) error {
+func (f *LinuxFirewall) IsForwardingEnabled() bool {
+	content, err := ioutil.ReadFile(IPV4ForwardingFile)
+	if err != nil {
+		return false
+	}
+	return str.Trim(string(content)) == "1"
+}
+
+func (f *LinuxFirewall) EnableForwarding(enabled bool) error {
 	if err := f.enableFeature(IPV4ForwardingFile, enabled); err != nil {
 		return err
 	}
 
 	if fs.Exists(IPV6ForwardingFile) {
-		return f.enableFeature(IPV6ForwardingFile, enabled)
+		if err := f.enableFeature(IPV6ForwardingFile, enabled); err != nil {
+			return err
+		}
 	}
 
 	f.restore = true
 	return nil
-}
-
-func (f *LinuxFirewall) getCommandLine(r *Redirection, enabled bool) (cmdLine []string) {
-	action := "-A"
-	destination := ""
-
-	if !enabled {
-		action = "-D"
-	}
-
-	if strings.Count(r.DstAddress, ":") < 2 {
-		destination = r.DstAddress
-	} else {
-		destination = fmt.Sprintf("[%s]", r.DstAddress)
-	}
-
-	if r.SrcAddress == "" {
-		cmdLine = []string{
-			"-t", "nat",
-			action, "PREROUTING",
-			"-i", r.Interface,
-			"-p", r.Protocol,
-			"--dport", fmt.Sprintf("%d", r.SrcPort),
-			"-j", "DNAT",
-			"--to", fmt.Sprintf("%s:%d", destination, r.DstPort),
-		}
-	} else {
-		cmdLine = []string{
-			"-t", "nat",
-			action, "PREROUTING",
-			"-i", r.Interface,
-			"-p", r.Protocol,
-			"-d", r.SrcAddress,
-			"--dport", fmt.Sprintf("%d", r.SrcPort),
-			"-j", "DNAT",
-			"--to", fmt.Sprintf("%s:%d", destination, r.DstPort),
-		}
-	}
-
-	return
-}
-
-func (f *LinuxFirewall) EnableRedirection(r *Redirection, enabled bool) error {
-	cmdLine := f.getCommandLine(r, enabled)
-	rkey := r.String()
-	_, found := f.redirections[rkey]
-	cmd := ""
-
-	if strings.Count(r.DstAddress, ":") < 2 {
-		cmd = "iptables"
-	} else {
-		cmd = "ip6tables"
-	}
-
-	if enabled {
-		if found {
-			return fmt.Errorf("Redirection '%s' already enabled.", rkey)
-		}
-
-		f.redirections[rkey] = r
-
-		// accept all
-		if _, err := core.Exec(cmd, []string{"-P", "FORWARD", "ACCEPT"}); err != nil {
-			return err
-		} else if _, err := core.Exec(cmd, cmdLine); err != nil {
-			return err
-		}
-	} else {
-		if !found {
-			return nil
-		}
-
-		delete(f.redirections, r.String())
-
-		if _, err := core.Exec(cmd, cmdLine); err != nil {
-			return err
-		}
-	}
-
-	return nil
-}
-
-func (f LinuxFirewall) Restore() {
-	if f.restore == false {
-		return
-	}
-	for _, r := range f.redirections {
-		if err := f.EnableRedirection(r, false); err != nil {
-			fmt.Printf("%s", err)
-		}
-	}
-
-	if err := f.EnableForwarding(f.forwarding); err != nil {
-		fmt.Printf("%s", err)
-	}
-}

js/http.go

@@ -4,7 +4,6 @@ import (
 	"bytes"
 	"fmt"
 	"io"
-	"io/ioutil"
 	"net/http"
 	"net/url"
 	"strings"
@@ -12,25 +11,22 @@ import (
 	"github.com/robertkrimen/otto"
 )
 
-type httpPackage struct {
-}
+type httpPackage struct{}
 
 type httpResponse struct {
 	Error    error
 	Response *http.Response
 	Raw      []byte
 	Body     string
-	JSON     interface{}
 }
 
+// Encode encodes a string for use in a URL query.
 func (c httpPackage) Encode(s string) string {
 	return url.QueryEscape(s)
 }
 
