From 2bc3d871ef10e137fabf271f696a1d9ffe390814 Mon Sep 17 00:00:00 2001 From: Ben Gardiner Date: Mon, 25 Apr 2022 21:36:03 +0000 Subject: [PATCH 1/3] use ip6tables for any_proxy to ipv6 addresses --- firewall/firewall_linux.go | 26 +++++++++++++++++++++----- modules/any_proxy/any_proxy.go | 4 ++-- 2 files changed, 23 insertions(+), 7 deletions(-) diff --git a/firewall/firewall_linux.go b/firewall/firewall_linux.go index 312402f6..96bc8b46 100644 --- a/firewall/firewall_linux.go +++ b/firewall/firewall_linux.go @@ -4,6 +4,7 @@ import ( "fmt" "io/ioutil" "os" + "strings" "github.com/bettercap/bettercap/core" "github.com/bettercap/bettercap/network" @@ -73,10 +74,18 @@ func (f LinuxFirewall) EnableForwarding(enabled bool) error { func (f *LinuxFirewall) getCommandLine(r *Redirection, enabled bool) (cmdLine []string) { action := "-A" + destination := "" + if !enabled { action = "-D" } + if strings.Count(r.DstAddress, ":") < 2 { + destination = r.DstAddress + } else { + destination = fmt.Sprintf("[%s]", r.DstAddress) + } + if r.SrcAddress == "" { cmdLine = []string{ "-t", "nat", @@ -85,7 +94,7 @@ func (f *LinuxFirewall) getCommandLine(r *Redirection, enabled bool) (cmdLine [] "-p", r.Protocol, "--dport", fmt.Sprintf("%d", r.SrcPort), "-j", "DNAT", - "--to", fmt.Sprintf("%s:%d", r.DstAddress, r.DstPort), + "--to", fmt.Sprintf("%s:%d", destination, r.DstPort), } } else { cmdLine = []string{ @@ -96,7 +105,7 @@ func (f *LinuxFirewall) getCommandLine(r *Redirection, enabled bool) (cmdLine [] "-d", r.SrcAddress, "--dport", fmt.Sprintf("%d", r.SrcPort), "-j", "DNAT", - "--to", fmt.Sprintf("%s:%d", r.DstAddress, r.DstPort), + "--to", fmt.Sprintf("%s:%d", destination, r.DstPort), } } @@ -107,6 +116,13 @@ func (f *LinuxFirewall) EnableRedirection(r *Redirection, enabled bool) error { cmdLine := f.getCommandLine(r, enabled) rkey := r.String() _, found := f.redirections[rkey] + cmd := "" + + if strings.Count(r.DstAddress, ":") < 2 { + cmd = "iptables" + } else { + cmd = "ip6tables" + } if enabled { if found { @@ -116,9 +132,9 @@ func (f *LinuxFirewall) EnableRedirection(r *Redirection, enabled bool) error { f.redirections[rkey] = r // accept all - if _, err := core.Exec("iptables", []string{"-P", "FORWARD", "ACCEPT"}); err != nil { + if _, err := core.Exec(cmd, []string{"-P", "FORWARD", "ACCEPT"}); err != nil { return err - } else if _, err := core.Exec("iptables", cmdLine); err != nil { + } else if _, err := core.Exec(cmd, cmdLine); err != nil { return err } } else { @@ -128,7 +144,7 @@ func (f *LinuxFirewall) EnableRedirection(r *Redirection, enabled bool) error { delete(f.redirections, r.String()) - if _, err := core.Exec("iptables", cmdLine); err != nil { + if _, err := core.Exec(cmd, cmdLine); err != nil { return err } } diff --git a/modules/any_proxy/any_proxy.go b/modules/any_proxy/any_proxy.go index 4f917f3c..b0d43455 100644 --- a/modules/any_proxy/any_proxy.go +++ b/modules/any_proxy/any_proxy.go @@ -43,8 +43,8 @@ func NewAnyProxy(s *session.Session) *AnyProxy { "Leave empty to intercept any source address.")) mod.AddParam(session.NewStringParameter("any.proxy.dst_address", - session.ParamIfaceAddress, - session.IPv4Validator, + "", + "", "Address where the proxy is listening.")) mod.AddParam(session.NewIntParameter("any.proxy.dst_port", From 628c0b79fba707385232164d36465c66a2a90a72 Mon Sep 17 00:00:00 2001 From: Ben Gardiner Date: Mon, 25 Apr 2022 21:38:23 +0000 Subject: [PATCH 2/3] ndp.spoof: use validator for neighbour parameter, print targets on start, complain when a MAC can't be found (UDP thing doesn't always work) --- modules/ndp_spoof/ndp_spoof.go | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/modules/ndp_spoof/ndp_spoof.go b/modules/ndp_spoof/ndp_spoof.go index 69c8cc51..64002aac 100644 --- a/modules/ndp_spoof/ndp_spoof.go +++ b/modules/ndp_spoof/ndp_spoof.go @@ -32,7 +32,9 @@ func NewNDPSpoofer(s *session.Session) *NDPSpoofer { mod.AddParam(session.NewStringParameter("ndp.spoof.targets", "", "", "Comma separated list of IPv6 victim addresses.")) - mod.AddParam(session.NewStringParameter("ndp.spoof.neighbour", "fe80::1", "", + mod.AddParam(session.NewStringParameter("ndp.spoof.neighbour", + "fe80::1", + session.IPv6Validator, "Neighbour IPv6 address to spoof, clear to disable NA.")) mod.AddParam(session.NewStringParameter("ndp.spoof.prefix", "d00d::", "", @@ -122,7 +124,7 @@ func (mod *NDPSpoofer) Start() error { } return mod.SetRunning(true, func() { - mod.Info("ndp spoofer started - neighbour=%s prefix=%s", mod.neighbour, mod.prefix) + mod.Info("ndp spoofer started - targets=%s neighbour=%s prefix=%s", mod.addresses, mod.neighbour, mod.prefix) mod.waitGroup.Add(1) defer mod.waitGroup.Done() @@ -179,6 +181,8 @@ func (mod *NDPSpoofer) getTargets(probe bool) map[string]net.HardwareAddr { // do we have this ip mac address? if hw, err := mod.Session.FindMAC(ip, probe); err == nil { targets[ip.String()] = hw + } else { + mod.Info("couldn't get MAC for ip=%s, put it into the neighbour table manually e.g. ping -6") } } From eaf2b9640702e1f4bca8a2cb0106b4f3334371ff Mon Sep 17 00:00:00 2001 From: Ben Gardiner Date: Fri, 10 Jun 2022 16:59:11 -0400 Subject: [PATCH 3/3] revert removal of default any.proxy.dst_address ipv4 address --- modules/any_proxy/any_proxy.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/modules/any_proxy/any_proxy.go b/modules/any_proxy/any_proxy.go index b0d43455..c9cae3c4 100644 --- a/modules/any_proxy/any_proxy.go +++ b/modules/any_proxy/any_proxy.go @@ -43,7 +43,7 @@ func NewAnyProxy(s *session.Session) *AnyProxy { "Leave empty to intercept any source address.")) mod.AddParam(session.NewStringParameter("any.proxy.dst_address", - "", + session.ParamIfaceAddress, "", "Address where the proxy is listening."))