fix: fixed various sniffer parsers

This commit is contained in:
evilsocket 2018-02-23 12:25:14 +01:00
parent c5baa7a077
commit b36bf4376c
7 changed files with 9 additions and 18 deletions

View file

@ -112,6 +112,8 @@ func (s EventsStream) viewSnifferEvent(e session.Event) {
misc += fmt.Sprintf(" \n %s:\n\n %s\n", core.Bold("Body"), string(b))
}
}
} else if se.Data != nil {
misc = fmt.Sprintf("%s", se.Data)
}
fmt.Printf("[%s] [%s] %s %s\n",

View file

@ -39,10 +39,7 @@ func dnsParser(ip *layers.IPv4, pkt gopacket.Packet, udp *layers.UDP) bool {
"dns",
ip.SrcIP.String(),
ip.DstIP.String(),
SniffData{
"Hostname": hostname,
"Addresses": ips,
},
nil,
"%s %s > %s : %s is %s",
core.W(core.BG_DGRAY+core.FG_WHITE, "dns"),
vIP(ip.SrcIP),

View file

@ -11,9 +11,7 @@ func dot11Parser(radiotap *layers.RadioTap, dot11 *layers.Dot11, pkt gopacket.Pa
"802.11",
"-",
"-",
SniffData{
"Size": len(pkt.Data()),
},
len(pkt.Data()),
"%s %s proto=%d a1=%s a2=%s a3=%s a4=%s seqn=%d frag=%d",
dot11.Type,
dot11.Flags,

View file

@ -14,8 +14,8 @@ type SnifferEvent struct {
Protocol string
Source string
Destination string
Data interface{}
Message string
Data interface{}
}
func NewSnifferEvent(t time.Time, proto string, src string, dst string, data interface{}, format string, args ...interface{}) SnifferEvent {
@ -24,8 +24,8 @@ func NewSnifferEvent(t time.Time, proto string, src string, dst string, data int
Protocol: proto,
Source: src,
Destination: dst,
Data: data,
Message: fmt.Sprintf(format, args...),
Data: data,
}
}

View file

@ -27,9 +27,7 @@ func krb5Parser(ip *layers.IPv4, pkt gopacket.Packet, udp *layers.UDP) bool {
"krb5",
ip.SrcIP.String(),
ip.DstIP.String(),
SniffData{
"req": req,
},
nil,
"%s %s -> %s : %s",
core.W(core.BG_RED+core.FG_BLACK, "krb-as-req"),
vIP(ip.SrcIP),

View file

@ -51,9 +51,7 @@ func ntlmParser(ip *layers.IPv4, pkt gopacket.Packet, tcp *layers.TCP) bool {
"ntlm.response",
ip.SrcIP.String(),
ip.DstIP.String(),
SniffData{
"data": data,
},
nil,
"%s %s > %s | %s",
core.W(core.BG_DGRAY+core.FG_WHITE, "ntlm.response"),
vIP(ip.SrcIP),

View file

@ -36,9 +36,7 @@ func sniParser(ip *layers.IPv4, pkt gopacket.Packet, tcp *layers.TCP) bool {
"https",
ip.SrcIP.String(),
domain,
SniffData{
"Domain": domain,
},
nil,
"%s %s > %s",
core.W(core.BG_YELLOW+core.FG_WHITE, "sni"),
vIP(ip.SrcIP),