Merge branch 'master' into wifi.flood

2025-08-14 10:46:57 -07:00 · 2018-03-19 12:54:29 +01:00 · 2018-03-19 12:54:29 +01:00 · 8444a783a1
commit 8444a783a1
parent 9e174e2e93 02da4a0cbd
19 changed files with 279 additions and 82 deletions
--- a/modules/arp_spoof.go
+++ b/modules/arp_spoof.go
@ -153,12 +153,11 @@ func (p *ArpSpoofer) parseTargets(targets string) (err error) {
 		targets = strings.Replace(targets, mac, "", -1)
 	}

-	targets = strings.TrimLeft(targets, ", ")
-	targets = strings.TrimRight(targets, ", ")
+	targets = strings.Trim(targets, ", ")

 	log.Debug("Parsing IP range %s", targets)
 	if len(p.macs) == 0 || targets != "" {
-		list, err := iprange.Parse(targets)
+		list, err := iprange.ParseList(targets)
 		if err != nil {
 			return fmt.Errorf("Error while parsing arp.spoof.targets variable '%s': %s.", targets, err)
 		}
--- a/modules/base_proxy_script.go
+++ b/modules/base_proxy_script.go
@ -1,6 +1,7 @@
 package modules

 import (
+	"encoding/base64"
 	"io/ioutil"
 	"sync"

@ -109,6 +110,69 @@ func (s *ProxyScript) defineBuiltins() error {
 		return otto.Value{}
 	})

+	// log debug
+	s.VM.Set("log_debug", func(call otto.FunctionCall) otto.Value {
+		for _, v := range call.ArgumentList {
+			log.Debug("%s", v.String())
+		}
+		return otto.Value{}
+	})
+
+	// log info
+	s.VM.Set("log_info", func(call otto.FunctionCall) otto.Value {
+		for _, v := range call.ArgumentList {
+			log.Info("%s", v.String())
+		}
+		return otto.Value{}
+	})
+
+	// log warning
+	s.VM.Set("log_warn", func(call otto.FunctionCall) otto.Value {
+		for _, v := range call.ArgumentList {
+			log.Warning("%s", v.String())
+		}
+		return otto.Value{}
+	})
+
+	// log error
+	s.VM.Set("log_error", func(call otto.FunctionCall) otto.Value {
+		for _, v := range call.ArgumentList {
+			log.Error("%s", v.String())
+		}
+		return otto.Value{}
+	})
+
+	// log fatal
+	s.VM.Set("log_fatal", func(call otto.FunctionCall) otto.Value {
+		for _, v := range call.ArgumentList {
+			log.Fatal("%s", v.String())
+		}
+		return otto.Value{}
+	})
+
+	// javascript btoa function
+	s.VM.Set("btoa", func(call otto.FunctionCall) otto.Value {
+		varValue := base64.StdEncoding.EncodeToString([]byte(call.Argument(0).String()))
+		v, err := s.VM.ToValue(varValue)
+		if err != nil {
+			return errOtto("Could not convert to string: %s", varValue)
+		}
+		return v
+	})
+
+	// javascript atob function
+	s.VM.Set("atob", func(call otto.FunctionCall) otto.Value {
+		varValue, err := base64.StdEncoding.DecodeString(call.Argument(0).String())
+		if err != nil {
+			return errOtto("Could not decode string: %s", call.Argument(0).String())
+		}
+		v, err := s.VM.ToValue(string(varValue))
+		if err != nil {
+			return errOtto("Could not convert to string: %s", varValue)
+		}
+		return v
+	})
+
 	// read or write environment variable
 	s.VM.Set("env", func(call otto.FunctionCall) otto.Value {
 		argv := call.ArgumentList
--- a/modules/events_view.go
+++ b/modules/events_view.go
@ -10,6 +10,8 @@ import (
 	"github.com/bettercap/bettercap/core"
 	"github.com/bettercap/bettercap/network"
 	"github.com/bettercap/bettercap/session"
+
+	"github.com/google/go-github/github"
 )

 const eventTimeFormat = "15:04:05"
@ -23,7 +25,6 @@ func (s *EventsStream) viewLogEvent(e session.Event) {
 }

 func (s *EventsStream) viewWiFiEvent(e session.Event) {
-
 	if strings.HasPrefix(e.Tag, "wifi.ap.") {
 		ap := e.Data.(*network.AccessPoint)
 		vend := ""
@ -167,6 +168,16 @@ func (s *EventsStream) viewSynScanEvent(e session.Event) {
 		core.Bold(se.Address))
 }

