From 267492383a31921875534dfc8f5a5af7485cfc70 Mon Sep 17 00:00:00 2001 From: Gianfranco Costamagna Date: Wed, 15 Jul 2020 18:53:02 +0200 Subject: [PATCH 01/19] ettercap: bump copyright years to 2020 --- include/ec_version.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/ec_version.h b/include/ec_version.h index 1cd2fb030..481ee6e46 100644 --- a/include/ec_version.h +++ b/include/ec_version.h @@ -8,7 +8,7 @@ #ifndef PROGRAM #define PROGRAM "ettercap" #endif -#define EC_COPYRIGHT "2001-2019" +#define EC_COPYRIGHT "2001-2020" #define EC_AUTHORS "Ettercap Development Team" #endif From b5ff082fbb6a2d95be4227e06ddb8994f739cd78 Mon Sep 17 00:00:00 2001 From: Gianfranco Costamagna Date: Wed, 15 Jul 2020 14:57:34 +0200 Subject: [PATCH 02/19] Update changelog and version to 0.8.3.1 for release --- CHANGELOG | 14 +++++++++----- CMakeLists.txt | 2 +- include/ec_version.h | 4 ++-- 3 files changed, 12 insertions(+), 8 deletions(-) diff --git a/CHANGELOG b/CHANGELOG index b6c115c43..ab57e1ed3 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -4,7 +4,7 @@ Legend: - old feature removed !! bug fixed ========================================= -0.8.4-XXXXXXXXX YYYYMMDD +0.8.3.1-Bertillon 20200721 !! Fix SSL protocol failure with older TLS client/server versions (min. TLS1.0) !! Fix blackholing SSL packets when specific redirection is used !! Fix TLS 1.3 interception issues (replace fake certificate with proper key length) @@ -17,19 +17,25 @@ Legend: !! Fix compiling with GCC version / defaulting to -fno-common !! Fix bad UDP length for packets changed with replace() !! Fix passing --lua-args arguments to LUA scripts + !! Fix MSVC build when macro ORDER_ADD_{SHORT,LONG} is being used + !! Fix references to old sourceforce.org website in the code and documentation + !! Fix fingerprint_submit (still missing its server counterpart) + Take over client-side SNI extension in ClientHello in SSL interception (req. OpenSSL 1.1.1) + Take over SAN certificate extension from server certificate in SSL interception + Use server certificate sign algorithm to sign fake certificate defaulting to SHA256 + CLI provided plugins are now also autostarted in graphical UI + Added --plugin-list CLI parameter + New execreplace etterfilter command + + Update bundled OUI mac addresses + + Update LuaJIT from 2.0.4 to 2.0.5 + + Update libnet from 1.1.6 to 1.2 + + Update check from 0.10.0 to 0.15.0 + + Update curl from 7.44.0 to 7.71.1 - Separate etter.dns and etter.mdns examples in dedicated examples file - Remove source IP specification from customizable SSL redirects - Remove of deprecated redirect commands from etter.conf - Remove Easter Egg (Sorry ALoR and NaGA) - - 0.8.3-Bertillon 20190701 !! Fix binary comparison and assignment in etterfilter !! Fixed packetbuffer racecond. in BRIDGE mode (e.g. Message too long) @@ -54,8 +60,6 @@ Legend: - GTK2 phase out initialized - Usage of deprecated inet_aton replaced with current successor functions - - 0.8.2-Ferri 20150314 !! Fixed some openssl deprecated functions usage !! Fixed log file ownership diff --git a/CMakeLists.txt b/CMakeLists.txt index 8be06b62f..8df08d218 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -1,7 +1,7 @@ cmake_minimum_required(VERSION 2.8) project(ettercap C) -set(VERSION "0.8.4-rc") +set(VERSION "0.8.3.1") set(CMAKE_MODULE_PATH "${CMAKE_SOURCE_DIR}/cmake/Modules") set(CMAKE_SCRIPT_PATH "${CMAKE_SOURCE_DIR}/cmake/Scripts") diff --git a/include/ec_version.h b/include/ec_version.h index 481ee6e46..62ec4007f 100644 --- a/include/ec_version.h +++ b/include/ec_version.h @@ -1,10 +1,10 @@ #ifndef ETTERCAP_VERS_H #define ETTERCAP_VERS_H -#define EC_VERSION "0.8.4-rc" +#define EC_VERSION "0.8.3.1" #define EC_VERSION_MAJOR 0 #define EC_VERSION_MINOR 8 -#define EC_VERSION_REVISION 4 +#define EC_VERSION_REVISION 3 #ifndef PROGRAM #define PROGRAM "ettercap" #endif From d642205682976802d212264c1316e99bb6d0b10d Mon Sep 17 00:00:00 2001 From: Gianfranco Costamagna Date: Thu, 16 Jul 2020 09:06:40 +0200 Subject: [PATCH 03/19] Add subnumber version for Windows RC file --- include/ec_version.h | 7 ++++--- src/ettercap.rc | 2 +- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/include/ec_version.h b/include/ec_version.h index 62ec4007f..aaf8aa491 100644 --- a/include/ec_version.h +++ b/include/ec_version.h @@ -2,9 +2,10 @@ #define ETTERCAP_VERS_H #define EC_VERSION "0.8.3.1" -#define EC_VERSION_MAJOR 0 -#define EC_VERSION_MINOR 8 -#define EC_VERSION_REVISION 3 +#define EC_VERSION_MAJOR 0 +#define EC_VERSION_MINOR 8 +#define EC_VERSION_REVISION 3 +#define EC_VERSION_SUBREVISION 1 #ifndef PROGRAM #define PROGRAM "ettercap" #endif diff --git a/src/ettercap.rc b/src/ettercap.rc