Releases and Changelog


v1.6.0 ( 2016-12-28 )

New Features

  • Generated a new CA pem file with less descriptive fields, trying to clone GoDaddy CA as much as possible.
  • New -R rainbow option! :D
  • Improved (a lot) target hostname resolution and coloring.
  • Updated mac vendors lookup file with latest version.
  • Improved sniffer performances using a threadpool to dispatch and process raw packets.

Fixes

  • Fix: More robust OS compatibility check.
  • Fixed COOKIE parser in order to avoid printing duplicated cookies.
  • Fixed target hostname resolution.
  • Fixes #343: BSD Firewall#del_port_redirection method should selectively remove a rule.
  • Fixes #329: Unable to set --http-ports with --custom-proxy
  • Fixes #316: Unable to fetch certs for hosts not running on 443.
  • Improved StreamLogger hexdump method to use the whole console width.
  • Improved HTTPS connections sniffer and DNS resolution.
  • Added thread-safety to sniffer thread pool.

Code Style

  • Replaced all http links with https ones when possible.
  • Removed unused classes.
  • Making lolize gem used for -R/--rainbows argument optional.


v1.5.9 ( 2016-12-14 )

New Features

  • New --no-http-logs proxy option.
  • New Response#redirect! helper method.
  • New REDIRECT http proxy module ( location hijacking ).
  • New --html-position option.
  • Fixes #257: New --disable-parsers option.
  • Prioritize root privilege check
  • TCP proxy modules can now register options too.
  • --silent option now suppress Logger.raw messages too.

Fixes

  • Fixes #318: Error while serving client: Couldn't extract host from the request.
  • Fixes #307: Error getting mac address from PPP interface.
  • Fixes #302: SSLStrip module adds trailing slash to domains
  • Fixed a bug which caused the Redirect http module to be loaded even if not selected.
  • Fixes #291: Precomputing list of targets in order to stress less the cpu.
  • Fixed bug in ftp and mail creds parsers which caused a mislabeling of capture credentials.
  • Fixes #292: undefined method arp_opcode for nil:NilClass

Code Style

  • Printing shell commands if debug mode is enabled.
  • Remove redundant requires, minor update to syntax using rubocop
  • Removed credit card parser, it's causing a lot of false positives and there's no way to distinguish them
  • Removed warning if using beta releases, no one gives a fuck about it anyway.


v1.5.8 ( 2016-08-27 )

New Features

  • New --log-http-response option.
  • New --html-file PATH option.
  • New --full-duplex option ( half duplex mode is now the default ).
  • HTTP(S) logs from the proxy do not truncate urls to 50 characters anymore.

Fixes

  • Fixed InjectJS module bug which caused the HTML of the page to be broken in some circumstances.
  • Fixed a bug which caused the HTTPS proxy not to work properly with wildcard domains.
  • Fixed TeamViewer packets version parsing.
  • Fixes #282: Inject modules fail on uppercase tags.
  • Fixed a bug while changing/randomizing MAC address on Linux.


v1.5.7 ( 2016-08-11 )

Fixes

  • Fixes #254: Exception on CTRL+C
  • Fixed a bug which caused '*.domain.tld' certificates not to be correctly handled
  • Fixes #270: sslstrip fails to rewrite links

Code Style

  • Using debug messages instead of warnings when targeting the whole network and a target mac or ip address can't be found.


v1.5.6 ( 2016-07-15 )

New Features

  • Fixes #252: new TeamViewer sniffer module.

Fixes

  • Fixes #256: Bumped colorize version to 0.8
  • Fixes #241: Exception due to invalid byte sequence in utf-8 when bettercap logger is trying to write to log file.
  • Fixed Formatting
  • Fixes #235 : HTTPS proxy unable to ignore invalid server certificate.
  • Make sure Kali is updated before installing Bettercap
  • Included correct install instructions for Bettercap on Kali.
  • Use sub! with block to avoid strange sub! behaviour when data contains the sequence backslash-backtick
  • Adding proper timeouts while fetching HTTPS certificates.

Code Style

  • Rescue syntax for udp_socket.rb
  • Refactor equals? at target.rb
  • Rescue syntax for packet_queue.rb
  • Line fold and rescue syntax in httpd.rb
  • Simplify if statements for teamviewer.rb
  • Simplify if statements for dhcp.rb
  • Rescue syntax on firewalls/bsd.rb
  • Formatting
  • Doc update


v1.5.5 ( 2016-05-25 )

New Features

  • New --use-mac and --random-mac options to hide the interface MAC address during an attack.
  • HTTP proxy modules can now return a crafted response from their on_pre_request method.