+func (s *EventsStream) viewUpdateEvent(e session.Event) {
+	update := e.Data.(*github.RepositoryRelease)
+
+	fmt.Fprintf(s.output, "[%s] [%s] An update to version %s is available at %s\n",
+		e.Time.Format(eventTimeFormat),
+		core.Bold(core.Yellow(e.Tag)),
+		core.Bold(*update.TagName),
+		*update.HTMLURL)
+}
+
 func (s *EventsStream) View(e session.Event, refresh bool) {
 	if e.Tag == "sys.log" {
 		s.viewLogEvent(e)
@ -180,8 +191,10 @@ func (s *EventsStream) View(e session.Event, refresh bool) {
 		s.viewModuleEvent(e)
 	} else if strings.HasPrefix(e.Tag, "net.sniff.") {
 		s.viewSnifferEvent(e)
-	} else if strings.HasPrefix(e.Tag, "syn.scan.") {
+	} else if e.Tag == "syn.scan" {
 		s.viewSynScanEvent(e)
+	} else if e.Tag == "update.available" {
+		s.viewUpdateEvent(e)
 	} else {
 		fmt.Fprintf(s.output, "[%s] [%s] %v\n", e.Time.Format(eventTimeFormat), core.Green(e.Tag), e)
 	}
--- a/modules/http_proxy_base_cookietracker.go
+++ b/modules/http_proxy_base_cookietracker.go
@ -39,9 +39,6 @@ func (t *CookieTracker) keyOf(req *http.Request) string {
 }

 func (t *CookieTracker) IsClean(req *http.Request) bool {
-	// t.RLock()
-	// defer t.RUnlock()
-
 	// we only clean GET requests
 	if req.Method != "GET" {
 		return true
@ -53,6 +50,9 @@ func (t *CookieTracker) IsClean(req *http.Request) bool {
 		return true
 	}

+	t.RLock()
+	defer t.RUnlock()
+
 	// was it already processed?
 	if _, found := t.set[t.keyOf(req)]; found == true {
 		return true
@ -65,8 +65,7 @@ func (t *CookieTracker) IsClean(req *http.Request) bool {
 func (t *CookieTracker) Track(req *http.Request) {
 	t.Lock()
 	defer t.Unlock()
-	reqKey := t.keyOf(req)
-	t.set[reqKey] = true
+	t.set[t.keyOf(req)] = true
 }

 func (t *CookieTracker) Expire(req *http.Request) *http.Response {
--- a/modules/http_proxy_js_request.go
+++ b/modules/http_proxy_js_request.go
@ -88,6 +88,16 @@ func (j *JSRequest) WasModified() bool {
 	return false
 }

+func (j *JSRequest) Header(name, deflt string) string {
+	name = strings.ToLower(name)
+	for _, h := range j.Headers {
+		if name == strings.ToLower(h.Name) {
+			return h.Value
+		}
+	}
+	return deflt
+}
+
 func (j *JSRequest) ReadBody() string {
 	raw, err := ioutil.ReadAll(j.req.Body)
 	if err != nil {
--- a/modules/http_proxy_js_response.go
+++ b/modules/http_proxy_js_response.go
@ -73,6 +73,17 @@ func (j *JSResponse) WasModified() bool {
 	return false
 }

+func (j *JSResponse) Header(name, deflt string) string {
+	name = strings.ToLower(name)
+	for _, header := range strings.Split(j.Headers, "\n") {
+		parts := strings.SplitN(core.Trim(header), ":", 2)
+		if len(parts) == 2 && strings.ToLower(parts[0]) == name {
+			return parts[1]
+		}
+	}
+	return deflt
+}
+
 func (j *JSResponse) ToResponse(req *http.Request) (resp *http.Response) {
 	resp = goproxy.NewResponse(req, j.ContentType, j.Status, j.Body)
 	if j.Headers != "" {
--- a/modules/syn_scan.go
+++ b/modules/syn_scan.go
@ -38,7 +38,7 @@ func NewSynScanner(s *session.Session) *SynScanner {
 		waitGroup:     &sync.WaitGroup{},
 	}