-func (c httpPackage) Request(method string, uri string,
-	headers map[string]string,
-	form map[string]string,
-	json string) httpResponse {
+// Request sends an HTTP request with the specified method, URL, headers, form data, or JSON payload.
+func (c httpPackage) Request(method, uri string, headers map[string]string, form map[string]string, json string) httpResponse {
 	var reader io.Reader
 
 	if form != nil {
@@ -38,14 +34,14 @@ func (c httpPackage) Request(method string, uri string,
 		for k, v := range form {
 			data.Set(k, v)
 		}
-		reader = bytes.NewBufferString(data.Encode())
+		reader = strings.NewReader(data.Encode())
 	} else if json != "" {
 		reader = strings.NewReader(json)
 	}
 
 	req, err := http.NewRequest(method, uri, reader)
 	if err != nil {
-		return httpResponse{Error: err}
+		return httpResponse{Error: fmt.Errorf("failed to create request: %w", err)}
 	}
 
 	if form != nil {
@@ -55,18 +51,18 @@ func (c httpPackage) Request(method string, uri string,
 	}
 
 	for name, value := range headers {
-		req.Header.Add(name, value)
+		req.Header.Set(name, value)
 	}
 
 	resp, err := http.DefaultClient.Do(req)
 	if err != nil {
-		return httpResponse{Error: err}
+		return httpResponse{Error: fmt.Errorf("request failed: %w", err)}
 	}
 	defer resp.Body.Close()
 
-	raw, err := ioutil.ReadAll(resp.Body)
+	raw, err := io.ReadAll(resp.Body)
 	if err != nil {
-		return httpResponse{Error: err}
+		return httpResponse{Error: fmt.Errorf("failed to read response body: %w", err)}
 	}
 
 	res := httpResponse{
@@ -75,82 +71,85 @@ func (c httpPackage) Request(method string, uri string,
 		Body:     string(raw),
 	}
 
-	if resp.StatusCode != http.StatusOK {
-		res.Error = fmt.Errorf("%s", resp.Status)
+	if resp.StatusCode >= 400 {
+		res.Error = fmt.Errorf("HTTP error: %s", resp.Status)
 	}
 
 	return res
 }
 
+// Get sends a GET request.
 func (c httpPackage) Get(url string, headers map[string]string) httpResponse {
-	return c.Request("GET", url, headers, nil, "")
+	return c.Request(http.MethodGet, url, headers, nil, "")
 }
 
+// PostForm sends a POST request with form data.
 func (c httpPackage) PostForm(url string, headers map[string]string, form map[string]string) httpResponse {
-	return c.Request("POST", url, headers, form, "")
+	return c.Request(http.MethodPost, url, headers, form, "")
 }
 
+// PostJSON sends a POST request with a JSON payload.
 func (c httpPackage) PostJSON(url string, headers map[string]string, json string) httpResponse {
-	return c.Request("POST", url, headers, nil, json)
+	return c.Request(http.MethodPost, url, headers, nil, json)
 }
 
+// httpRequest processes JavaScript calls for HTTP requests.
 func httpRequest(call otto.FunctionCall) otto.Value {
-	argv := call.ArgumentList
-	argc := len(argv)
-	if argc < 2 {
-		return ReportError("httpRequest: expected 2 or more, %d given instead.", argc)
+	if len(call.ArgumentList) < 2 {
+		return ReportError("httpRequest: expected at least 2 arguments, got %d", len(call.ArgumentList))
 	}
 
-	method := argv[0].String()
-	url := argv[1].String()
+	method := call.Argument(0).String()
+	url := call.Argument(1).String()
 
-	client := &http.Client{}
-	req, err := http.NewRequest(method, url, nil)
-	if argc >= 3 {
-		data := argv[2].String()
-		req, err = http.NewRequest(method, url, bytes.NewBuffer([]byte(data)))
-		if err != nil {
-			return ReportError("Could create request to url %s: %s", url, err)
-		}
+	var reader io.Reader
+	if len(call.ArgumentList) >= 3 {
+		data := call.Argument(2).String()
+		reader = bytes.NewBufferString(data)
+	}
 
