[Buildroot] [PATCH] package/ettercap: new package

[Buildroot] [PATCH] package/ettercap: new package

[Jugurtha BELKALEM]

Ettercap is a comprehensive suite for man
in the middle attacks.
It features sniffing of live connections, content
filtering on the fly and many other interesting
tricks.

Ettercap can help identify misconfigured networks,
testing intrusion detection and prevention
applications and build robust embedded systems that
are "security by design" compliant.

This tool can be used for security testing or
educational purposes.

Master branch from :
https://github.com/Ettercap/ettercap
was used as the source for this packet as it
remains in active development (unlike release
version which dates back to 2015).

More information is available at:
https://www.ettercap-project.org/

Signed-off-by: Jugurtha BELKALEM <jugurtha.belkalem@smile.fr>
---
 DEVELOPERS                                         |  3 ++
 package/Config.in                                  |  1 +
 .../0001-Fix-invalid-utf-8-is-not-supported.patch  | 33 ++++++++++++++++++++++
 package/ettercap/Config.in                         | 22 +++++++++++++++
 package/ettercap/ettercap.hash                     |  3 ++
 package/ettercap/ettercap.mk                       | 16 +++++++++++
 6 files changed, 78 insertions(+)
 create mode 100644 package/ettercap/0001-Fix-invalid-utf-8-is-not-supported.patch
 create mode 100644 package/ettercap/Config.in
 create mode 100644 package/ettercap/ettercap.hash
 create mode 100644 package/ettercap/ettercap.mk

diff --git a/DEVELOPERS b/DEVELOPERS
index 5bfc456..9246d96 100644
--- a/DEVELOPERS
+++ b/DEVELOPERS
@@ -1227,6 +1227,9 @@ F:	package/python-xlib/
 N:	Joshua Henderson <joshua.henderson@microchip.com>
 F:	package/qt5/qt5wayland/
 
+N:	Jugurtha BELKALEM <jugurtha.belkalem@smile.fr>
+F:	package/ettercap/
+
 N:	Juha Rantanen <juha@codercoded.com>
 F:	package/acsccid/
 
diff --git a/package/Config.in b/package/Config.in
index f592e74..52d08d3 100644
--- a/package/Config.in
+++ b/package/Config.in
@@ -1757,6 +1757,7 @@ endif
 endmenu
 