-	ss.AddHandler(session.NewModuleHandler("syn.scan IP-RANGE START-PORT END-PORT", "syn.scan ([^\\s]+) (\\d+)([\\s\\d]*)",
+	ss.AddHandler(session.NewModuleHandler("syn.scan IP-RANGE [START-PORT] [END-PORT]", "syn.scan ([^\\s]+) ?(\\d+)?([\\s\\d]*)?",
 		"Perform a syn port scanning against an IP address within the provided ports range.",
 		func(args []string) error {
 			if ss.Running() == true {
@ -50,20 +50,22 @@ func NewSynScanner(s *session.Session) *SynScanner {
 				return fmt.Errorf("Error while parsing IP range '%s': %s", args[0], err)
 			}

-			ss.addresses = list.Expand()
-			ss.startPort = 0
-			ss.endPort = 0
-
-			if ss.startPort, err = strconv.Atoi(core.Trim(args[1])); err != nil {
-				return fmt.Errorf("Invalid START-PORT: %s", err)
-			}
-
-			if ss.startPort > 65535 {
-				ss.startPort = 65535
-			}
-			ss.endPort = ss.startPort
-
 			argc := len(args)
+			ss.addresses = list.Expand()
+			ss.startPort = 1
+			ss.endPort = 65535
+
+			if argc > 1 && core.Trim(args[1]) != "" {
+				if ss.startPort, err = strconv.Atoi(core.Trim(args[1])); err != nil {
+					return fmt.Errorf("Invalid START-PORT: %s", err)
+				}
+
+				if ss.startPort > 65535 {
+					ss.startPort = 65535
+				}
+				ss.endPort = ss.startPort
+			}
+
 			if argc > 2 && core.Trim(args[2]) != "" {
 				if ss.endPort, err = strconv.Atoi(core.Trim(args[2])); err != nil {
 					return fmt.Errorf("Invalid END-PORT: %s", err)
--- a/modules/update.go
+++ b/modules/update.go
@ -0,0 +1,96 @@
+package modules
+
+import (
+	"context"
+	"math"
+	"strconv"
+	"strings"
+
+	"github.com/bettercap/bettercap/core"
+	"github.com/bettercap/bettercap/log"
+	"github.com/bettercap/bettercap/session"
+
+	"github.com/google/go-github/github"
+)
+
+type UpdateModule struct {
+	session.SessionModule
+	client *github.Client
+}
+
+func NewUpdateModule(s *session.Session) *UpdateModule {
+	u := &UpdateModule{
+		SessionModule: session.NewSessionModule("update", s),
+		client:        github.NewClient(nil),
+	}
+
+	u.AddHandler(session.NewModuleHandler("update.check on", "",
+		"Check latest available stable version and compare it with the one being used.",
+		func(args []string) error {
+			return u.Start()
+		}))
+
+	return u
+}
+
+func (u *UpdateModule) Name() string {
+	return "update"
+}
+
+func (u *UpdateModule) Description() string {
+	return "A module to check for bettercap's updates."
+}
+
+func (u *UpdateModule) Author() string {
+	return "Simone Margaritelli <evilsocket@protonmail.com>"
+}
+
+func (u *UpdateModule) Configure() error {
+	return nil
+}
+
+func (u *UpdateModule) Stop() error {
+	return nil
+}
+
+func (u *UpdateModule) versionToNum(ver string) float64 {
+	if ver[0] == 'v' {
+		ver = ver[1:]
+	}
+
+	n := 0.0
+	parts := strings.Split(ver, ".")
+	nparts := len(parts)
+
+	// reverse
+	for i := nparts/2 - 1; i >= 0; i-- {
+		opp := nparts - 1 - i
+		parts[i], parts[opp] = parts[opp], parts[i]
+	}
+
+	for i, e := range parts {
+		ev, _ := strconv.Atoi(e)
+		n += float64(ev) * math.Pow10(i)
+	}
+
+	return n
+}
+
+func (u *UpdateModule) Start() error {
+	return u.SetRunning(true, func() {
+		defer u.SetRunning(false, nil)
+
+		log.Info("Checking latest stable release ...")
+
+		if releases, _, err := u.client.Repositories.ListReleases(context.Background(), "bettercap", "bettercap", nil); err == nil {
+			latest := releases[0]
+			if u.versionToNum(core.Version) < u.versionToNum(*latest.TagName) {
+				u.Session.Events.Add("update.available", latest)
+			} else {
+				log.Info("You are running %s which is the latest stable version.", core.Bold(core.Version))
+			}
+		} else {
+			log.Error("Error while fetching latest release info from GitHub: %s", err)
+		}
+	})
+}