From a234c206502d0a607cf11d18b640a15708542146 Mon Sep 17 00:00:00 2001
From: Simone Margaritelli <evilsocket@gmail.com>
Date: Sun, 22 Sep 2024 15:03:06 +0200
Subject: [PATCH] fix: better ipv6 detection logic

---
 network/arp.go          |  3 +++
 network/lan.go          | 14 ++++++++++++--
 network/lan_endpoint.go | 11 ++++++++++-
 network/net.go          | 10 +++-------
 packets/queue.go        |  4 ++--
 5 files changed, 30 insertions(+), 12 deletions(-)

diff --git a/network/arp.go b/network/arp.go
index 9bab10b6..01a7e9c9 100644
--- a/network/arp.go
+++ b/network/arp.go
@@ -6,6 +6,7 @@ import (
 	"sync"
 
 	"github.com/bettercap/bettercap/v2/core"
+	"github.com/bettercap/bettercap/v2/log"
 )
 
 type ArpTable map[string]string
@@ -33,6 +34,7 @@ func ArpUpdate(iface string) (ArpTable, error) {
 	for _, line := range strings.Split(output, "\n") {
 		m := ArpTableParser.FindStringSubmatch(line)
 		if len(m) == ArpTableTokens {
+			log.Debug("ARP TABLE MATCH: %v", m)
 			ipIndex := ArpTableTokenIndex[0]
 			hwIndex := ArpTableTokenIndex[1]
 			ifIndex := ArpTableTokenIndex[2]
@@ -46,6 +48,7 @@ func ArpUpdate(iface string) (ArpTable, error) {
 			}
 
 			if ifname == iface {
+				log.Debug("  %s = %s", address, mac)
 				newTable[address] = mac
 			}
 		}
diff --git a/network/lan.go b/network/lan.go
index 990cdfd0..082b4c74 100644
--- a/network/lan.go
+++ b/network/lan.go
@@ -6,6 +6,7 @@ import (
 	"strings"
 	"sync"
 
+	"github.com/bettercap/bettercap/v2/log"
 	"github.com/evilsocket/islazy/data"
 )
 
@@ -136,11 +137,11 @@ func (lan *LAN) Remove(ip, mac string) {
 
 func (lan *LAN) shouldIgnore(ip, mac string) bool {
 	// skip our own address
-	if ip == lan.iface.IpAddress || mac == lan.iface.HwAddress {
+	if ip == lan.iface.IpAddress || ip == lan.iface.Ip6Address || mac == lan.iface.HwAddress {
 		return true
 	}
 	// skip the gateway
-	if ip == lan.gateway.IpAddress || mac == lan.gateway.HwAddress {
+	if ip == lan.gateway.IpAddress || ip == lan.gateway.Ip6Address || mac == lan.gateway.HwAddress {
 		return true
 	}
 	// skip broadcast addresses
@@ -190,6 +191,15 @@ func (lan *LAN) AddIfNew(ip, mac string) *Endpoint {
 		if lan.ttl[mac] < LANDefaultttl {
 			lan.ttl[mac]++
 		}
+
+		if strings.ContainsRune(ip, ':') && t.Ip6Address == "" {
+			log.Info("ipv6 %s detected for %s (%s)", ip, t.IpAddress, mac)
+			t.SetIPv6(ip)
+		} else if strings.ContainsRune(ip, '.') && t.IpAddress == "" {
+			log.Info("ipv4 %s detected for %s (%s)", ip, t.Ip6Address, mac)
+			t.SetIP(ip)
+		}
+
 		return t
 	}
 
diff --git a/network/lan_endpoint.go b/network/lan_endpoint.go
index e90681cc..48d9d22d 100644
--- a/network/lan_endpoint.go
+++ b/network/lan_endpoint.go
@@ -17,11 +17,14 @@ type Endpoint struct {
 	Index            int                    `json:"-"`
 	IP               net.IP                 `json:"-"`
 	Net              *net.IPNet             `json:"-"`
+	Net6             *net.IPNet             `json:"-"`
 	IPv6             net.IP                 `json:"-"`
+	CIDR6            string                 `json:"-"`
 	HW               net.HardwareAddr       `json:"-"`
 	IpAddress        string                 `json:"ipv4"`
 	Ip6Address       string                 `json:"ipv6"`
 	SubnetBits       uint32                 `json:"-"`
+	SubnetBits6      uint32                 `json:"-"`
 	IpAddressUint32  uint32                 `json:"-"`
 	HwAddress        string                 `json:"mac"`
 	Hostname         string                 `json:"hostname"`
@@ -100,7 +103,13 @@ func (t *Endpoint) SetNetwork(netw string) {
 func (t *Endpoint) SetIPv6(netw string) {
 	parts := strings.SplitN(netw, "/", 2)
 	address := parts[0]
-	// bits, _ := strconv.Atoi(parts[1])
+	if len(parts) > 1 {
+		bits6, _ := strconv.Atoi(parts[1])
+		t.SubnetBits6 = uint32(bits6)
+		t.CIDR6 = netw
+		_, netw, _ := net.ParseCIDR(netw)
+		t.Net6 = netw
+	}
 
 	t.IPv6 = net.ParseIP(address)
 	if t.IPv6 != nil {
diff --git a/network/net.go b/network/net.go
index bb887f38..f925b37d 100644
--- a/network/net.go
+++ b/network/net.go
@@ -196,16 +196,12 @@ func buildEndpointFromInterface(iface net.Interface) (*Endpoint, error) {
 
 	for _, a := range addrs {
 		address := a.String()
-		switch true {
-		case IPv4Validator.MatchString(address):
+		if IPv4Validator.MatchString(address) {
 			e.SetIP(address)
-			break
-		case IPv4BlockValidator.MatchString(address):
+		} else if IPv4BlockValidator.MatchString(address) {
 			e.SetNetwork(address)
-			break
-		default:
+		} else {
 			e.SetIPv6(address)
-			break
 		}
 	}
 
diff --git a/packets/queue.go b/packets/queue.go
index c9c82cb3..35e5602e 100644
--- a/packets/queue.go
+++ b/packets/queue.go
@@ -211,7 +211,7 @@ func (q *Queue) worker() {
 
 			// something coming from someone on the LAN
 			isFromMe := q.iface.IP.Equal(srcIP) || q.iface.IPv6.Equal(srcIP)
-			isFromLAN := q.iface.Net.Contains(srcIP)
+			isFromLAN := q.iface.Net.Contains(srcIP) || q.iface.Net6.Contains(srcIP)
 			if !isFromMe && isFromLAN {
 				meta := q.getPacketMeta(pkt)
 				q.trackActivity(eth, srcIP, meta, pktSize, true)
@@ -219,7 +219,7 @@ func (q *Queue) worker() {
 
 			// something going to someone on the LAN
 			isToMe := q.iface.IP.Equal(dstIP) || q.iface.IPv6.Equal(dstIP)
-			isToLAN := q.iface.Net.Contains(dstIP)
+			isToLAN := q.iface.Net.Contains(dstIP) || q.iface.Net6.Contains(dstIP)
 			if !isToMe && isToLAN {
 				q.trackActivity(eth, dstIP, nil, pktSize, false)
 			}