 menu "Security"
+	source "package/ettercap/Config.in"
 	source "package/libselinux/Config.in"
 	source "package/libsemanage/Config.in"
 	source "package/libsepol/Config.in"
diff --git a/package/ettercap/0001-Fix-invalid-utf-8-is-not-supported.patch b/package/ettercap/0001-Fix-invalid-utf-8-is-not-supported.patch
new file mode 100644
index 0000000..9627cc3
--- /dev/null
+++ b/package/ettercap/0001-Fix-invalid-utf-8-is-not-supported.patch
@@ -0,0 +1,33 @@
+From b4f8a10100669806de6cb37b1c1f747539e93b31 Mon Sep 17 00:00:00 2001
+From: Jugurtha BELKALEM <jugurtha.belkalem@smile.fr>
+Date: Tue, 7 May 2019 13:25:44 +0200
+Subject: [PATCH] Fix invalid utf-8 is not supported
+
+Fixes fatal error message generated even when
+utf-8 is available.
+Ettercap requires gettext package and works fine.
+ 
+Signed-off-by: Jugurtha BELKALEM <jugurtha.belkalem@smile.fr>
+---
+ ettercap-5fb604823c6063676ebdf7cac66b7807acb4f7ed/src/ec_format.c | 5 +----
+ 1 file changed, 1 insertion(+), 4 deletions(-)
+
+diff --git a/src/ec_format.c b/ettercap-5fb604823c6063676ebdf7cac66b7807acb4f7ed/src/ec_format.c
+index 5c9b850..dd9d972 100644
+--- a/src/ec_format.c
++++ b/src/ec_format.c
+@@ -417,10 +417,7 @@ int set_utf8_encoding(u_char *fromcode)
+ 
+    /* make sure encoding type is supported */
+    cd = iconv_open("UTF-8", (const char*)fromcode);
+-   
+-   if (cd == (iconv_t)(-1))
+-      SEMIFATAL_ERROR("The conversion from %s to UTF-8 is not supported.", fromcode);
+-   
++      
+    iconv_close(cd);
+ 
+    utf8_encoding = strdup((const char*)fromcode);
+-- 
+2.7.4
+
diff --git a/package/ettercap/Config.in b/package/ettercap/Config.in
new file mode 100644
index 0000000..fbab876
--- /dev/null
+++ b/package/ettercap/Config.in
@@ -0,0 +1,22 @@
+config BR2_PACKAGE_ETTERCAP
+	bool "ettercap"
+	select BR2_PACKAGE_ETHTOOL # runtime
+	select BR2_PACKAGE_GEOIP # runtime
+	select BR2_PACKAGE_GETTEXT # runtime
+	select BR2_PACKAGE_LIBCURL # runtime
+	select BR2_PACKAGE_LIBNET # runtime
+	select BR2_PACKAGE_LIBPCAP # runtime
+	select BR2_PACKAGE_LIBPTHREAD_STUB # runtime
+	select BR2_PACKAGE_NCURSES # runtime
+	select BR2_PACKAGE_OPENSSL # runtime
+	select BR2_PACKAGE_ZLIB # runtime
+	help
+	  Ettercap is a comprehensive suite for man
+	  in the middle attacks. It features sniffing of
+	  live connections, content filtering on the fly
+	  and many other interesting tricks. It supports
+	  active and passive dissection of many protocols
+	  and includes many features for network and
+	  host analysis.
+
+	  http://www.ettercap-project.org/
diff --git a/package/ettercap/ettercap.hash b/package/ettercap/ettercap.hash
new file mode 100644
index 0000000..776c34c
--- /dev/null
+++ b/package/ettercap/ettercap.hash
@@ -0,0 +1,3 @@
+# Locally calculated
+sha256 a6ea1b70f9e1d8ba8815ca540ff1571556d6ba19cfd05c409f518d03e669befc  ettercap-5fb604823c6063676ebdf7cac66b7807acb4f7ed.tar.gz
+sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643  LICENSE
diff --git a/package/ettercap/ettercap.mk b/package/ettercap/ettercap.mk
new file mode 100644
index 0000000..b913708
--- /dev/null
+++ b/package/ettercap/ettercap.mk
@@ -0,0 +1,16 @@
+################################################################################
+#
+# ettercap
+#
+################################################################################
+
+ETTERCAP_VERSION = 5fb604823c6063676ebdf7cac66b7807acb4f7ed
+ETTERCAP_SITE = $(call github,Ettercap,ettercap,$(ETTERCAP_VERSION))
+ETTERCAP_LICENSE = GPL-2.0
+ETTERCAP_LICENSE_FILES = LICENSE
+ETTERCAP_SUPPORTS_IN_SOURCE_BUILD = NO
+ETTERCAP_DEPENDENCIES = geoip host-ncurses libzlib \
+	libcurl libnet libopenssl libpcap ncurses
+ETTERCAP_CONF_OPTS = -DENABLE_GTK=NO
+
+$(eval $(cmake-package))
-- 
2.7.4

[Buildroot] [PATCH] package/ettercap: new package

[Peter Korsgaard]

>>>>> "Jugurtha" == Jugurtha BELKALEM <jugurtha.belkalem@smile.fr> writes:

 > Ettercap is a comprehensive suite for man
 > in the middle attacks.
 > It features sniffing of live connections, content
 > filtering on the fly and many other interesting
 > tricks.

 > Ettercap can help identify misconfigured networks,
 > testing intrusion detection and prevention
 > applications and build robust embedded systems that
 > are "security by design" compliant.

You word wrapping is kind of odd?


 > This tool can be used for security testing or
 > educational purposes.

 > Master branch from :
 > https://github.com/Ettercap/ettercap
 > was used as the source for this packet as it
 > remains in active development (unlike release
 > version which dates back to 2015).

