From bcdfcca0473f4b239ca00e46f8289570179dac7a Mon Sep 17 00:00:00 2001
From: evilsocket <evilsocket@gmail.com>
Date: Tue, 30 Jan 2018 12:03:24 +0100
Subject: [PATCH] fix: better way of printing events

---
 caplets/local-sniffer.cap  |  2 +-
 modules/events_stream.go   | 22 ++-----------------
 modules/events_view.go     | 43 ++++++++++++++++++++++++++++++++++++++
 modules/net_sniff_event.go |  2 +-
 4 files changed, 47 insertions(+), 22 deletions(-)
 create mode 100644 modules/events_view.go

diff --git a/caplets/local-sniffer.cap b/caplets/local-sniffer.cap
index e3103d0a..80742713 100644
--- a/caplets/local-sniffer.cap
+++ b/caplets/local-sniffer.cap
@@ -1,4 +1,4 @@
-events.stream off
+#events.stream off
 events.clear
 # set events.stream.filter net.sniff
 # events.stream on
diff --git a/modules/events_stream.go b/modules/events_stream.go
index 830db7cc..05ac6d34 100644
--- a/modules/events_stream.go
+++ b/modules/events_stream.go
@@ -1,10 +1,6 @@
 package modules
 
 import (
-	"fmt"
-	"strings"
-
-	"github.com/evilsocket/bettercap-ng/core"
 	"github.com/evilsocket/bettercap-ng/session"
 )
 
@@ -74,20 +70,6 @@ func (s *EventsStream) Configure() error {
 	return nil
 }
 
-func (s *EventsStream) dumpEvent(e session.Event) {
-	if s.filter == "" || strings.Contains(e.Tag, s.filter) {
-		tm := e.Time.Format("2006-01-02 15:04:05")
-
-		if e.Tag == "sys.log" {
-			fmt.Printf("[%s] [%s] (%s) %s\n", tm, core.Green(e.Tag), e.Label(), e.Data.(session.LogMessage).Message)
-		} else {
-			fmt.Printf("[%s] [%s] %+v\n", tm, core.Green(e.Tag), e)
-		}
-
-		s.Session.Refresh()
-	}
-}
-
 func (s *EventsStream) Start() error {
 	if s.Running() == true {
 		return session.ErrAlreadyStarted
@@ -102,7 +84,7 @@ func (s *EventsStream) Start() error {
 			var e session.Event
 			select {
 			case e = <-s.Session.Events.NewEvents:
-				s.dumpEvent(e)
+				s.view(e)
 				break
 
 			case <-s.quit:
@@ -116,7 +98,7 @@ func (s *EventsStream) Start() error {
 
 func (s *EventsStream) Show() error {
 	for _, e := range s.Session.Events.Sorted() {
-		s.dumpEvent(e)
+		s.view(e)
 	}
 
 	return nil
diff --git a/modules/events_view.go b/modules/events_view.go
new file mode 100644
index 00000000..593e7334
--- /dev/null
+++ b/modules/events_view.go
@@ -0,0 +1,43 @@
+package modules
+
+import (
+	"fmt"
+	"strings"
+
+	"github.com/evilsocket/bettercap-ng/core"
+	"github.com/evilsocket/bettercap-ng/session"
+)
+
+const eventTimeFormat = "2006-01-02 15:04:05"
+
+func (s EventsStream) viewLogEvent(e session.Event) {
+	fmt.Printf("[%s] [%s] (%s) %s\n",
+		e.Time.Format(eventTimeFormat),
+		core.Green(e.Tag),
+		e.Label(),
+		e.Data.(session.LogMessage).Message)
+}
+
+func (s EventsStream) viewSnifferEvent(e session.Event) {
+	se := e.Data.(SnifferEvent)
+	fmt.Printf("[%s] [%s] %s > %s | %v\n",
+		e.Time.Format(eventTimeFormat),
+		core.Green(e.Tag),
+		se.Source,
+		se.Destination,
+		se.Data)
+}
+
+func (s *EventsStream) view(e session.Event) {
+	if s.filter == "" || strings.Contains(e.Tag, s.filter) {
+		if e.Tag == "sys.log" {
+			s.viewLogEvent(e)
+		} else if strings.HasPrefix(e.Tag, "net.sniff.") {
+			s.viewSnifferEvent(e)
+		} else {
+			fmt.Printf("[%s] [%s] %v\n", e.Time.Format(eventTimeFormat), core.Green(e.Tag), e)
+		}
+
+		s.Session.Refresh()
+	}
+}
diff --git a/modules/net_sniff_event.go b/modules/net_sniff_event.go
index 8000f17d..b2bdcf67 100644
--- a/modules/net_sniff_event.go
+++ b/modules/net_sniff_event.go
@@ -31,6 +31,6 @@ func NewSnifferEvent(t time.Time, proto string, src string, dst string, data Sni
 
 func (e SnifferEvent) Push() {
 	fmt.Printf("%s\n", e.Message)
-	session.I.Events.Add("net.sniff.leak."+e.Protocol, e.Data)
+	session.I.Events.Add("net.sniff.leak."+e.Protocol, e)
 	session.I.Refresh()
 }