index 3ae7dc5a7..53376326f 100644 --- a/src/ettercap.rc +++ b/src/ettercap.rc @@ -4,7 +4,7 @@ LANGUAGE 0x09,0x01 ETTERCAP_ICON ICON "contrib/nsis/eNG.ico" -#define RC_VERSION EC_VERSION_MAJOR, EC_VERSION_MINOR, EC_VERSION_REVISION, 0 +#define RC_VERSION EC_VERSION_MAJOR, EC_VERSION_MINOR, EC_VERSION_REVISION, EC_VERSION_SUBREVISION, 0 VS_VERSION_INFO VERSIONINFO FILEVERSION RC_VERSION From 715e7efa7b0697dccff3ef4407508d05b4955bae Mon Sep 17 00:00:00 2001 From: Gianfranco Costamagna Date: Thu, 16 Jul 2020 09:48:31 +0200 Subject: [PATCH 04/19] Drop ettercap references to sourceforge, move them to the new website --- README.BUGS | 2 +- share/etter.dns.examples | 4 ++-- share/etter.finger.os | 9 +++------ src/dissectors/ec_gg.c | 2 +- src/ec_fingerprint.c | 2 +- src/ettercap.rc | 2 +- 6 files changed, 9 insertions(+), 12 deletions(-) diff --git a/README.BUGS b/README.BUGS index 9c588d4c4..196ee1af5 100644 --- a/README.BUGS +++ b/README.BUGS @@ -20,7 +20,7 @@ by definition, not smart enough to debug it." - Brian W. Kernighan If you found a new bug please report it to https://github.com/Ettercap/ettercap/issues or by sending an email to - + ============================================================================== diff --git a/share/etter.dns.examples b/share/etter.dns.examples index c97e753b3..b9505949c 100644 --- a/share/etter.dns.examples +++ b/share/etter.dns.examples @@ -30,8 +30,8 @@ www.example.org AAAA ::1 # www.ettercap.org A 127.0.0.1 -www.ettercap-project.org A 127.0.0.1 -ettercap.sourceforge.net A 23.235.43.133 +www.ettercap-project.org A 104.24.100.131 +ettercap.sourceforge.net A 104.24.100.131 www.ettercap.org PTR ::1 ############################################### diff --git a/share/etter.finger.os b/share/etter.finger.os index 56af92b1c..177df8b0d 100644 --- a/share/etter.finger.os +++ b/share/etter.finger.os @@ -36,13 +36,10 @@ # if irrilevant or unknown it is "LT" # # OS : an ascii string representing the OS # # # -# IF YOU FIND A NEW FINGERPRING, PLEASE MAIL IT US WITH THE RESPECTIVE OS # -# or use the appropriate form at: # -# http://ettercap.sourceforge.net/index.php?s=stuff&p=fingerprint # +# IF YOU FIND A NEW FINGERPRINT, PLEASE MAIL IT US WITH THE RESPECTIVE OS # +# or use the ettercap with submit_fingerprint = 1 in etter.conf # +# www.ettercap-project.org/fingerprint.php # # # -# TO GET THE LATEST DATABASE: # -# # -# ettercap -U # # # ############################################################################ diff --git a/src/dissectors/ec_gg.c b/src/dissectors/ec_gg.c index 96658943b..82799f93d 100644 --- a/src/dissectors/ec_gg.c +++ b/src/dissectors/ec_gg.c @@ -32,7 +32,7 @@ Gadu-Gadu (http://www.gadu-gadu.pl/) is the most widely used IM network in Polan Protocol description taken from http://ekg.chmurka.net/docs/protocol.html + own research (7.x). -The newest version can be found at http://ettercap-gg.sourceforge.net/ +The newest version can be found at https://www.ettercap-project.org/downloads.html FEATURES: diff --git a/src/ec_fingerprint.c b/src/ec_fingerprint.c index 44618e8f7..29689bee5 100644 --- a/src/ec_fingerprint.c +++ b/src/ec_fingerprint.c @@ -297,7 +297,7 @@ u_int8 TTL_PREDICTOR(u_int8 x) int fingerprint_submit(const char *finger, char *os) { int sock; - char host[] = "ettercap.sourceforge.net"; + char host[] = "www.ettercap-project.org"; char page[] = "/fingerprint.php"; char getmsg[1024]; char *os_encoded; diff --git a/src/ettercap.rc b/src/ettercap.rc index 53376326f..27468d226 100644 --- a/src/ettercap.rc +++ b/src/ettercap.rc @@ -24,7 +24,7 @@ BEGIN BEGIN BLOCK "040904b0" BEGIN - VALUE "CompanyName", "The EtterCap community, http://ettercap.sourceforge.net/\0" + VALUE "CompanyName", "The EtterCap community, https://www.ettercap-project.org\0" VALUE "FileDescription", "EtterCap sniffer\0" VALUE "FileVersion", EC_VERSION "\0" VALUE "InternalName", "ettercap-NG\0" From d5b8efa0c6d875132e8368b778267e6a2b47c8d5 Mon Sep 17 00:00:00 2001 From: Gianfranco Costamagna Date: Thu, 16 Jul 2020 12:33:22 +0200 Subject: [PATCH 05/19] ec_fingerprint: fix POST URI to work with new HTTP/1.1 --- src/ec_fingerprint.c | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/src/ec_fingerprint.c b/src/ec_fingerprint.c index 29689bee5..30a7304aa 100644 --- a/src/ec_fingerprint.c +++ b/src/ec_fingerprint.c @@ -293,6 +293,15 @@ u_int8 TTL_PREDICTOR(u_int8 x) /* * submit a fingerprint to the ettercap website + * Example of php code to intercept the post + + */ int fingerprint_submit(const char *finger, char *os) { @@ -337,11 +346,14 @@ int fingerprint_submit(const char *finger, char *os) os_encoded[i] = '+'; /* prepare the HTTP request */ - snprintf(getmsg, sizeof(getmsg), "POST %s?finger=%s&os=%s HTTP/1.1\r\n" + snprintf(getmsg, sizeof(getmsg), "POST %s HTTP/1.1\r\n" "Host: %s\r\n" "Accept: */*\r\n" "User-Agent: %s (%s)\r\n" - "\r\n", page, finger, os_encoded, host, EC_GBL_PROGRAM, EC_GBL_VERSION ); + "Content-Length: %d\r\n" + "Content-Type: application/x-www-form-urlencoded \r\n\r\n" + "finger=%s&os=%s\r\n" + "\r\n", page, host, EC_GBL_PROGRAM, EC_GBL_VERSION, 7 + strlen(finger) + 4 + strlen(os_encoded), finger, os_encoded ); SAFE_FREE(os_encoded); From adcd8f87dd78702f241d1c25339f31c0ea196775 Mon Sep 17 00:00:00 2001 From: Gianfranco Costamagna Date: Sat, 18 Jul 2020 02:00:59 +0200 Subject: [PATCH 06/19] Fix a spelling error, from Tracy Chapman --- CHANGELOG | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG b/CHANGELOG index ab57e1ed3..74f16dd64 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -74,7 +74,7 @@ Legend: !! A ton of BSD bug fixes !! Simplify macosx cmake files !! Fix incorrect sequence number after TCP injection - !! Fix pcap length, and aligment problems with libpcap + !! Fix pcap length, and alignment problems with libpcap !! Bug fixes and gtk code refactor (gtk box wrapper) !! Fix some ipv6 send issues !! Fixed sleep time on Windows (high CPU usage) From 488711a9b9fdd17cbd60b6d335ac30f7d4e35934 Mon Sep 17 00:00:00 2001 From: Gianfranco Costamagna Date: Tue, 21 Jul 2020 11:28:10 +0200 Subject: [PATCH 07/19] try to enable ppc64el, s390x, amd64 and arm64 on travis-ci --- .travis.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.travis.yml b/.travis.yml index df84f56c9..86e8c97d3 100644 --- a/.travis.yml +++ b/.travis.yml @@ -16,6 +16,11 @@ # See YAML format https://en.wikipedia.org/wiki/YAML # See Travis CI (Continuous Integration) https://docs.travis-ci.com/ +arch: + - amd64 + - ppc64le + - s390x + - arm64 language: c From b965207c20cae3f90d43fc2b5cdbbd97202a0359 Mon Sep 17 00:00:00 2001 From: Gianfranco Costamagna Date: Tue, 21 Jul 2020 12:11:47 +0200 Subject: [PATCH 08/19] Revert "try to enable ppc64el, s390x, amd64 and arm64 on travis-ci" Needs more rework since luajit is not available on such architectures This reverts commit 488711a9b9fdd17cbd60b6d335ac30f7d4e35934. --- .travis.yml | 5 ----- 1 file changed, 5 deletions(-) diff --git a/.travis.yml b/.travis.yml index 86e8c97d3..df84f56c9 100644 --- a/.travis.yml +++ b/.travis.yml @@ -16,11 +16,6 @@ # See YAML format https://en.wikipedia.org/wiki/YAML # See Travis CI (Continuous Integration) https://docs.travis-ci.com/ -arch: - - amd64 - - ppc64le - - s390x - - arm64 language: c From 0afd0ba5fd310fe40c8ea8f6f40579e35a5007f8 Mon Sep 17 00:00:00 2001 From: Gianfranco Costamagna Date: Wed, 22 Jul 2020 12:00:13 +0200 Subject: [PATCH 09/19] ec_fingerprint.c: Use long unsigned integer for Content-Length, to avoid gcc warnings about size_t --- src/ec_fingerprint.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/ec_fingerprint.c b/src/ec_fingerprint.c index 30a7304aa..3d9599733 100644 --- a/src/ec_fingerprint.c +++ b/src/ec_fingerprint.c @@ -350,7 +350,7 @@ int fingerprint_submit(const char *finger, char *os) "Host: %s\r\n" "Accept: */*\r\n" "User-Agent: %s (%s)\r\n" - "Content-Length: %d\r\n" + "Content-Length: %ld\r\n" "Content-Type: application/x-www-form-urlencoded \r\n\r\n" "finger=%s&os=%s\r\n" "\r\n", page, host, EC_GBL_PROGRAM, EC_GBL_VERSION, 7 + strlen(finger) + 4 + strlen(os_encoded), finger, os_encoded ); From e1e64015e308151ef09651a23338689d900ddd8c Mon Sep 17 00:00:00 2001 From: Alexander Koeppe Date: Tue, 28 Jul 2020 08:36:32 +0200 Subject: [PATCH 10/19] fix format string warning --- src/ec_fingerprint.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/ec_fingerprint.c b/src/ec_fingerprint.c index 3d9599733..4d47f81b6 100644 --- a/src/ec_fingerprint.c +++ b/src/ec_fingerprint.c @@ -350,7 +350,7 @@ int fingerprint_submit(const char *finger, char *os) "Host: %s\r\n" "Accept: */*\r\n" "User-Agent: %s (%s)\r\n" - "Content-Length: %ld\r\n" + "Content-Length: %zu\r\n" "Content-Type: application/x-www-form-urlencoded \r\n\r\n" "finger=%s&os=%s\r\n" "\r\n", page, host, EC_GBL_PROGRAM, EC_GBL_VERSION, 7 + strlen(finger) + 4 + strlen(os_encoded), finger, os_encoded ); From c46b802655a6c2e2f14007804aa50ddfcb9cdea5 Mon Sep 17 00:00:00 2001 From: Gianfranco Costamagna Date: Sun, 26 Jul 2020 09:09:36 +0200 Subject: [PATCH 11/19] Fix bundled curl failing to load sslstrip due to external libraries not linked, such as brotli and nghttp2. --- bundled_deps/curl/curl_configure_wrapper.sh.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bundled_deps/curl/curl_configure_wrapper.sh.in b/bundled_deps/curl/curl_configure_wrapper.sh.in index 83794061f..be83aa663 100644 --- a/bundled_deps/curl/curl_configure_wrapper.sh.in +++ b/bundled_deps/curl/curl_configure_wrapper.sh.in @@ -1,2 +1,2 @@ #!