In the mean time 0.8.3 has been released.


> +++ b/package/Config.in
 > @@ -1757,6 +1757,7 @@ endif
 >  endmenu
 
 >  menu "Security"
 > +	source "package/ettercap/Config.in"

Sticking this under libraries -> security is a bit odd. Perhaps a better
place would be Networking applications?


 > +++ b/package/ettercap/0001-Fix-invalid-utf-8-is-not-supported.patch
 > @@ -0,0 +1,33 @@
 > +From b4f8a10100669806de6cb37b1c1f747539e93b31 Mon Sep 17 00:00:00 2001
 > +From: Jugurtha BELKALEM <jugurtha.belkalem@smile.fr>
 > +Date: Tue, 7 May 2019 13:25:44 +0200
 > +Subject: [PATCH] Fix invalid utf-8 is not supported
 > +
 > +Fixes fatal error message generated even when
 > +utf-8 is available.
 > +Ettercap requires gettext package and works fine.
 > + 
 > +Signed-off-by: Jugurtha BELKALEM <jugurtha.belkalem@smile.fr>
 > +---
 > + ettercap-5fb604823c6063676ebdf7cac66b7807acb4f7ed/src/ec_format.c | 5 +----
 > + 1 file changed, 1 insertion(+), 4 deletions(-)
 > +
 > +diff --git a/src/ec_format.c b/ettercap-5fb604823c6063676ebdf7cac66b7807acb4f7ed/src/ec_format.c
 > +index 5c9b850..dd9d972 100644
 > +--- a/src/ec_format.c
 > ++++ b/src/ec_format.c
 > +@@ -417,10 +417,7 @@ int set_utf8_encoding(u_char *fromcode)
 > + 
 > +    /* make sure encoding type is supported */
 > +    cd = iconv_open("UTF-8", (const char*)fromcode);
 > +-   
 > +-   if (cd == (iconv_t)(-1))
 > +-      SEMIFATAL_ERROR("The conversion from %s to UTF-8 is not supported.", fromcode);

This looks very confusing to me - Can you provide more details? What is
fromcode set to here when it fails? What toolchains do you see this
error with? Can we instead turn off HAVE_UTF8 for those cases?


 > diff --git a/package/ettercap/Config.in b/package/ettercap/Config.in
 > new file mode 100644
 > index 0000000..fbab876
 > --- /dev/null
 > +++ b/package/ettercap/Config.in
 > @@ -0,0 +1,22 @@
 > +config BR2_PACKAGE_ETTERCAP
 > +	bool "ettercap"
 > +	select BR2_PACKAGE_ETHTOOL # runtime
 > +	select BR2_PACKAGE_GEOIP # runtime
 > +	select BR2_PACKAGE_GETTEXT # runtime
 > +	select BR2_PACKAGE_LIBCURL # runtime
 > +	select BR2_PACKAGE_LIBNET # runtime
 > +	select BR2_PACKAGE_LIBPCAP # runtime
 > +	select BR2_PACKAGE_LIBPTHREAD_STUB # runtime
 > +	select BR2_PACKAGE_NCURSES # runtime
 > +	select BR2_PACKAGE_OPENSSL # runtime
 > +	select BR2_PACKAGE_ZLIB # runtime

You list all of these as runtime dependencies, but still add them to
ETTERCAP_DEPENDENCIES? Doing a quick test, I see that atleast ncurses is
a build dependency:

  Could NOT find Curses (missing: CURSES_LIBRARY CURSES_INCLUDE_PATH)

Looking a CMakeLists.txt I see that a number of these are optional:

option(ENABLE_CURSES "Enable curses interface" ON)
option(ENABLE_GTK "Enable GTK interface" ON)
option(ENABLE_PLUGINS "Enable plugins support" ON)
option(ENABLE_IPV6 "Enable IPv6 support" OFF)
option(ENABLE_LUA "Enable LUA support (EXPERIMENTAL)" OFF)
option(ENABLE_PDF_DOCS "Enable PDF document generation" OFF)
option(ENABLE_TESTS "Enable Unit Tests" OFF)
option(ENABLE_GEOIP "Build with GeoIP support" ON)
option(LIBRARY_BUILD "Build for libettercap only" OFF)
option(INSTALL_DESKTOP "Install ettercap desktop files" ON)

So it would be nice to only enable these things if the affected packages
are enabled.

