Bettercap - Dev. progress [For developers]

[Zylla]

Hi fellow pentesters, and developers!

I sat down today and decided to work on getting Bettercap up and running on my Tetra + Nano.
It seems like the biggest hinder so far has been getting eventmachine for Ruby working. So i decided to start there.

The reason i'm making this post is because i managed to get eventmachine running on my Tetra.
BUT, i'm currently "stuck" at getting a smaller dependency working: "pcapruby".  (libpcap for ruby)

I've published the Makefile + patches for the SDK on GitHub, as well as the IPK (install file).
If you want to build the IPK yourself.

After installing my IPK you'd need to fetch the Bettercap repo. and start installing these ruby dependencies:

opkg install ruby-gems ruby-mkmf ruby-openssl ruby-enc-extra

After doing that you can start installing Bettercap as usual:

cd bettercap
gem build bettercap.gemspec
gem install bettercap*.gem

Which WILL fail because we are missing "pcapruby".
I've been quite busy lately, so i was hoping we could solve it together.
Bettercap would be awesome getting to work, at least on the Tetra. :)

[crystal]

Hi Zylla.

You probably already read this, but evilsocket (Bettercap's creators) has already tried to make Bettercap works on NANO, without much success. Here is a excerpt from his blog:

Quote

Unfortunately making bettercap run on the NANO is a pain in the ass and, even if you manage to do it, its hardware is simply not powerful enough to properly running it while handling multiple connections, so I’ve decided to run it on the laptop and have the NANO redirect all HTTP (and optionally HTTPS) traffic to it.

 

[Zylla]

No i wasn't aware of that blog. Thanks for the heads up :)
I'm well aware of the hardware limitations on the Nano. But i think the Tetra still has "some potential" on these encrypted sessions.
For example: using my package of Mana Toolkit (sslstrip+dns2proxy, all the stuff..) works on both the Nano and the Tetra. But it's extremely limited on the Nano.
It struggles with just one connected client. The Tetra however, manages more alot better.

Also, all this stuff that is slowing the routers down seems to be related to Python. (And openssl).
Getting it to work, would also be an incentive to make it work better. (Increase the performance)

I know Maxmilian (the mitmproxy dev) forked together a version of mitmproxy for OpenWRT. (He warned of massive performance issues)
But i remember him stating that performance could be tweaked. I reckon the same goes for BetterCap.

It would also be interesting to check the performance of OpenSSL on Ruby vs. Python on these devices. :)