From b36bf4376c865a2d0829fea6c65f9541eef3bc84 Mon Sep 17 00:00:00 2001 From: evilsocket Date: Fri, 23 Feb 2018 12:25:14 +0100 Subject: [PATCH] fix: fixed various sniffer parsers --- modules/events_view.go | 2 ++ modules/net_sniff_dns.go | 5 +---- modules/net_sniff_dot11.go | 4 +--- modules/net_sniff_event.go | 4 ++-- modules/net_sniff_krb5.go | 4 +--- modules/net_sniff_ntlm.go | 4 +--- modules/net_sniff_sni.go | 4 +--- 7 files changed, 9 insertions(+), 18 deletions(-) diff --git a/modules/events_view.go b/modules/events_view.go index 4429688d..4145fda6 100644 --- a/modules/events_view.go +++ b/modules/events_view.go @@ -112,6 +112,8 @@ func (s EventsStream) viewSnifferEvent(e session.Event) { misc += fmt.Sprintf(" \n %s:\n\n %s\n", core.Bold("Body"), string(b)) } } + } else if se.Data != nil { + misc = fmt.Sprintf("%s", se.Data) } fmt.Printf("[%s] [%s] %s %s\n", diff --git a/modules/net_sniff_dns.go b/modules/net_sniff_dns.go index 949678d5..ff5274bc 100644 --- a/modules/net_sniff_dns.go +++ b/modules/net_sniff_dns.go @@ -39,10 +39,7 @@ func dnsParser(ip *layers.IPv4, pkt gopacket.Packet, udp *layers.UDP) bool { "dns", ip.SrcIP.String(), ip.DstIP.String(), - SniffData{ - "Hostname": hostname, - "Addresses": ips, - }, + nil, "%s %s > %s : %s is %s", core.W(core.BG_DGRAY+core.FG_WHITE, "dns"), vIP(ip.SrcIP), diff --git a/modules/net_sniff_dot11.go b/modules/net_sniff_dot11.go index c3231e2a..640e77b3 100644 --- a/modules/net_sniff_dot11.go +++ b/modules/net_sniff_dot11.go @@ -11,9 +11,7 @@ func dot11Parser(radiotap *layers.RadioTap, dot11 *layers.Dot11, pkt gopacket.Pa "802.11", "-", "-", - SniffData{ - "Size": len(pkt.Data()), - }, + len(pkt.Data()), "%s %s proto=%d a1=%s a2=%s a3=%s a4=%s seqn=%d frag=%d", dot11.Type, dot11.Flags, diff --git a/modules/net_sniff_event.go b/modules/net_sniff_event.go index ed84dac1..0757241e 100644 --- a/modules/net_sniff_event.go +++ b/modules/net_sniff_event.go @@ -14,8 +14,8 @@ type SnifferEvent struct { Protocol string Source string Destination string - Data interface{} Message string + Data interface{} } func NewSnifferEvent(t time.Time, proto string, src string, dst string, data interface{}, format string, args ...interface{}) SnifferEvent { @@ -24,8 +24,8 @@ func NewSnifferEvent(t time.Time, proto string, src string, dst string, data int Protocol: proto, Source: src, Destination: dst, - Data: data, Message: fmt.Sprintf(format, args...), + Data: data, } } diff --git a/modules/net_sniff_krb5.go b/modules/net_sniff_krb5.go index 7e4325d0..1a7df42b 100644 --- a/modules/net_sniff_krb5.go +++ b/modules/net_sniff_krb5.go @@ -27,9 +27,7 @@ func krb5Parser(ip *layers.IPv4, pkt gopacket.Packet, udp *layers.UDP) bool { "krb5", ip.SrcIP.String(), ip.DstIP.String(), - SniffData{ - "req": req, - }, + nil, "%s %s -> %s : %s", core.W(core.BG_RED+core.FG_BLACK, "krb-as-req"), vIP(ip.SrcIP), diff --git a/modules/net_sniff_ntlm.go b/modules/net_sniff_ntlm.go index e27b3893..66441af0 100644 --- a/modules/net_sniff_ntlm.go +++ b/modules/net_sniff_ntlm.go @@ -51,9 +51,7 @@ func ntlmParser(ip *layers.IPv4, pkt gopacket.Packet, tcp *layers.TCP) bool { "ntlm.response", ip.SrcIP.String(), ip.DstIP.String(), - SniffData{ - "data": data, - }, + nil, "%s %s > %s | %s", core.W(core.BG_DGRAY+core.FG_WHITE, "ntlm.response"), vIP(ip.SrcIP), diff --git a/modules/net_sniff_sni.go b/modules/net_sniff_sni.go index d85054d9..07a78e65 100644 --- a/modules/net_sniff_sni.go +++ b/modules/net_sniff_sni.go @@ -36,9 +36,7 @@ func sniParser(ip *layers.IPv4, pkt gopacket.Packet, tcp *layers.TCP) bool { "https", ip.SrcIP.String(), domain, - SniffData{ - "Domain": domain, - }, + nil, "%s %s > %s", core.W(core.BG_YELLOW+core.FG_WHITE, "sni"), vIP(ip.SrcIP),