From bf4c841ef94faa633effb454d61aa9e6ba9f713f Mon Sep 17 00:00:00 2001
From: evilsocket <evilsocket@gmail.com>
Date: Sat, 9 Mar 2019 15:55:45 +0100
Subject: [PATCH] new: new events.stream.time.format parameter (closes #476)

---
 modules/events_stream/events_stream.go    |  9 ++++++++
 modules/events_stream/events_view.go      | 26 +++++++++++++----------
 modules/events_stream/events_view_ble.go  |  6 +++---
 modules/events_stream/events_view_hid.go  |  4 ++--
 modules/events_stream/events_view_http.go |  4 ++--
 modules/events_stream/events_view_wifi.go | 16 +++++++-------
 6 files changed, 39 insertions(+), 26 deletions(-)

diff --git a/modules/events_stream/events_stream.go b/modules/events_stream/events_stream.go
index 6dcebccb..517e4db1 100644
--- a/modules/events_stream/events_stream.go
+++ b/modules/events_stream/events_stream.go
@@ -25,6 +25,7 @@ type rotation struct {
 
 type EventsStream struct {
 	session.SessionModule
+	timeFormat    string
 	outputName    string
 	output        *os.File
 	rotation      rotation
@@ -42,6 +43,7 @@ func NewEventsStream(s *session.Session) *EventsStream {
 	mod := &EventsStream{
 		SessionModule: session.NewSessionModule("events.stream", s),
 		output:        os.Stdout,
+		timeFormat:    "15:04:05",
 		quit:          make(chan bool),
 		waitChan:      make(chan *session.Event),
 		waitFor:       "",
@@ -177,6 +179,11 @@ func NewEventsStream(s *session.Session) *EventsStream {
 		"",
 		"If not empty, events will be written to this file instead of the standard output."))
 
+	mod.AddParam(session.NewStringParameter("events.stream.time.format",
+		mod.timeFormat,
+		"",
+		"Date and time format to use for events reporting."))
+
 	mod.AddParam(session.NewBoolParameter("events.stream.output.rotate",
 		"true",
 		"If true will enable log rotation."))
@@ -235,6 +242,8 @@ func (mod *EventsStream) Configure() (err error) {
 
 	if err, mod.rotation.Enabled = mod.BoolParam("events.stream.output.rotate"); err != nil {
 		return err
+	} else if err, mod.timeFormat = mod.StringParam("events.stream.time.format"); err != nil {
+		return err
 	} else if err, mod.rotation.Compress = mod.BoolParam("events.stream.output.rotate.compress"); err != nil {
 		return err
 	} else if err, mod.rotation.Format = mod.StringParam("events.stream.output.rotate.format"); err != nil {
diff --git a/modules/events_stream/events_view.go b/modules/events_stream/events_view.go
index 06dad9e3..abe3ffdd 100644
--- a/modules/events_stream/events_view.go
+++ b/modules/events_stream/events_view.go
@@ -18,11 +18,9 @@ import (
 	"github.com/evilsocket/islazy/zip"
 )
 
-const eventTimeFormat = "15:04:05"
-
 func (mod *EventsStream) viewLogEvent(e session.Event) {
 	fmt.Fprintf(mod.output, "[%s] [%s] [%s] %s\n",
-		e.Time.Format(eventTimeFormat),
+		e.Time.Format(mod.timeFormat),
 		tui.Green(e.Tag),
 		e.Label(),
 		e.Data.(session.LogMessage).Message)
@@ -45,7 +43,7 @@ func (mod *EventsStream) viewEndpointEvent(e session.Event) {
 
 	if e.Tag == "endpoint.new" {
 		fmt.Fprintf(mod.output, "[%s] [%s] endpoint %s%s detected as %s%s.\n",
-			e.Time.Format(eventTimeFormat),
+			e.Time.Format(mod.timeFormat),
 			tui.Green(e.Tag),
 			tui.Bold(t.IpAddress),
 			tui.Dim(name),
@@ -53,7 +51,7 @@ func (mod *EventsStream) viewEndpointEvent(e session.Event) {
 			tui.Dim(vend))
 	} else if e.Tag == "endpoint.lost" {
 		fmt.Fprintf(mod.output, "[%s] [%s] endpoint %s%s %s%s lost.\n",
-			e.Time.Format(eventTimeFormat),
+			e.Time.Format(mod.timeFormat),
 			tui.Green(e.Tag),
 			tui.Red(t.IpAddress),
 			tui.Dim(name),
@@ -61,7 +59,7 @@ func (mod *EventsStream) viewEndpointEvent(e session.Event) {
 			tui.Dim(vend))
 	} else {
 		fmt.Fprintf(mod.output, "[%s] [%s] %s\n",
-			e.Time.Format(eventTimeFormat),
+			e.Time.Format(mod.timeFormat),
 			tui.Green(e.Tag),
 			t.String())
 	}
@@ -69,7 +67,7 @@ func (mod *EventsStream) viewEndpointEvent(e session.Event) {
 