Are there really no toolchain dependencies? I see that plugins are
enabled by default, so presumably this means that it uses dlopen() and
hence will not work in a BR2_STATIC_LIBS setup?


 > +ETTERCAP_VERSION = 5fb604823c6063676ebdf7cac66b7807acb4f7ed
 > +ETTERCAP_SITE = $(call github,Ettercap,ettercap,$(ETTERCAP_VERSION))
 > +ETTERCAP_LICENSE = GPL-2.0

The source files contains the "any later version" text, so it should be
GPL-2.0+


> +ETTERCAP_LICENSE_FILES = LICENSE
 > +ETTERCAP_SUPPORTS_IN_SOURCE_BUILD = NO
 > +ETTERCAP_DEPENDENCIES = geoip host-ncurses libzlib \
 > +	libcurl libnet libopenssl libpcap ncurses

Why is host-ncurses needed?

Care to fix these issues and send an updated patch?

-- 
Bye, Peter Korsgaard

[Buildroot] [PATCH] package/ettercap: new package

[Jugurtha BELKALEM]

Hi Romain,

Thank's for your answer.

On Wed, Aug 12, 2020 at 12:51 AM Romain Naour <romain.naour@gmail.com>
wrote:

> From: Jugurtha BELKALEM via buildroot <buildroot@busybox.net>
>
> TODO
>
> Q: is geoip really needed or used ?
> Because there is no GeoIP.dat file in the rootfs
> (/usr/local/share/GeoIP/GeoIP.dat).
> Note: Fedora disabled GeoIP support for Ettercap!
>

Yes geoip is required to build ettercap. GeoIP.dat can be provided by the
user (they can be downloaded from maxmind website) to improve Ettercap IP
tracking results (but ettercap works fine without them).

Best regards.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.busybox.net/pipermail/buildroot/attachments/20200812/43ff8ff1/attachment.html>

[Buildroot] [PATCH] package/ettercap: new package

[Romain Naour]

From: Jugurtha BELKALEM via buildroot <buildroot@busybox.net>

TODO

Signed-off-by: Jugurtha BELKALEM <jugurtha.belkalem@smile.fr>
---
v3
Q: is geoip really needed or used ?
Because there is no GeoIP.dat file in the rootfs (/usr/local/share/GeoIP/GeoIP.dat).
Note: Fedora disabled GeoIP support for Ettercap!

v2 TODO
---
 DEVELOPERS                     |  1 +
 package/Config.in              |  1 +
 package/ettercap/Config.in     | 28 ++++++++++++++++++++++++++++
 package/ettercap/ettercap.hash |  3 +++
 package/ettercap/ettercap.mk   | 30 ++++++++++++++++++++++++++++++
 5 files changed, 63 insertions(+)
 create mode 100644 package/ettercap/Config.in
 create mode 100644 package/ettercap/ettercap.hash
 create mode 100644 package/ettercap/ettercap.mk

diff --git a/DEVELOPERS b/DEVELOPERS
index ee840dbb8b..fee80f04fb 100644
--- a/DEVELOPERS
+++ b/DEVELOPERS
@@ -1395,6 +1395,7 @@ N:	Joshua Henderson <joshua.henderson@microchip.com>
 F:	package/qt5/qt5wayland/
 
