mirror of
https://github.com/bettercap/bettercap
synced 2025-07-08 14:01:44 -07:00
new: showing user agent while sniffing http requests
This commit is contained in:
parent
bb5b1295ed
commit
63f389643d
3 changed files with 18 additions and 5 deletions
|
@ -11,6 +11,7 @@ import (
|
||||||
)
|
)
|
||||||
|
|
||||||
var httpRe = regexp.MustCompile("(?s).*(GET|HEAD|POST|PUT|DELETE|CONNECT|OPTIONS|TRACE|PATCH) (.+) HTTP/\\d\\.\\d.+Host: ([^\\s]+)")
|
var httpRe = regexp.MustCompile("(?s).*(GET|HEAD|POST|PUT|DELETE|CONNECT|OPTIONS|TRACE|PATCH) (.+) HTTP/\\d\\.\\d.+Host: ([^\\s]+)")
|
||||||
|
var uaRe = regexp.MustCompile("(?s).*User-Agent: ([^\\n]+).+")
|
||||||
|
|
||||||
func httpParser(ip *layers.IPv4, pkt gopacket.Packet, tcp *layers.TCP) bool {
|
func httpParser(ip *layers.IPv4, pkt gopacket.Packet, tcp *layers.TCP) bool {
|
||||||
data := tcp.Payload
|
data := tcp.Payload
|
||||||
|
@ -25,18 +26,25 @@ func httpParser(ip *layers.IPv4, pkt gopacket.Packet, tcp *layers.TCP) bool {
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
|
|
||||||
url := fmt.Sprintf("http://%s", string(m[3]))
|
ua := ""
|
||||||
|
mu := uaRe.FindSubmatch(data)
|
||||||
|
if len(mu) == 2 {
|
||||||
|
ua = string(mu[1])
|
||||||
|
}
|
||||||
|
|
||||||
|
url := fmt.Sprintf("%s", core.Yellow(string(m[3])))
|
||||||
if tcp.DstPort != 80 {
|
if tcp.DstPort != 80 {
|
||||||
url += fmt.Sprintf(":%s", vPort(tcp.DstPort))
|
url += fmt.Sprintf(":%s", vPort(tcp.DstPort))
|
||||||
}
|
}
|
||||||
url += fmt.Sprintf("%s", string(m[2]))
|
url += fmt.Sprintf("%s", string(m[2]))
|
||||||
|
|
||||||
SniffPrinter("[%s] %s %s %s %s\n",
|
SniffPrinter("[%s] %s %s %s %s %s\n",
|
||||||
vTime(pkt.Metadata().Timestamp),
|
vTime(pkt.Metadata().Timestamp),
|
||||||
core.W(core.BG_RED+core.FG_BLACK, "http"),
|
core.W(core.BG_RED+core.FG_BLACK, "http"),
|
||||||
vIP(ip.SrcIP),
|
vIP(ip.SrcIP),
|
||||||
core.W(core.BG_LBLUE+core.FG_BLACK, vURL(string(m[1]))),
|
core.W(core.BG_LBLUE+core.FG_BLACK, vURL(string(m[1]))),
|
||||||
core.Yellow(url))
|
vURL(url),
|
||||||
|
core.Dim(ua))
|
||||||
|
|
||||||
return true
|
return true
|
||||||
}
|
}
|
||||||
|
|
|
@ -5,6 +5,7 @@ import (
|
||||||
|
|
||||||
"github.com/evilsocket/bettercap-ng/core"
|
"github.com/evilsocket/bettercap-ng/core"
|
||||||
"github.com/evilsocket/bettercap-ng/log"
|
"github.com/evilsocket/bettercap-ng/log"
|
||||||
|
"github.com/evilsocket/bettercap-ng/session"
|
||||||
|
|
||||||
"github.com/google/gopacket"
|
"github.com/google/gopacket"
|
||||||
"github.com/google/gopacket/layers"
|
"github.com/google/gopacket/layers"
|
||||||
|
@ -12,7 +13,11 @@ import (
|
||||||
|
|
||||||
type SniffPrinterType func(format string, args ...interface{}) (int, error)
|
type SniffPrinterType func(format string, args ...interface{}) (int, error)
|
||||||
|
|
||||||
var SniffPrinter = SniffPrinterType(fmt.Printf)
|
var SniffPrinter = SniffPrinterType(func(format string, args ...interface{}) (n int, e error) {
|
||||||
|
n, e = fmt.Printf(format, args...)
|
||||||
|
session.I.Input.Refresh()
|
||||||
|
return
|
||||||
|
})
|
||||||
|
|
||||||
func tcpParser(ip *layers.IPv4, pkt gopacket.Packet, verbose bool) {
|
func tcpParser(ip *layers.IPv4, pkt gopacket.Packet, verbose bool) {
|
||||||
tcp := pkt.Layer(layers.LayerTypeTCP).(*layers.TCP)
|
tcp := pkt.Layer(layers.LayerTypeTCP).(*layers.TCP)
|
||||||
|
|
|
@ -49,7 +49,7 @@ func vPort(p interface{}) string {
|
||||||
return sp
|
return sp
|
||||||
}
|
}
|
||||||
|
|
||||||
var maxUrlSize = 40
|
var maxUrlSize = 80
|
||||||
|
|
||||||
func vURL(u string) string {
|
func vURL(u string) string {
|
||||||
ul := len(u)
|
ul := len(u)
|
||||||
|
|
Loading…
Add table
Add a link
Reference in a new issue