 func (mod *EventsStream) viewModuleEvent(e session.Event) {
 	fmt.Fprintf(mod.output, "[%s] [%s] %s\n",
-		e.Time.Format(eventTimeFormat),
+		e.Time.Format(mod.timeFormat),
 		tui.Green(e.Tag),
 		e.Data)
 }
@@ -79,7 +77,7 @@ func (mod *EventsStream) viewSnifferEvent(e session.Event) {
 		mod.viewHttpEvent(e)
 	} else {
 		fmt.Fprintf(mod.output, "[%s] [%s] %s\n",
-			e.Time.Format(eventTimeFormat),
+			e.Time.Format(mod.timeFormat),
 			tui.Green(e.Tag),
 			e.Data.(net_sniff.SnifferEvent).Message)
 	}
@@ -88,7 +86,7 @@ func (mod *EventsStream) viewSnifferEvent(e session.Event) {
 func (mod *EventsStream) viewSynScanEvent(e session.Event) {
 	se := e.Data.(syn_scan.SynScanEvent)
 	fmt.Fprintf(mod.output, "[%s] [%s] found open port %d for %s\n",
-		e.Time.Format(eventTimeFormat),
+		e.Time.Format(mod.timeFormat),
 		tui.Green(e.Tag),
 		se.Port,
 		tui.Bold(se.Address))
@@ -98,7 +96,7 @@ func (mod *EventsStream) viewUpdateEvent(e session.Event) {
 	update := e.Data.(*github.RepositoryRelease)
 
 	fmt.Fprintf(mod.output, "[%s] [%s] an update to version %s is available at %s\n",
-		e.Time.Format(eventTimeFormat),
+		e.Time.Format(mod.timeFormat),
 		tui.Bold(tui.Yellow(e.Tag)),
 		tui.Bold(*update.TagName),
 		*update.HTMLURL)
@@ -152,6 +150,12 @@ func (mod *EventsStream) doRotation() {
 }
 
 func (mod *EventsStream) View(e session.Event, refresh bool) {
+	var err error
+	if err, mod.timeFormat = mod.StringParam("events.stream.time.format"); err != nil {
+		fmt.Fprintf(mod.output, "%v", err)
+		mod.timeFormat = "15:04:05"
+	}
+
 	if e.Tag == "sys.log" {
 		mod.viewLogEvent(e)
 	} else if strings.HasPrefix(e.Tag, "endpoint.") {
@@ -171,7 +175,7 @@ func (mod *EventsStream) View(e session.Event, refresh bool) {
 	} else if e.Tag == "update.available" {
 		mod.viewUpdateEvent(e)
 	} else {
-		fmt.Fprintf(mod.output, "[%s] [%s] %v\n", e.Time.Format(eventTimeFormat), tui.Green(e.Tag), e)
+		fmt.Fprintf(mod.output, "[%s] [%s] %v\n", e.Time.Format(mod.timeFormat), tui.Green(e.Tag), e)
 	}
 
 	if refresh && mod.output == os.Stdout {
diff --git a/modules/events_stream/events_view_ble.go b/modules/events_stream/events_view_ble.go
index e59a49a4..12273614 100644
--- a/modules/events_stream/events_view_ble.go
+++ b/modules/events_stream/events_view_ble.go
@@ -25,7 +25,7 @@ func (mod *EventsStream) viewBLEEvent(e session.Event) {
 		}
 
 		fmt.Fprintf(mod.output, "[%s] [%s] new BLE device%s detected as %s%s %s.\n",
-			e.Time.Format(eventTimeFormat),
+			e.Time.Format(mod.timeFormat),
 			tui.Green(e.Tag),
 			name,
 			dev.Device.ID(),
@@ -43,14 +43,14 @@ func (mod *EventsStream) viewBLEEvent(e session.Event) {
 		}
 