Fixes

  • Fixes #232 : High cpu utilization with --no-discovery option
  • Fixes #233 : Crash due to IPv6 DNS resolution.
  • Fixes #224 : Fixed FreeBSD Support.


v1.5.4 ( 2016-04-23 )

New Features

  • Implemented new --proxy-upstream-address option.
  • Allow connections to local HTTP server with new --allow-local-connections option.

Fixes

  • Fixed misuse of BSD licensing in ThreadPool class.
  • Fixed a bug which caused ifconfig data not to be correctly collected if the interface name includes non alpha-numeric characters ( VLANs etc )


v1.5.3 ( 2016-03-28 )

Hotfix release for v1.5.2


v1.5.2 ( 2016-03-28 )

New Features

  • Added support for PUT requests to the http proxy.
  • Each module now can define some metadata such as author name, license, description etc.

Fixes

  • Fixed a bug which caused the proxy not to be enabled if only --proxy-module argument was specified.
  • Fixes #200: 'Too many open files' error makes bettercap PacketQueue crash.
  • Fixes #199 : Issue while parsing port numbers from command line.
  • Fixed a bug which prevented the log-to-file feature to work correctly.
  • Fixes #193: Check every port for "Address already in use" before it is actually used.
  • Fixed a bug which prevented to use DNS server.
  • Fix: --proxy-* options will enable HTTP proxy.
  • Improved debug logging of network informations.

Code Style

  • Refactored Context.ifconfig to a more elegant Context.iface Target class instance.
  • Minor refactoring of discovery wait interval logic.
  • Renamed "arpcache" option to "discovery" and inverted logic.


v1.5.1 ( 2016-03-18 )

New Features

  • New --tcp-proxy-upstream shortcut argument.
  • New docs folder with Sphinx based documentation files.
  • The parameter --tcp-proxy-upstream-address now accepts both IPs and hostnames.

Fixes

  • Fixes #184 : Discovery should not start if one or more targets are specified.
  • More explicit error messages while loading proxy modules.
  • Each *-port argument is now validated.

Code Style

  • Improved debug logs.


v1.5.0 ( 2016-03-16 )

New Features

  • New TCP modular and transparent proxy.
  • Connections within internal nodes on the network are now spoofed.
  • Memory usage optimization.

Fixes

  • Fixed a bug which caused bettercap to crash if the gateway mac address could not be detected.
  • Fixes #180: NoMethodError on OS X
  • Fixed --httpd-path option position.
  • Fixed SignalException handling.
  • Fixed little endian PCAP files support.
  • Fixed big endian PCAP files support.
  • Fixed exception handling while loading external PCAP file as sniffer source.
  • Fixes #176 : ArgumentError on GC.start( :full_mark => false ) with Ruby 1.9.3
  • Fixes #175 : ARP Spoofer doesn't spoof internal connections.
  • Fixed handling of text/plain content-types in StreamLogger class.
  • Better hex dumping of binary data.

Code Style

  • Renamed --sniffer-pcap option to --sniffer-output.
  • :check validator can now be used for every type of Network::Proto:Base derived classes.
  • Minor refactoring of if not to unless.
  • Minor refactoring/semplification of spoofing logic.
  • Unified OSX and OpenBSD firewalls under the same BSD class.
  • Refactored DHCP protocol class and constants.
  • Refactored and centralized gateway mac resolution and usage logic.
  • Whole refactoring of options parsing and handling logic into different, dedicated, classes.
  • Added a few comments here and there.
  • Refactored ::Proxy -> ::HTTP::Proxy


v1.4.6 ( 2016-03-09 )

New Features

  • Periodically calling Ruby garbage collector in order to keep memory usage reasonable.
  • Full support for OpenBSD thanks to Angelos D. Keromytis ( [email protected] ).

Fixes

  • Fixed 'overly strict dependency' warning in gemspec file.
  • Typos and indentation fixes.
  • Giving priority to ifconfig over iproute2.
  • Only throw exception if can't resolve gateway mac address and it's really needed.


v1.4.5 ( 2016-02-29 )

New Features

  • New CREDITCARD sniffer with Luhn algorithm verification.
  • Handling DELETE requests.

Fixes

  • Fixes #165 : Fixed a bug which caused the --custom-proxy argument to not work properly.
  • Fixes #134 : Bettercap killing connections.
  • Fix: Resetting packet forwarding only after restore packets are sent.
  • Fixed wrong boolean condition in ARP spoofer.