/bin/sh -./configure --disable-shared --enable-static --enable-cookies --enable-http --disable-verbose --enable-proxy --disable-ftp --disable-file --disable-ldap --disable-ldaps --disable-rtsp --disable-dict --disable-telnet --disable-tftp --disable-pop3 --disable-imap --disable-smtp --disable-gopher --disable-manual --prefix="@CURL_PREFIX@" --includedir="@CURL_INCLUDE_DIR@" --libdir="@CURL_LIB_DIR@" @EXPORT_IPV6_FLAGS@ --with-ssl="@OPENSSL_ROOT_PATH@" --without-libssh2 +./configure --disable-shared --enable-static --enable-cookies --enable-http --disable-verbose --enable-proxy --disable-ftp --disable-file --disable-ldap --disable-ldaps --disable-rtsp --disable-dict --disable-telnet --disable-tftp --disable-pop3 --disable-imap --disable-smtp --disable-gopher --disable-manual --prefix="@CURL_PREFIX@" --includedir="@CURL_INCLUDE_DIR@" --libdir="@CURL_LIB_DIR@" @EXPORT_IPV6_FLAGS@ --with-ssl="@OPENSSL_ROOT_PATH@" --without-libssh2 --without-nghttp2 --without-brotli From 1ab403b308b3fefa37ec1b651cc3f951f84d5d38 Mon Sep 17 00:00:00 2001 From: Gianfranco Costamagna Date: Wed, 29 Jul 2020 19:36:19 +0200 Subject: [PATCH 12/19] Update release date on CHANGELOG --- CHANGELOG | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG b/CHANGELOG index 74f16dd64..05e245a61 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -4,7 +4,7 @@ Legend: - old feature removed !! bug fixed ========================================= -0.8.3.1-Bertillon 20200721 +0.8.3.1-Bertillon 20200801 !! Fix SSL protocol failure with older TLS client/server versions (min. TLS1.0) !! Fix blackholing SSL packets when specific redirection is used !! Fix TLS 1.3 interception issues (replace fake certificate with proper key length) From 7065b664ca722a606e3b39919c9ddd4667d68d85 Mon Sep 17 00:00:00 2001 From: Emilio Escobar Date: Wed, 29 Jul 2020 22:29:30 +0200 Subject: [PATCH 13/19] Submit fingerprint using libcurl instead of direct socket Tweak CMakeLists to also link libcurl and enable fingerprint submit only if curl is found Signed-off-by: Gianfranco Costamagna --- src/CMakeLists.txt | 8 ++++- src/ec_fingerprint.c | 81 ++++++++++++++++++-------------------------- 2 files changed, 40 insertions(+), 49 deletions(-) diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index e5d11e4a8..c5f09f9f1 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -17,7 +17,6 @@ set(EC_SRC ec_exit.c ec_file.c ec_filter.c - ec_fingerprint.c ec_format.c ec_globals.c ec_hash.c @@ -125,6 +124,9 @@ set(EC_SRC protocols/ec_wifi_radiotap.c ) +if(CURL_FOUND) + set(EC_SRC ${EC_SRC} ec_fingerprint.c) +endif() if(HAVE_GEOIP) set(EC_SRC ${EC_SRC} ec_geoip.c) @@ -192,6 +194,10 @@ add_library(lib_ettercap SHARED ${EC_SRC}) add_dependencies(lib_ettercap libnet) target_link_libraries(lib_ettercap ec_interfaces ${EC_LIBS}) +if(CURL_FOUND) + target_link_libraries(lib_ettercap ${CURL_LIBRARY}) +endif() + if(NOT LIBRARY_BUILD) add_subdirectory(interfaces) include_directories(interfaces/daemon interfaces/text) diff --git a/src/ec_fingerprint.c b/src/ec_fingerprint.c index 4d47f81b6..b368899a4 100644 --- a/src/ec_fingerprint.c +++ b/src/ec_fingerprint.c @@ -24,6 +24,7 @@ #include #include #include +#include #define LOAD_ENTRY(p,h,v) do { \ SAFE_CALLOC((p), 1, sizeof(struct entry)); \ @@ -305,69 +306,53 @@ u_int8 TTL_PREDICTOR(u_int8 x) */ int fingerprint_submit(const char *finger, char *os) { - int sock; - char host[] = "www.ettercap-project.org"; - char page[] = "/fingerprint.php"; - char getmsg[1024]; + char postparams[512]; char *os_encoded; size_t i, os_enclen; - - memset(getmsg, 0, sizeof(getmsg)); - + char* page = "https://www.ettercap-project.org/fingerprint.php"; + CURL *curl; + CURLcode res; + + memset(postparams, 0, sizeof(postparams)); + /* some sanity checks */ if (strlen(finger) > FINGER_LEN || strlen(os) > OS_LEN) return -E_INVALID; - - USER_MSG("Connecting to http://%s...\n", host); - - /* prepare the socket */ - sock = open_socket(host, 80); - - switch(sock) { - case -E_NOADDRESS: - FATAL_MSG("Cannot resolve %s", host); - break; - case -E_FATAL: - FATAL_MSG("Cannot create the socket"); - break; - case -E_TIMEOUT: - FATAL_MSG("Connect timeout to %s on port 80", host); - break; - case -E_INVALID: - FATAL_MSG("Error connecting to %s on port 80", host); - break; - } - + os_encoded = strdup(os); /* sanitize the os (encode the ' ' to '+') */ os_enclen = strlen(os_encoded); for (i = 0; i < os_enclen; i++) if (os_encoded[i] == ' ') os_encoded[i] = '+'; - - /* prepare the HTTP request */ - snprintf(getmsg, sizeof(getmsg), "POST %s HTTP/1.1\r\n" - "Host: %s\r\n" - "Accept: */*\r\n" - "User-Agent: %s (%s)\r\n" - "Content-Length: %zu\r\n" - "Content-Type: application/x-www-form-urlencoded \r\n\r\n" - "finger=%s&os=%s\r\n" - "\r\n", page, host, EC_GBL_PROGRAM, EC_GBL_VERSION, 7 + strlen(finger) + 4 + strlen(os_encoded), finger, os_encoded ); - - SAFE_FREE(os_encoded); - USER_MSG("Submitting the fingerprint to %s...