mirror of
https://github.com/bettercap/bettercap.git
synced 2024-12-21 19:41:41 -08:00
Page:
http.modules
Pages
Caplets
Changing the Prompt
Compilation on Android
Compilation on Linux and macOS
Compilation on Windows
Cross Compilation ( ARM example )
Home
Interactive Mode
Known Issues
Using with Docker
any.proxy
api.rest
arp.spoof
ble
caplets.update
dhcp6.spoof
dns.spoof
events.stream
gps
hid
http.modules
http.proxy
http.server
https.proxy
https.server
mac.changer
mysql.server
net.probe
net.recon
net.sniff
packet.proxy
syn.scan
tcp.modules
tcp.proxy
ticker
update.check
wifi
wol
8
http.modules
yungtravla edited this page 2018-06-30 10:49:37 +10:00
Table of Contents
The http.proxy
and https.proxy
modules can be scripted using javascript files that must declare at least one of the following functions:
// called when the script is loaded
function onLoad() {
}
// called when the request is received by the proxy
// and before it is sent to the real server.
function onRequest(req, res) {
}
// called when the request is sent to the real server
// and a response is received
function onResponse(req, res) {
}
// called every time an unknown session command is typed,
// proxy modules can optionally handle custom commands this way:
function onCommand(cmd) {
if( cmd == "test" ) {
/*
* Custom session command logic here.
*/
// tell the session we handled this command
return true
}
}
Modules can change the req
request and res
response objects, for instance the web-override.cap caplet is using the onRequest
function in order to override every request before it is executed with a fake response:
function onRequest(req, res) {
res.Status = 200;
res.ContentType = "text/html";
res.Body = readFile("caplets/www/index.html");
headers = res.Headers.split("\r\n")
for (var i = 0; i < headers.length; i++) {
header_name = headers[i].replace(/:.*/, "")
res.RemoveHeader(header_name);
}
res.SetHeader("Connection", "close");
}
The login-man-abuse.cap caplet instead will use the onResponse
handler to inject its malicious javascript file in every html response:
function onResponse(req, res) {
if( res.ContentType.indexOf('text/html') == 0 ){
var body = res.ReadBody();
if( body.indexOf('</head>') != -1 ) {
res.Body = body.replace(
'</head>',
'<script type="text/javascript">' + "\n" +
AbuserJavascript +
'</script>' +
'</head>'
);
}
}
}
Builtin Functions
Modules can use the following builtin functions.
function | description |
---|---|
readFile("/path/to/file") |
Return the contents of a file as a string. |
writeFile("/path/to/file", "hello world") |
Write the string hello world to a file, returns null or an error message. |
log_debug("message") |
Log a message in the interactive session (its level will be DEBUG ). |
log_info("message") |
Log a message in the interactive session (its level will be INFO ). |
log_warn("message") |
Log a message in the interactive session (its level will be WARNING ). |
log_error("message") |
Log a message in the interactive session (its level will be ERROR ). |
log_fatal("message") |
Log a message in the interactive session (its level will be FATAL ). |
log("message") |
Shortcut for log_info("message") . |
btoa("message") |
Encode a message to base64. |
atob("bWVzc2FnZQ==") |
Decode a message from base64. |
env("iface.ipv4") |
Read a variable. |
env("foo", "bar") |
Set a variable. |
- Known Issues
- Using with Docker
- Compilation
- Interactive Mode and Command Line Arguments
- Changing the Prompt
- Caplets
Modules
- Core
- HID on 2.4Ghz (mousejacking)
- Bluetooth Low Energy
- 802.11
- Ethernet and IP
- Servers
- Rogue Servers
- Utils