Code Style

  • Refactored if/then constructs to ternary operators.
  • Refactored DNS server code.
  • Moved Authority loading code into SSLServer class.
  • Refactored proxy processor code.


v1.4.4 ( 2016-02-24 )

New Features

  • New Proxy::SSL::Store class to cache upstream certificates on disk.
  • Using socket.accept_nonblock and IO.select loop to improve HTTP and HTTPS proxies performances.
  • Using real number of CPU cores to size Proxy's thread pool.
  • Stripping out a few security headers from responses ( tnx to Mazin Ahmed @mazen160 )

Fixes

  • Fixed a bug which caused DNS server to be created twice if both HTTP and HTTPS proxy were enabled.
  • Fixes #152 : Generating HTTPS certificates on the fly leveraging on SNI mechanism.
  • Gracefully handling exceptions in Proxy::SSL::Authority
  • --proxy-module option does not allow any proxy by default anymore.
  • --proxy-https option won't enable HTTP proxy as well by default anymore.

Code Style

  • Moved SSL server logic into dedicated Proxy::SSL::Server class.
  • Centralized requires into main bettercap.rb file.
  • Printing options default values in yellow.


v1.4.3 ( 2016-02-22 )

New Features

  • New --custom-redirection option.

Fixes

  • Fixed a concurrency related bug in Target class.
  • Fixed a bug in StreamLogger class which caused service name not to be printed for the first incoming packet.
  • Fixed a few typos.
  • Fix: Using proper port and address for ssl strip DNS server.
  • Some fixes and refactoring of SSL Stripping.
  • Fixed a bug in SSL Strip which might have caused unstable navigation if detected HTTPS link was not valid.
  • Fixes #155 : Fixed a bug in ssl strip starting flag.
  • Fixes #154 : RubyDNS server not handling Errno::EMFILE exceptions.
  • Fixed a boolean condition which enabled DNS redirection even if sslstrip-ping was disabled.

Code Style

  • Precomputing upstream server port in Proxy class.
  • Big refactoring to HTTP responses parsing logic with big overall proxying optimization.


v1.4.2 ( 2016-02-17 )

Fixes

  • Fixed a bug which prevented the HSTS bypass' DNS resolver to work properly.
  • Fixed starting message flags.

Code Style

  • Some minor refactoring and comments around Context#gateway_mac_resolved flag.


v1.4.1 ( 2016-02-16 )

Changelog ( hotfix release )

Fixes

  • Fixed a bug which caused the gateway MAC address not to be resolved in some cases.


v1.4.0 ( 2016-02-16 )

Hotfix Release

  • Fixed a critical bug in discovery agents.


v1.3.9 ( 2016-02-16 )

New Features

  • Now using a custom DNS resolver in order to handle ssl-stripped and hsts-bypassed requests.
  • Closes #142 : Now the -T option accepts IPs, MACs, IP ranges and subnet masks.

Fixes

  • Lot of fixes to SSL Stripping and HSTS bypass.
  • Fixed a few ip/mac validation bugs, refactored Network objects validation into Network::Validator class.
  • Fix: Parsing real HTTP protocol version from requests.
  • Fixed Network::get_gateway bug.
  • Fixes #144 : Undefined method getpeername with HTTPS proxy.
  • Fixed a bug in StreamLogger which prevented correct POST fields dumping in some circumstances.
  • Fixed a bug in spoofers base class.

Code Style

  • SSL Exceptions are now logged as debug messages.
  • Turned debug log into info message.
  • Increased maximum number of threads for proxy thread pool.
  • Do not log as warnings EOFErrors while serving proxy clients.
  • Removed useless log in StreamLogger
  • Refactored Network::get_gateway method.
  • Refactoring and big optimization of the Network::get_hw_address method.
  • Major refactoring of Proxy::Request class.


v1.3.8 ( 2016-02-13 )

New Features

  • New HSTS bypass capabilities implemented.
  • New Logger.exception method used to log debug infos for exceptions.
  • New SNMP protocol parser.
  • Printing a few stats after parsing PCAP input stream.

Fixes

  • StreamLogger class will dump POST contents accordingly to the content-type
  • Fixes #134 : Bettercap killing connections
  • Minor fix on stream logger.
  • Fixes #132: crash on startup (autoload func)
  • Fix: Don't trim request url if it's a POST request.
  • Some fixes to the Proxy::Request object.
  • Fixed a bug which made the sniffer slow and prevented some packet to be parsed.
  • Do not log SocketError exceptions in Proxy class.

Code Style

  • Some refactoring to option parsing.
  • Logging proxy modules exceptions on beta builds.
  • Better socket exception handling for Proxy class.
  • Added a few comments to StreamLogger::addr2s method
  • Using StreamLogger::log_post`` both for proxy and sniffer.
  • Refactored ssl-stripped url handling.
  • Service/Port name is not printed in light blue.
  • Minor refactoring of BetterCap::Sniffer class.
  • Better info logging for builtin proxy modules.


v1.3.7 ( 2016-02-08 )

New Features

  • New PGSQL authentication parser.
  • New MYSQL authentication parser.
  • New NTLM protocol parser and NTLMSSP Authentication sniffer.
  • HTTP Auth parser can now parse every kind of Authentication header ( NTLM authentication too ).
  • Printing * when an address is 255.255.255.255.
  • Resolving port to network service name when possible.

