misc: small fix or general refactoring i did not bother commenting

README.md

@@ -17,7 +17,7 @@ bettercap is a powerful, easily extensible and portable framework written in Go
 * **Bluetooth Low Energy** devices scanning, characteristics enumeration, reading and writing.
 * 2.4Ghz wireless devices scanning and **MouseJacking** attacks with over-the-air HID frames injection (with DuckyScript support).
 * Passive and active IP network hosts probing and recon.
-* **ARP, DNS and DHCPv6 spoofers** for MITM attacks on IP based networks.
+* **ARP, DNS, NDP and DHCPv6 spoofers** for MITM attacks on IPv4 and IPv6 based networks.
 * **Proxies at packet level, TCP level and HTTP/HTTPS** application level fully scriptable with easy to implement **javascript plugins**.
 * A powerful **network sniffer** for **credentials harvesting** which can also be used as a **network protocol fuzzer**.
 * A very fast port scanner.

_example/example.js

@@ -1,110 +1,21 @@
 require("config")
 require("telegram")
-
-var fakeESSID = random.String(16, 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ');
-var fakeBSSID = random.Mac()
-
-function createGraph(who, where) {
-    // generates a .dot file with the graph for this mac
-    run('graph.to_dot ' + who);
-    // uses graphviz to make a png of it
-    run('!dot -Tpng bettergraph.dot > ' + where);
-}
-
-function onDeauthentication(event) {
-    var data = event.data;
-
-    createGraph(data.address1, '/tmp/graph_deauth.png');
-
-    var message = '🚨 Detected deauthentication frame:\n\n' +
-        // 'Time: ' + event.time + "\n" +
-        // 'GPS: lat=' + session.GPS.Latitude + " lon=" + session.GPS.Longitude + " updated_at=" +
-        //session.GPS.Updated.String() + "\n\n" +
-        'RSSI: ' + data.rssi + "\n" +
-        'Reason: ' + data.reason + "\n" +
-        'Address1: ' + data.address1 + "\n" +
-        'Address2: ' + data.address2 + "\n" +
-        'Address3: ' + data.address3;
-
-    // send to telegram bot
-    sendMessage(message);
-    sendPhoto("/tmp/graph_deauth.png");
-}
-
-function onNewAP(event){
-    var ap = event.data;
-    if(ap.hostname == fakeESSID) {
-        createGraph(ap.mac, '/tmp/graph_ap.png');
-
-        var message = '🦠 Detected rogue AP:\n\n' +
-            // 'Time: ' + event.time + "\n" +
-            // 'GPS: lat=' + session.GPS.Latitude + " lon=" + session.GPS.Longitude + " updated_at=" +
-            //session.GPS.Updated.String() + "\n\n" +
-            'AP: ' + ap.mac + ' (' + ap.vendor + ')';
-
-        // send to telegram bot
-        sendMessage(message);
-        sendPhoto("/tmp/graph_ap.png");
-    }
-}
-
-function onHandshake(event){
-    var data = event.data;
-    var what = 'handshake';
-
-    createGraph(data.station, '/tmp/graph_handshake.png');
-
-    if(data.pmkid != null) {
-        what = "RSN PMKID";
-    } else if(data.full) {
-        what += " (full)";
-    } else if(data.half) {
-        what += " (half)";
-    }
-
-    var message = '💰 Captured ' + what + ':\n\n' +
-        //'Time: ' + event.time + "\n" +
-        //'GPS: lat=' + session.GPS.Latitude + " lon=" + session.GPS.Longitude + " updated_at=" +
-        //session.GPS.Updated.String() + "\n\n" +
-        'Station: ' + data.station + "\n" +
-        'AP: ' + data.ap;
-
-    // send to telegram bot
-    sendMessage(message);
-    sendPhoto("/tmp/graph_handshake.png");
-}
-
-function onNewNode(event) {
-    var node = event.data;
-
-    if(node.type != 'ssid' && node.type != 'ble_server' && graph.IsConnected(node.type, node.id)) {
-        createGraph(node.id, '/tmp/graph_node.png');
-
-        var message = '🖥️  Detected previously unknown ' + node.type + ':\n\n' +
-            'Type: ' + node.type + "\n" +
-            'MAC: ' + node.id;
-
-        // send to telegram bot
-        sendMessage(message);
-        sendPhoto("/tmp/graph_node.png");
-    }
-}
-
-function onTick(event) {
-    run('wifi.probe ' + fakeBSSID + ' ' + fakeESSID);
-}
+require("functions")
 
 log("session script loaded, fake AP is " + fakeESSID);
 
