fix: fixed a json encoding issue that caused the api.rest controller to return an empty list of events when a net.sniff http event is triggered

This commit is contained in:
evilsocket 2018-09-27 16:09:11 +02:00
parent 7b7739358d
commit 0ada0fdf7b
4 changed files with 46 additions and 16 deletions

View file

@ -40,7 +40,9 @@ func setSecurityHeaders(w http.ResponseWriter) {
func toJSON(w http.ResponseWriter, o interface{}) { func toJSON(w http.ResponseWriter, o interface{}) {
w.Header().Set("Content-Type", "application/json") w.Header().Set("Content-Type", "application/json")
json.NewEncoder(w).Encode(o) if err := json.NewEncoder(w).Encode(o); err != nil {
log.Error("error while encoding object to JSON: %v", err)
}
} }
func (api *RestAPI) checkAuth(r *http.Request) bool { func (api *RestAPI) checkAuth(r *http.Request) bool {

View file

@ -2,8 +2,6 @@ package modules
import ( import (
"fmt" "fmt"
"io/ioutil"
"net/http"
"os" "os"
"strings" "strings"
@ -128,17 +126,17 @@ func (s *EventsStream) viewSnifferEvent(e session.Event) {
misc := "" misc := ""
if e.Tag == "net.sniff.leak.http" { if e.Tag == "net.sniff.leak.http" {
req := se.Data.(*http.Request) req := se.Data.(HTTPRequest)
if req.Method != "GET" { if req.Method != "GET" {
misc += "\n\n" misc += "\n\n"
misc += fmt.Sprintf(" Method: %s\n", core.Yellow(req.Method)) misc += fmt.Sprintf(" Method: %s\n", core.Yellow(req.Method))
misc += fmt.Sprintf(" URL: %s\n", core.Yellow(req.URL.String())) misc += fmt.Sprintf(" URL: %s\n", core.Yellow(req.URL))
misc += fmt.Sprintf(" Headers:\n") misc += fmt.Sprintf(" Headers:\n")
for name, values := range req.Header { for name, values := range req.Headers {
misc += fmt.Sprintf(" %s => %s\n", core.Green(name), strings.Join(values, ", ")) misc += fmt.Sprintf(" %s => %s\n", core.Green(name), strings.Join(values, ", "))
} }
if err := req.ParseForm(); err == nil { if req.Form != nil {
misc += " \n Form:\n\n" misc += " \n Form:\n\n"
if len(req.Form) == 0 { if len(req.Form) == 0 {
misc += fmt.Sprintf(" %s\n", core.Dim("<empty>")) misc += fmt.Sprintf(" %s\n", core.Dim("<empty>"))
@ -148,8 +146,7 @@ func (s *EventsStream) viewSnifferEvent(e session.Event) {
} }
} }
} else if req.Body != nil { } else if req.Body != nil {
b, _ := ioutil.ReadAll(req.Body) misc += fmt.Sprintf(" \n %s:\n\n %s\n", core.Bold("Body"), string(req.Body))
misc += fmt.Sprintf(" \n %s:\n\n %s\n", core.Bold("Body"), string(b))
} }
} }
} }

View file

@ -10,12 +10,12 @@ import (
type SniffData map[string]interface{} type SniffData map[string]interface{}
type SnifferEvent struct { type SnifferEvent struct {
PacketTime time.Time PacketTime time.Time `json:"time"`
Protocol string Protocol string `json:"protocol"`
Source string Source string `json:"from"`
Destination string Destination string `json:"to"`
Message string Message string `json:"message"`
Data interface{} Data interface{} `json:"data"`
} }
func NewSnifferEvent(t time.Time, proto string, src string, dst string, data interface{}, format string, args ...interface{}) SnifferEvent { func NewSnifferEvent(t time.Time, proto string, src string, dst string, data interface{}, format string, args ...interface{}) SnifferEvent {

View file

@ -3,7 +3,9 @@ package modules
import ( import (
"bufio" "bufio"
"bytes" "bytes"
"io/ioutil"
"net/http" "net/http"
"net/url"
"github.com/bettercap/bettercap/core" "github.com/bettercap/bettercap/core"
@ -11,6 +13,35 @@ import (
"github.com/google/gopacket/layers" "github.com/google/gopacket/layers"
) )
type HTTPRequest struct {
Method string `json:"method"`
Host string `json:"host"`
URL string `json:"url:"`
Headers http.Header `json:"headers"`
Form url.Values `json:"form"`
Body []byte `json:"body"`
}
func toSerializableRequest(req *http.Request) HTTPRequest {
body := []byte(nil)
form := (url.Values)(nil)
if err := req.ParseForm(); err == nil {
form = req.Form
} else if req.Body != nil {
body, _ = ioutil.ReadAll(req.Body)
}
return HTTPRequest{
Method: req.Method,
Host: req.Host,
URL: req.URL.String(),
Headers: req.Header,
Form: form,
Body: body,
}
}
func httpParser(ip *layers.IPv4, pkt gopacket.Packet, tcp *layers.TCP) bool { func httpParser(ip *layers.IPv4, pkt gopacket.Packet, tcp *layers.TCP) bool {
data := tcp.Payload data := tcp.Payload
reader := bufio.NewReader(bytes.NewReader(data)) reader := bufio.NewReader(bytes.NewReader(data))
@ -22,7 +53,7 @@ func httpParser(ip *layers.IPv4, pkt gopacket.Packet, tcp *layers.TCP) bool {
"http", "http",
ip.SrcIP.String(), ip.SrcIP.String(),
req.Host, req.Host,
req, toSerializableRequest(req),
"%s %s %s %s%s %s", "%s %s %s %s%s %s",
core.W(core.BG_RED+core.FG_BLACK, "http"), core.W(core.BG_RED+core.FG_BLACK, "http"),
vIP(ip.SrcIP), vIP(ip.SrcIP),