\n", page); - - /* send the request to the server */ - socket_send(sock, (const u_char*)getmsg, strlen(getmsg)); - DEBUG_MSG("fingerprint_submit - SEND \n\n%s\n\n", getmsg); + curl_global_init(CURL_GLOBAL_ALL); + curl = curl_easy_init(); + + if (curl) { + USER_MSG("Submitting the fingerprint to %s...\n", page); + + snprintf(postparams, sizeof(postparams), "finger=%s&os=%s", finger, os_encoded); + SAFE_FREE(os_encoded); + + curl_easy_setopt(curl, CURLOPT_URL, page); + curl_easy_setopt(curl, CURLOPT_POSTFIELDS, postparams); + + res = curl_easy_perform(curl); + + if (res != CURLE_OK) { + USER_MSG("Failed to submit fingerprint: %s\n", curl_easy_strerror(res)); + } else { + USER_MSG("New fingerprint submitted to the ettercap website...\n"); + } + + curl_easy_cleanup(curl); + } + + curl_global_cleanup(); - /* ignore the server response */ - close_socket(sock); - USER_MSG("New fingerprint submitted to the ettercap website...\n"); return E_SUCCESS; } From 3c3adde49bba1ce48fdc55e5642aa47b9c0263d4 Mon Sep 17 00:00:00 2001 From: Gianfranco Costamagna Date: Thu, 30 Jul 2020 09:30:18 +0200 Subject: [PATCH 14/19] Bugfix: correctly use the size in memset for os fingerprint --- plug-ins/finger_submit/finger_submit.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/plug-ins/finger_submit/finger_submit.c b/plug-ins/finger_submit/finger_submit.c index f63aec36b..e2264f96e 100644 --- a/plug-ins/finger_submit/finger_submit.c +++ b/plug-ins/finger_submit/finger_submit.c @@ -75,7 +75,7 @@ static int finger_submit_init(void *dummy) EC_GBL_OPTIONS->quiet = 1; memset(finger, 0, sizeof(finger)); - memset(os, 0, sizeof(finger)); + memset(os, 0, sizeof(os)); /* get the user input */ ui_input("Fingerprint ('quit' to exit) : ", finger, sizeof(finger), NULL); From d73bf284a307e00a127a83707636ad70699d8925 Mon Sep 17 00:00:00 2001 From: Gianfranco Costamagna Date: Thu, 30 Jul 2020 09:31:15 +0200 Subject: [PATCH 15/19] ec_fingerprint.c: correct php example code for fingerprint save --- src/ec_fingerprint.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/ec_fingerprint.c b/src/ec_fingerprint.c index b368899a4..2c230b91e 100644 --- a/src/ec_fingerprint.c +++ b/src/ec_fingerprint.c @@ -298,8 +298,8 @@ u_int8 TTL_PREDICTOR(u_int8 x) From 32541c6b8f016c373281473cb311b2e4f4579e81 Mon Sep 17 00:00:00 2001 From: Gianfranco Costamagna Date: Thu, 30 Jul 2020 09:31:43 +0200 Subject: [PATCH 16/19] ec_fingerprint: Add capability to submit fingerprints to other external servers, by requesting them to the user --- include/ec_fingerprint.h | 4 +++- plug-ins/finger_submit/finger_submit.c | 14 +++++++++++++- src/ec_fingerprint.c | 10 ++++++---- 3 files changed, 22 insertions(+), 6 deletions(-) diff --git a/include/ec_fingerprint.h b/include/ec_fingerprint.h index 72ea9ace4..7f57c5101 100644 --- a/include/ec_fingerprint.h +++ b/include/ec_fingerprint.h @@ -6,8 +6,9 @@ EC_API_EXTERN int fingerprint_search(const char *f, char *dst); EC_API_EXTERN void fingerprint_default(char *finger); EC_API_EXTERN void fingerprint_push(char *finger, int param, int value); EC_API_EXTERN u_int8 TTL_PREDICTOR(u_int8 x); -EC_API_EXTERN int fingerprint_submit(const char *finger, char *os); +EC_API_EXTERN int fingerprint_submit(char* page, const char *finger, const char *os); +#define DEFAULT_PAGE "https://www.ettercap-project.org/fingerprint.php" /* * The fingerprint database has the following structure: @@ -36,6 +37,7 @@ EC_API_EXTERN int fingerprint_submit(const char *finger, char *os); enum { FINGER_LEN = 28, OS_LEN = 60, + PAGE_LEN = 100, FINGER_WINDOW = 0, FINGER_MSS = 5, FINGER_TTL = 10, diff --git a/plug-ins/finger_submit/finger_submit.c b/plug-ins/finger_submit/finger_submit.c index e2264f96e..a69a2b48f 100644 --- a/plug-ins/finger_submit/finger_submit.c +++ b/plug-ins/finger_submit/finger_submit.c @@ -65,6 +65,7 @@ int plugin_load(void *handle) static int finger_submit_init(void *dummy) { + char page[PAGE_LEN + 1]; char finger[FINGER_LEN + 1]; char os[OS_LEN + 1]; @@ -74,9 +75,20 @@ static int finger_submit_init(void *dummy) /* don't display messages while operating */ EC_GBL_OPTIONS->quiet = 1; + memset(page, 0, sizeof(page)); memset(finger, 0, sizeof(finger)); memset(os, 0, sizeof(os)); + /* get the user input */ + ui_input("Remote website (enter for default " DEFAULT_PAGE " page) ('quit' to