Fixes

  • Fix: Do not send probes to already discovered devices.
  • Fixed bug in sslstripping which caused the client connection to hang when sending expired cookies.
  • Fix: Using either tcp_dst or udp_dst in StreamLogger.
  • Fixed metaprogramming bug in BetterCap::Network::Protos::Base.

Code Style

  • Using Response static methods to generate constant HTTP responses.
  • Autoload every Ruby file in bettercap installation.
  • Removed DHCP#transaction_id


1.3.6 ( 2016-02-06 )

New Features

  • Added new COOKIE sniffer.
  • Added new WHATSAPP sniffer.
  • New DHCP dissector and authentication sniffer.

Fixes

  • Fixed #105: Refactor BetterCap::Parsers loading mechanism to use Ruby metaprogramming.
  • Fixed #95: Requires ifconfig on Linux.
  • Fixed #126: sniffer doesn't print local POST request
  • If logged address is 0.0.0.0, use the MAC instead.

Code Style

  • Refactored Spoofers loading mechanism using Ruby metaprogramming.
  • Moved Factories::Firewall logic to Firewalls::Base class.
  • Better sniffer log messages.


v1.3.5 ( 2016-01-31 )

Hotfix release for v1.3.4


v1.3.4 ( 2016-01-31 )

New Features

  • New DNS spoofing feature ( --dns FILE and --dns-port PORT options ).

Fixes

  • Fixed issue #117 : Cannot add headers to response.headers in modules.
  • Fix: Do not show acquired/lost targets if discovery is disabled.

Code Style

  • Moved HTTPD to BetterCap::Network::Servers::HTTPD.
  • Moved servers creation logic into new Context#create_servers! method.
  • Refactored Options#to_redirections method.
  • Moved main logic into Context#start! method.
  • Minor restyling of HTTPS and HTTP proxies starting message.


v1.3.3 ( 2016-01-30 )

New Features

  • New DICT protocol credentials parser.
  • New Redis protocol credentials parser.
  • New MPD protocol credentials parser.
  • New RLogin protocol credentials parser.
  • New SNPP protocol credentials parser.
  • New --log-timestamp option to enable timestamps while logging.

Fixes

  • Fixed issue #114 : Error while parsing IPv6 address.

Code Style

  • Better SocketError handling in Proxy class.


v1.3.2 ( 2016-01-26 )

Hotfix release for issue #107


v1.3.1 ( 2016-01-26 )

New Features

  • Improved POST data parser/sniffer.
  • Implemented sslstrip favicon spoofing.
  • Proxy modules can now declare a on_pre_request method to handle requests before they are performed.

Fixes

  • Fixed issue #106 : Invalid multibyte char (US-ASCII).
  • Updated bettercap.gemspec file to solve a few warnings while building the GEM.
  • Do not print POST informations if the HTTP body of the request is not available.
  • Handling OptionParser::MissingArgument exception ( closing #103 )
  • Using proper IO classes in Linux Firewall class.
  • Cleaning appropriate headers during sslstrip attack.

Code Style

  • Documented a few methods.


v1.3.0 ( 2016-01-24 )

New Features

  • sslstrip feature and new --no-sslstrip option to disable it.

Fixes

  • Fixed a bug which caused Proxy response headers to be lowercase only.
  • Fixed a deprecation warning message from Ruby > 2.0.
  • Fixed issue #102: re-arp targets.

Code Style

  • Minor refactoring.


v1.2.4 ( 2016-01-21 )

New Features

  • New InjectHTML proxy module.
  • New NNTP auth parser. ( tnx to @bcoles )
  • New starting status message with enabled and disabled modules reporting.

Fixes

  • Fixed a bug which caused new and/or lost targets not to be printed in some specific circumstances.
  • Turned firewall redirection logs into debug messages.
  • Fixed a bug which prevented clients to be "rickrolled" if they're connecting to us directly.

Code Style

  • Moved acquired and lost targets printing logic to discovery thread.


v1.2.3 ( 2016-01-20 )

New Features

  • Using WebRick HTTP client instead of raw socket, now the transparent proxy is much more stable and fast!
  • Implemented --http-ports and --https-ports options.

Fixes

  • Fixed a bug which prevented new and lost targets to be printed if spoofing was disabled.
  • Fixed issue #94: Show more information about targets that have been acquired or lost.
  • Correct singular or plural form of 'target'.
  • Fixed a bug in InjectCSS proxy module.
  • Checking proxy module command line arguments only in initialize method.

Code Style

  • Minor refactoring of BetterCap::Spoofers::Arp class.


Top