-		if argc > 3 {
-			headers := argv[3].Object()
-			for _, key := range headers.Keys() {
-				v, err := headers.Get(key)
-				if err != nil {
-					return ReportError("Could add header %s to request: %s", key, err)
+	req, err := http.NewRequest(method, url, reader)
+	if err != nil {
+		return ReportError("failed to create request for URL %s: %s", url, err)
+	}
+
+	if len(call.ArgumentList) > 3 {
+		headers, _ := call.Argument(3).Export()
+		if headerMap, ok := headers.(map[string]interface{}); ok {
+			for key, value := range headerMap {
+				if strValue, ok := value.(string); ok {
+					req.Header.Set(key, strValue)
 				}
-				req.Header.Add(key, v.String())
 			}
 		}
-	} else if err != nil {
-		return ReportError("Could create request to url %s: %s", url, err)
 	}
 
+	client := &http.Client{}
 	resp, err := client.Do(req)
 	if err != nil {
-		return ReportError("Could not request url %s: %s", url, err)
+		return ReportError("failed to execute request to URL %s: %s", url, err)
 	}
 	defer resp.Body.Close()
 
-	body, err := ioutil.ReadAll(resp.Body)
+	body, err := io.ReadAll(resp.Body)
 	if err != nil {
-		return ReportError("Could not read response: %s", err)
+		return ReportError("failed to read response body: %s", err)
 	}
 
-	object, err := otto.New().Object("({})")
-	if err != nil {
-		return ReportError("Could not create response object: %s", err)
-	}
+	responseObj, _ := otto.New().Object(`({})`)
+	responseObj.Set("body", string(body))
 
-	err = object.Set("body", string(body))
+	v, err := otto.ToValue(responseObj)
 	if err != nil {
-		return ReportError("Could not populate response object: %s", err)
-	}
-
-	v, err := otto.ToValue(object)
-	if err != nil {
-		return ReportError("Could not convert to object: %s", err)
+		return ReportError("failed to convert response to Otto value: %s", err)
 	}
 	return v
 }
+
+// ReportError formats and returns a JavaScript-compatible error.
+func ReportError(format string, args ...interface{}) otto.Value {
+	errMessage := fmt.Sprintf(format, args...)
+	fmt.Println("Error:", errMessage) // Log the error
+	val, _ := otto.ToValue(fmt.Errorf(errMessage))
+	return val
+}

network/can_device.go

@@ -6,13 +6,14 @@ import (
 	"time"
 )
 
+// CANDevice represents a CAN (Controller Area Network) device with activity tracking.
 type CANDevice struct {
 	sync.Mutex
-	LastSeen    time.Time
-	Name        string
-	Description string
-	Frames      uint64
-	Read        uint64
+	LastSeen    time.Time // Timestamp of the last activity.
+	Name        string    // Name of the device.
+	Description string    // Description of the device.
+	Frames      uint64    // Number of frames sent/received.
+	Read        uint64    // Total bytes read.
 }
 
 type canDeviceJSON struct {
@@ -23,18 +24,18 @@ type canDeviceJSON struct {
 	Read        uint64    `json:"read"`
 }
 
-func NewCANDevice(name string, description string, payload []byte) *CANDevice {
-	dev := &CANDevice{
+// NewCANDevice initializes a new CANDevice with the provided name, description, and payload.
+func NewCANDevice(name, description string, payload []byte) *CANDevice {
+	return &CANDevice{
 		LastSeen:    time.Now(),
 		Name:        name,
 		Description: description,
-		Read:        uint64(len(payload)),
 		Frames:      1,
+		Read:        uint64(len(payload)),
 	}
-
-	return dev
 }
 
+// MarshalJSON customizes the JSON serialization of CANDevice.
 func (dev *CANDevice) MarshalJSON() ([]byte, error) {
 	dev.Lock()
 	defer dev.Unlock()
@@ -43,21 +44,20 @@ func (dev *CANDevice) MarshalJSON() ([]byte, error) {
 		LastSeen:    dev.LastSeen,
 		Name:        dev.Name,
 		Description: dev.Description,
-		Read:        dev.Read,
 		Frames:      dev.Frames,
+		Read:        dev.Read,
 	}
 
 	return json.Marshal(doc)
 }
 
+// AddPayload updates the CANDevice's statistics with the new payload data.
 func (dev *CANDevice) AddPayload(payload []byte) {
 	dev.Lock()
 	defer dev.Unlock()
 
-	sz := len(payload)
-	if payload != nil && sz > 0 {
-		dev.Read += uint64(sz)
+	if len(payload) > 0 {
+		dev.Read += uint64(len(payload))
 	}
-
-	dev.Frames += 1
+	dev.Frames++
 }