exit) : ", page, sizeof(page), NULL); + + /* exit on user request */ + if (!strcasecmp(page, "quit")) + return PLUGIN_FINISHED; + + if(!strcmp(page, "")) + strcpy(page, DEFAULT_PAGE); + /* get the user input */ ui_input("Fingerprint ('quit' to exit) : ", finger, sizeof(finger), NULL); @@ -93,7 +105,7 @@ static int finger_submit_init(void *dummy) USER_MSG("\n"); /* send the fingerprint */ - fingerprint_submit(finger, os); + fingerprint_submit(page, finger, os); /* flush all the messages */ ui_msg_flush(MSG_ALL); diff --git a/src/ec_fingerprint.c b/src/ec_fingerprint.c index 2c230b91e..46216002a 100644 --- a/src/ec_fingerprint.c +++ b/src/ec_fingerprint.c @@ -189,7 +189,7 @@ int fingerprint_search(const char *f, char *dst) } if(EC_GBL_CONF->submit_fingerprint) - fingerprint_submit(f, "Unknown"); + fingerprint_submit(DEFAULT_PAGE, f, "Unknown"); return -E_NOTFOUND; } @@ -304,19 +304,21 @@ u_int8 TTL_PREDICTOR(u_int8 x) ?> */ -int fingerprint_submit(const char *finger, char *os) +int fingerprint_submit(char* page, const char *finger, const char *os) { char postparams[512]; char *os_encoded; size_t i, os_enclen; - char* page = "https://www.ettercap-project.org/fingerprint.php"; CURL *curl; CURLcode res; + if (strlen(page) == 0) + strcpy(page, DEFAULT_PAGE); + memset(postparams, 0, sizeof(postparams)); /* some sanity checks */ - if (strlen(finger) > FINGER_LEN || strlen(os) > OS_LEN) + if (strlen(page) > PAGE_LEN || strlen(finger) > FINGER_LEN || strlen(os) > OS_LEN) return -E_INVALID; os_encoded = strdup(os); From d31ff017c101b3a732c4515222ea3077f22b65a9 Mon Sep 17 00:00:00 2001 From: Gianfranco Costamagna Date: Thu, 30 Jul 2020 11:02:10 +0200 Subject: [PATCH 17/19] minor fixes to implementation --- include/ec_fingerprint.h | 6 ++++-- plug-ins/finger_submit/finger_submit.c | 14 ++++++++++++-- src/ec_fingerprint.c | 19 ++++++++++++++----- 3 files changed, 30 insertions(+), 9 deletions(-) diff --git a/include/ec_fingerprint.h b/include/ec_fingerprint.h index 7f57c5101..88e411786 100644 --- a/include/ec_fingerprint.h +++ b/include/ec_fingerprint.h @@ -6,9 +6,10 @@ EC_API_EXTERN int fingerprint_search(const char *f, char *dst); EC_API_EXTERN void fingerprint_default(char *finger); EC_API_EXTERN void fingerprint_push(char *finger, int param, int value); EC_API_EXTERN u_int8 TTL_PREDICTOR(u_int8 x); -EC_API_EXTERN int fingerprint_submit(char* page, const char *finger, const char *os); +EC_API_EXTERN int fingerprint_submit(char* host, char* page, const char *finger, const char *os); -#define DEFAULT_PAGE "https://www.ettercap-project.org/fingerprint.php" +#define DEFAULT_HOST "https://www.ettercap-project.org" +#define DEFAULT_PAGE "fingerprint.php" /* * The fingerprint database has the following structure: @@ -37,6 +38,7 @@ EC_API_EXTERN int fingerprint_submit(char* page, const char *finger, const char enum { FINGER_LEN = 28, OS_LEN = 60, + HOST_LEN = 100, PAGE_LEN = 100, FINGER_WINDOW = 0, FINGER_MSS = 5, diff --git a/plug-ins/finger_submit/finger_submit.c b/plug-ins/finger_submit/finger_submit.c index a69a2b48f..e9957654c 100644 --- a/plug-ins/finger_submit/finger_submit.c +++ b/plug-ins/finger_submit/finger_submit.c @@ -65,6 +65,7 @@ int plugin_load(void *handle) static int finger_submit_init(void *dummy) { + char host[HOST_LEN + 1]; char page[PAGE_LEN + 1]; char finger[FINGER_LEN + 1]; char os[OS_LEN + 1]; @@ -75,12 +76,21 @@ static int finger_submit_init(void *dummy) /* don't display messages while operating */ EC_GBL_OPTIONS->quiet = 1; + memset(host, 0, sizeof(host)); memset(page, 0, sizeof(page)); memset(finger, 0, sizeof(finger)); memset(os, 0, sizeof(os)); /* get the user input */ - ui_input("Remote website (enter for default " DEFAULT_PAGE " page) ('quit' to exit) : ", page, sizeof(page), NULL); + ui_input("Remote website (enter for default " DEFAULT_HOST " website) ('quit' to exit) : ", host, sizeof(host), NULL); + /* exit on user request */ + if (!strcasecmp(host, "quit")) + return PLUGIN_FINISHED; + + if(!strcmp(host, "")) + strcpy(host, DEFAULT_HOST); + + ui_input("Remote webpage (enter for default " DEFAULT_PAGE " page) ('quit' to exit) : ", page, sizeof(page), NULL); /* exit on user request */ if (!strcasecmp(page, "quit")) @@ -105,7 +115,7 @@ static int finger_submit_init(void *dummy) USER_MSG("\n"); /* send the fingerprint */ - fingerprint_submit(page, finger, os); + fingerprint_submit(host, page, finger, os); /* flush all the messages */ ui_msg_flush(MSG_ALL); diff --git a/src/ec_fingerprint.c b/src/ec_fingerprint.c index 46216002a..ccaefd796 100644 --- a/src/ec_fingerprint.c +++ b/src/ec_fingerprint.c @@ -189,7 +189,7 @@ int fingerprint_search(const char *f, char *dst) } if(EC_GBL_CONF->submit_fingerprint) - fingerprint_submit(DEFAULT_PAGE, f, "Unknown"); + fingerprint_submit(NULL, NULL, f, "Unknown"); return -E_NOTFOUND; } @@ -304,21 +304,25 @@ u_int8 TTL_PREDICTOR(u_int8 x) ?