 N:	Jugurtha BELKALEM <jugurtha.belkalem@smile.fr>
+F:	package/ettercap/
 F:	package/python-cycler/
 F:	package/python-matplotlib/
 
diff --git a/package/Config.in b/package/Config.in
index 3ff2674be7..83fbdb8492 100644
--- a/package/Config.in
+++ b/package/Config.in
@@ -2045,6 +2045,7 @@ menu "Networking applications"
 	source "package/ebtables/Config.in"
 	source "package/ejabberd/Config.in"
 	source "package/ethtool/Config.in"
+	source "package/ettercap/Config.in"
 	source "package/faifa/Config.in"
 	source "package/fail2ban/Config.in"
 	source "package/fastd/Config.in"
diff --git a/package/ettercap/Config.in b/package/ettercap/Config.in
new file mode 100644
index 0000000000..968e949b99
--- /dev/null
+++ b/package/ettercap/Config.in
@@ -0,0 +1,28 @@
+config BR2_PACKAGE_ETTERCAP
+	bool "ettercap"
+	depends on !BR2_STATIC_LIBS
+	depends on BR2_TOOLCHAIN_HAS_THREADS
+	depends on BR2_USE_WCHAR # ncurses wchar
+	select BR2_PACKAGE_ETHTOOL # runtime
+	select BR2_PACKAGE_GEOIP
+	select BR2_PACKAGE_LIBCURL
+	select BR2_PACKAGE_LIBNET
+	select BR2_PACKAGE_LIBPCAP
+	select BR2_PACKAGE_NCURSES
+	select BR2_PACKAGE_NCURSES_WCHAR
+	select BR2_PACKAGE_OPENSSL
+	select BR2_PACKAGE_ZLIB
+	help
+	  Ettercap is a comprehensive suite for man
+	  in the middle attacks. It features sniffing of
+	  live connections, content filtering on the fly
+	  and many other interesting tricks. It supports
+	  active and passive dissection of many protocols
+	  and includes many features for network and
+	  host analysis.
+
+	  http://www.ettercap-project.org/
+
+comment "ettercap needs a toolchain w/ threads, wchar, dynamic library"
+	depends on BR2_TOOLCHAIN_HAS_THREADS \
+		|| !BR2_USE_WCHAR ||BR2_STATIC_LIBS
diff --git a/package/ettercap/ettercap.hash b/package/ettercap/ettercap.hash
new file mode 100644
index 0000000000..61ecbec047
--- /dev/null
+++ b/package/ettercap/ettercap.hash
@@ -0,0 +1,3 @@
+# Locally calculated
+sha256 d0c3ef88dfc284b61d3d5b64d946c1160fd04276b448519c1ae4438a9cdffaf3  ettercap-0.8.3.1.tar.gz
+sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643  LICENSE
diff --git a/package/ettercap/ettercap.mk b/package/ettercap/ettercap.mk
new file mode 100644
index 0000000000..d060f7df7e
--- /dev/null
+++ b/package/ettercap/ettercap.mk
@@ -0,0 +1,30 @@
+################################################################################
+#
+# ettercap
+#
+################################################################################
+
+ETTERCAP_VERSION = 0.8.3.1
+ETTERCAP_SITE = $(call github,Ettercap,ettercap,v$(ETTERCAP_VERSION))
+ETTERCAP_LICENSE = GPL-2.0+
+ETTERCAP_LICENSE_FILES = LICENSE
+ETTERCAP_SUPPORTS_IN_SOURCE_BUILD = NO
+ETTERCAP_INSTALL_STAGING = YES
+ETTERCAP_DEPENDENCIES = geoip libcurl libnet libpcap ncurses openssl zlib \
+	host-bison host-flex host-pkgconf
+
+ETTERCAP_CONF_OPTS = -DENABLE_IPV6=ON -DENABLE_GTK=OFF -DBUNDLED_LIBS=OFF
+
+ifeq ($(BR2_PACKAGE_PCRE),y)
+ETTERCAP_DEPENDENCIES += pcre
+endif
+
+# Replace the default encoding set by ettercap configuration
+# files installed by the package.
+define ETTERCAP_SET_UTF8_ENCODING
+	$(SED) 's%^utf8_encoding.*%utf8_encoding = "UTF-8"%' \
+		$(TARGET_DIR)/etc/ettercap/etter.conf
+endef
+ETTERCAP_POST_INSTALL_TARGET_HOOKS += ETTERCAP_SET_UTF8_ENCODING
+
+$(eval $(cmake-package))
-- 
2.25.4