-// enable the graph module
+// enable the graph module so we can extract more historical info
+// for each device we see
 run('graph on')
 
 // create an empty ticker so we can run commands every few seconds
+// this will inject decoy wifi client probes used to detect KARMA
+// attacks and in general rogue access points
 run('set ticker.commands ""')
 run('set ticker.period 10')
 run('ticker on')
 
-// enable recon and probing of new hosts
+// enable recon and probing of new hosts on IPv4 and IPv6
 run('net.recon on');
 run('net.probe on');
 
@@ -114,11 +25,15 @@ run('wifi.recon on');
 
 // send fake client probes every tick
 onEvent('tick', onTick);
+
 // register for wifi.deauthentication events
 onEvent('wifi.deauthentication', onDeauthentication);
+
 // register for wifi.client.handshake events
 onEvent('wifi.client.handshake', onHandshake);
-// register for wifi.ap.new events
+
+// register for wifi.ap.new events (used to detect rogue APs)
 onEvent('wifi.ap.new', onNewAP);
 
+// register for new nodes in the graph
 onEvent('graph.node.new', onNewNode);

_example/functions.js

@@ -0,0 +1,93 @@
+var fakeESSID = random.String(16, 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ');
+var fakeBSSID = random.Mac()
+
+// uses graph.to_dot and graphviz to generate a png graph
+function createGraph(who, where) {
+    // generates a .dot file with the graph for this mac
+    run('graph.to_dot ' + who);
+    // uses graphviz to make a png of it
+    run('!dot -Tpng bettergraph.dot > ' + where);
+}
+
+function onDeauthentication(event) {
+    var data = event.data;
+
+    createGraph(data.address1, '/tmp/graph_deauth.png');
+
+    var message = '🚨 Detected deauthentication frame:\n\n' +
+        // 'Time: ' + event.time + "\n" +
+        // 'GPS: lat=' + session.GPS.Latitude + " lon=" + session.GPS.Longitude + " updated_at=" +
+        //session.GPS.Updated.String() + "\n\n" +
+        'RSSI: ' + data.rssi + "\n" +
+        'Reason: ' + data.reason + "\n" +
+        'Address1: ' + data.address1 + "\n" +
+        'Address2: ' + data.address2 + "\n" +
+        'Address3: ' + data.address3;
+
+    // send to telegram bot
+    sendMessage(message);
+    sendPhoto("/tmp/graph_deauth.png");
+}
+
+function onNewAP(event){
+    var ap = event.data;
+    if(ap.hostname == fakeESSID) {
+        createGraph(ap.mac, '/tmp/graph_ap.png');
+
+        var message = '🦠 Detected rogue AP:\n\n' +
+            // 'Time: ' + event.time + "\n" +
+            // 'GPS: lat=' + session.GPS.Latitude + " lon=" + session.GPS.Longitude + " updated_at=" +
+            //session.GPS.Updated.String() + "\n\n" +
+            'AP: ' + ap.mac + ' (' + ap.vendor + ')';
+
+        // send to telegram bot
+        sendMessage(message);
+        sendPhoto("/tmp/graph_ap.png");
+    }
+}
+
+function onHandshake(event){
+    var data = event.data;
+    var what = 'handshake';
+
+    createGraph(data.station, '/tmp/graph_handshake.png');
+
+    if(data.pmkid != null) {
+        what = "RSN PMKID";
+    } else if(data.full) {
+        what += " (full)";
+    } else if(data.half) {
+        what += " (half)";
+    }
+
+    var message = '💰 Captured ' + what + ':\n\n' +
+        //'Time: ' + event.time + "\n" +
+        //'GPS: lat=' + session.GPS.Latitude + " lon=" + session.GPS.Longitude + " updated_at=" +
+        //session.GPS.Updated.String() + "\n\n" +
+        'Station: ' + data.station + "\n" +
+        'AP: ' + data.ap;
+
+    // send to telegram bot
+    sendMessage(message);
+    sendPhoto("/tmp/graph_handshake.png");
+}
+
+function onNewNode(event) {
+    var node = event.data;
+
+    if(node.type != 'ssid' && node.type != 'ble_server' && graph.IsConnected(node.type, node.id)) {
+        createGraph(node.id, '/tmp/graph_node.png');
+
+        var message = '🖥️  Detected previously unknown ' + node.type + ':\n\n' +
+            'Type: ' + node.type + "\n" +
+            'MAC: ' + node.id;
+
+        // send to telegram bot
+        sendMessage(message);
+        sendPhoto("/tmp/graph_node.png");
+    }
+}
+
+function onTick(event) {
+    run('wifi.probe ' + fakeBSSID + ' ' + fakeESSID);
+}