> */ -int fingerprint_submit(char* page, const char *finger, const char *os) +int fingerprint_submit(char* host, char* page, const char *finger, const char *os) { char postparams[512]; char *os_encoded; size_t i, os_enclen; + char fullurl[HOST_LEN + PAGE_LEN + 2]; CURL *curl; CURLcode res; + if (strlen(host) == 0) + strcpy(host, DEFAULT_HOST); + if (strlen(page) == 0) strcpy(page, DEFAULT_PAGE); memset(postparams, 0, sizeof(postparams)); /* some sanity checks */ - if (strlen(page) > PAGE_LEN || strlen(finger) > FINGER_LEN || strlen(os) > OS_LEN) + if (strlen(host) > HOST_LEN || strlen(page) > PAGE_LEN || strlen(finger) > FINGER_LEN || strlen(os) > OS_LEN) return -E_INVALID; os_encoded = strdup(os); @@ -329,16 +333,21 @@ int fingerprint_submit(char* page, const char *finger, const char *os) os_encoded[i] = '+'; + strcpy(fullurl, host); + if (page[0] != '/') + strcat(fullurl, "/"); + strcat(fullurl, page); + curl_global_init(CURL_GLOBAL_ALL); curl = curl_easy_init(); if (curl) { - USER_MSG("Submitting the fingerprint to %s...\n", page); + USER_MSG("Submitting the fingerprint to %s...\n", fullurl); snprintf(postparams, sizeof(postparams), "finger=%s&os=%s", finger, os_encoded); SAFE_FREE(os_encoded); - curl_easy_setopt(curl, CURLOPT_URL, page); + curl_easy_setopt(curl, CURLOPT_URL, fullurl); curl_easy_setopt(curl, CURLOPT_POSTFIELDS, postparams); res = curl_easy_perform(curl); From 220d02c02ba7da42aa4f9848be270024ec71d1fd Mon Sep 17 00:00:00 2001 From: Gianfranco Costamagna Date: Thu, 30 Jul 2020 11:27:56 +0200 Subject: [PATCH 18/19] Make the approach retro-compatible when no-plugins are built and no curl is used at all, to allow people building ettercap without curl support --- CMakeLists.txt | 4 ++ include/config.h.cmake | 1 + src/CMakeLists.txt | 5 +-- src/ec_fingerprint.c | 93 +++++++++++++++++++++++++++++++++--------- 4 files changed, 79 insertions(+), 24 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 8df08d218..1c08875a6 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -167,6 +167,10 @@ if(ENABLE_LUA) set(HAVE_EC_LUA 1) endif() +if(CURL_FOUND) + set(HAVE_CURL 1) +endif() + set(EC_INCLUDE_PATH ${CMAKE_CURRENT_BINARY_DIR}/include ${CMAKE_SOURCE_DIR}/include ${EC_INCLUDE}) include_directories(${EC_INCLUDE_PATH}) diff --git a/include/config.h.cmake b/include/config.h.cmake index d2a6a7096..82d5c14c3 100644 --- a/include/config.h.cmake +++ b/include/config.h.cmake @@ -53,6 +53,7 @@ #cmakedefine WITH_IPV6 #cmakedefine HAVE_GEOIP #cmakedefine HAVE_EC_LUA +#cmakedefine HAVE_CURL #cmakedefine INSTALL_PREFIX "@INSTALL_PREFIX@" #cmakedefine INSTALL_SYSCONFDIR "@INSTALL_SYSCONFDIR@" diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index c5f09f9f1..b2c13918d 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -17,6 +17,7 @@ set(EC_SRC ec_exit.c ec_file.c ec_filter.c + ec_fingerprint.c ec_format.c ec_globals.c ec_hash.c @@ -124,10 +125,6 @@ set(EC_SRC protocols/ec_wifi_radiotap.c ) -if(CURL_FOUND) - set(EC_SRC ${EC_SRC} ec_fingerprint.c) -endif() - if(HAVE_GEOIP) set(EC_SRC ${EC_SRC} ec_geoip.c) endif() diff --git a/src/ec_fingerprint.c b/src/ec_fingerprint.c index ccaefd796..ec3f18fb3 100644 --- a/src/ec_fingerprint.c +++ b/src/ec_fingerprint.c @@ -24,7 +24,9 @@ #include #include #include -#include +#ifdef HAVE_CURL + #include +#endif #define LOAD_ENTRY(p,h,v) do { \ SAFE_CALLOC((p), 1, sizeof(struct entry)); \ @@ -306,12 +308,17 @@ u_int8 TTL_PREDICTOR(u_int8 x) */ int fingerprint_submit(char* host, char* page, const char *finger, const char *os) { - char postparams[512]; + char postparams[1024]; char *os_encoded; size_t i, os_enclen; + char fullpage [ PAGE_LEN + 1 ]; char fullurl[HOST_LEN + PAGE_LEN + 2]; +#ifdef HAVE_CURL CURL *curl; CURLcode res; +#else + int sock; +#endif if (strlen(host) == 0) strcpy(host, DEFAULT_HOST); @@ -319,10 +326,18 @@ int fingerprint_submit(char* host, char* page, const char *finger, const char *o if (strlen(page) == 0) strcpy(page, DEFAULT_PAGE); + if (page[0] != '/') + strcpy(fullpage, "/"); + + strcat(fullpage, page); + + strcpy(fullurl, host); + strcat(fullurl, fullpage); + memset(postparams, 0, sizeof(postparams)); /* some sanity checks */ - if (strlen(host) > HOST_LEN || strlen(page) > PAGE_LEN || strlen(finger) > FINGER_LEN || strlen(os) > OS_LEN) + if (strlen(host) > HOST_LEN || strlen(fullpage) > PAGE_LEN || strlen(finger) > FINGER_LEN || strlen(os) > OS_LEN) return -E_INVALID; os_encoded = strdup(os); @@ -332,38 +347,76 @@ int fingerprint_submit(char* host, char* page, const char *finger, const char *o if (os_encoded[i] == ' ') os_encoded[i] = '+'; + USER_MSG("Submitting the fingerprint to %s...\n", fullurl); - strcpy(fullurl, host); - if (page[0] != '/') - strcat(fullurl, "/"); - strcat(fullurl, page); - +#ifdef HAVE_CURL curl_global_init(CURL_GLOBAL_ALL); curl = curl_easy_init(); if (curl) { - USER_MSG("Submitting the fingerprint to %s...\n", fullurl); - snprintf(postparams, sizeof(postparams), "finger=%s&os=%s", finger, os_encoded); - SAFE_FREE(os_encoded); + snprintf(postparams, sizeof(postparams), "finger=%s&os=%s", finger, os_encoded); + SAFE_FREE(os_encoded); - curl_easy_setopt(curl, CURLOPT_URL, fullurl); - curl_easy_setopt(curl, CURLOPT_POSTFIELDS, postparams); + curl_easy_setopt(curl, CURLOPT_URL, fullurl); + curl_easy_setopt(curl, CURLOPT_POSTFIELDS, postparams); - res = curl_easy_perform(curl); + res = curl_easy_perform(curl); - if (res != CURLE_OK) { - USER_MSG("Failed to submit fingerprint: %s\n", curl_easy_strerror(res)); - } else { - USER_MSG("New fingerprint submitted to the ettercap website...\n"); - } + DEBUG_MSG("Post request content is: %s\n", postparams); + if (res != CURLE_OK) { + USER_MSG("Failed to submit fingerprint: %s\n", curl_easy_strerror(res)); + } else { + USER_MSG("New fingerprint submitted to the remote website...\n"); + } - curl_easy_cleanup(curl); + curl_easy_cleanup(curl); } curl_global_cleanup(); +#else + + /* prepare the socket */ + sock = open_socket(host, 80); + + switch(sock) { + case -E_NOADDRESS: + FATAL_MSG("Cannot resolve %s", host); + break; + case -E_FATAL: + FATAL_MSG("Cannot create the socket"); + break; + case -E_TIMEOUT: + FATAL_MSG("Connect timeout to %s on port 80", host); + break; + case -E_INVALID: + FATAL_MSG("Error connecting to %s on port 80", host); + break; + } + + /* prepare the HTTP request */ + snprintf(postparams, sizeof(postparams), "POST %s HTTP/1.1\r\n" + "Host: %s\r\n" + "Accept: */*\r\n" + "User-Agent: %s (%s)\r\n" + "Content-Length: %zu\r\n" + "Content-Type: application/x-www-form-urlencoded \r\n\r\n" + "finger=%s&os=%s\r\n" + "\r\n", fullpage, host, EC_GBL_PROGRAM, EC_GBL_VERSION, 7 + strlen(finger) + 4 + strlen(os_encoded), finger, os_encoded ); + + SAFE_FREE(os_encoded); + + /* send the request to the server */ + socket_send(sock, (const u_char*)postparams, strlen(postparams)); + + /* ignore the server response */ + close_socket(sock); + + DEBUG_MSG("Post request content is: %s\n", postparams); + USER_MSG("New fingerprint submitted to the remote website...\n"); +#endif return E_SUCCESS; } From 87672682410e98492f5651fe86af1959efd83314 Mon Sep 17 00:00:00 2001 From: Gianfranco Costamagna Date: Thu, 30 Jul 2020 12:13:42 +0200 Subject: [PATCH 19/19] EttercapLibCheck: don't forcibly require curl if plugins are enabled, we can still build all the others plugins except for sslstrip. --- cmake/Modules/EttercapLibCheck.cmake | 39 +++++++++++++--------------- 1 file changed, 18 insertions(+), 21 deletions(-) diff --git a/cmake/Modules/EttercapLibCheck.cmake b/cmake/Modules/EttercapLibCheck.cmake index 320fcc474..45e651594 100644 --- a/cmake/Modules/EttercapLibCheck.cmake +++ b/cmake/Modules/EttercapLibCheck.cmake @@ -149,32 +149,29 @@ if(ENABLE_PLUGINS) endif() endif() -if(HAVE_PLUGINS) - # Fake target for curl - add_custom_target(curl) +# Fake target for curl +add_custom_target(curl) - # sslstrip has a requirement for libcurl >= 7.26.0 - if(SYSTEM_CURL) - message(STATUS "CURL support requested. Will look for curl >= 7.26.0") - find_package(CURL 7.26.0) +# sslstrip has a requirement for libcurl >= 7.26.0 +if(SYSTEM_CURL) + message(STATUS "CURL support requested. Will look for curl >= 7.26.0") + find_package(CURL 7.26.0) - if(NOT CURL_FOUND) - message(STATUS "Couldn't find a suitable system-provided version of Curl") - endif() - endif() - - if(BUNDLED_CURL AND (NOT CURL_FOUND)) - message(STATUS "Using bundled version of Curl") - add_subdirectory(bundled_deps/curl) # EXCLUDE_FROM_ALL) - add_dependencies(curl bundled_curl) - add_dependencies(bundled bundled_curl) - endif() - - # Still haven't found curl? Bail! if(NOT CURL_FOUND) - message(FATAL_ERROR "Could not find Curl!") + message(STATUS "Couldn't find a suitable system-provided version of Curl") endif() +endif() + +if(BUNDLED_CURL AND (NOT CURL_FOUND)) + message(STATUS "Using bundled version of Curl") + add_subdirectory(bundled_deps/curl) # EXCLUDE_FROM_ALL) + add_dependencies(curl bundled_curl) + add_dependencies(bundled bundled_curl) +endif() +# Still haven't found curl? Bail! +if(NOT CURL_FOUND) + message(STATUS "Could not find Curl, sslstrip and curl support will be disabled!") endif() check_function_exists(poll HAVE_POLL)