 		fmt.Fprintf(mod.output, "[%s] [%s] BLE device%s %s%s lost.\n",
-			e.Time.Format(eventTimeFormat),
+			e.Time.Format(mod.timeFormat),
 			tui.Green(e.Tag),
 			name,
 			dev.Device.ID(),
 			vend)
 	} /* else {
 		fmt.Fprintf(s.output,"[%s] [%s]\n",
-			e.Time.Format(eventTimeFormat),
+			e.Time.Format(mod.timeFormat),
 			tui.Green(e.Tag))
 	} */
 }
diff --git a/modules/events_stream/events_view_hid.go b/modules/events_stream/events_view_hid.go
index f603b30b..ee29a7a6 100644
--- a/modules/events_stream/events_view_hid.go
+++ b/modules/events_stream/events_view_hid.go
@@ -13,13 +13,13 @@ func (mod *EventsStream) viewHIDEvent(e session.Event) {
 	dev := e.Data.(*network.HIDDevice)
 	if e.Tag == "hid.device.new" {
 		fmt.Fprintf(mod.output, "[%s] [%s] new HID device %s detected on channel %s.\n",
-			e.Time.Format(eventTimeFormat),
+			e.Time.Format(mod.timeFormat),
 			tui.Green(e.Tag),
 			tui.Bold(dev.Address),
 			dev.Channels())
 	} else if e.Tag == "hid.device.lost" {
 		fmt.Fprintf(mod.output, "[%s] [%s] HID device %s lost.\n",
-			e.Time.Format(eventTimeFormat),
+			e.Time.Format(mod.timeFormat),
 			tui.Green(e.Tag),
 			tui.Red(dev.Address))
 	}
diff --git a/modules/events_stream/events_view_http.go b/modules/events_stream/events_view_http.go
index a421fe6a..55c721be 100644
--- a/modules/events_stream/events_view_http.go
+++ b/modules/events_stream/events_view_http.go
@@ -124,7 +124,7 @@ func (mod *EventsStream) viewHttpRequest(e session.Event) {
 	req := se.Data.(net_sniff.HTTPRequest)
 
 	fmt.Fprintf(mod.output, "[%s] [%s] %s\n",
-		e.Time.Format(eventTimeFormat),
+		e.Time.Format(mod.timeFormat),
 		tui.Green(e.Tag),
 		se.Message)
 
@@ -162,7 +162,7 @@ func (mod *EventsStream) viewHttpResponse(e session.Event) {
 	res := se.Data.(net_sniff.HTTPResponse)
 
 	fmt.Fprintf(mod.output, "[%s] [%s] %s\n",
-		e.Time.Format(eventTimeFormat),
+		e.Time.Format(mod.timeFormat),
 		tui.Green(e.Tag),
 		se.Message)
 
diff --git a/modules/events_stream/events_view_wifi.go b/modules/events_stream/events_view_wifi.go
index 1e2c0013..28dcc3f6 100644
--- a/modules/events_stream/events_view_wifi.go
+++ b/modules/events_stream/events_view_wifi.go
@@ -24,7 +24,7 @@ func (mod *EventsStream) viewWiFiApEvent(e session.Event) {
 
 	if e.Tag == "wifi.ap.new" {
 		fmt.Fprintf(mod.output, "[%s] [%s] wifi access point %s%s detected as %s%s.\n",
-			e.Time.Format(eventTimeFormat),
+			e.Time.Format(mod.timeFormat),
 			tui.Green(e.Tag),
 			tui.Bold(ap.ESSID()),
 			tui.Dim(tui.Yellow(rssi)),
@@ -32,13 +32,13 @@ func (mod *EventsStream) viewWiFiApEvent(e session.Event) {
 			tui.Dim(vend))
 	} else if e.Tag == "wifi.ap.lost" {
 		fmt.Fprintf(mod.output, "[%s] [%s] wifi access point %s (%s) lost.\n",
-			e.Time.Format(eventTimeFormat),
+			e.Time.Format(mod.timeFormat),
 			tui.Green(e.Tag),
 			tui.Red(ap.ESSID()),
 			ap.BSSID())
 	} else {
 		fmt.Fprintf(mod.output, "[%s] [%s] %s\n",
-			e.Time.Format(eventTimeFormat),
+			e.Time.Format(mod.timeFormat),
 			tui.Green(e.Tag),
 			ap.String())
 	}
@@ -58,7 +58,7 @@ func (mod *EventsStream) viewWiFiClientProbeEvent(e session.Event) {
 	}
 
 	fmt.Fprintf(mod.output, "[%s] [%s] station %s%s is probing for SSID %s%s\n",
-		e.Time.Format(eventTimeFormat),
+		e.Time.Format(mod.timeFormat),
 		tui.Green(e.Tag),
 		probe.FromAddr.String(),
 		tui.Dim(desc),
@@ -83,7 +83,7 @@ func (mod *EventsStream) viewWiFiHandshakeEvent(e session.Event) {
 	}
 
 	fmt.Fprintf(mod.output, "[%s] [%s] captured %s -> %s %s to %s\n",
-		e.Time.Format(eventTimeFormat),
+		e.Time.Format(mod.timeFormat),
 		tui.Green(e.Tag),
 		from,
 		to,
@@ -98,14 +98,14 @@ func (mod *EventsStream) viewWiFiClientEvent(e session.Event) {
 
 	if e.Tag == "wifi.client.new" {
 		fmt.Fprintf(mod.output, "[%s] [%s] new station %s detected for %s (%s)\n",
-			e.Time.Format(eventTimeFormat),
+			e.Time.Format(mod.timeFormat),
 			tui.Green(e.Tag),
 			ce.Client.String(),
 			tui.Bold(ce.AP.ESSID()),
 			tui.Dim(ce.AP.BSSID()))
 	} else if e.Tag == "wifi.client.lost" {
 		fmt.Fprintf(mod.output, "[%s] [%s] station %s disconnected from %s (%s)\n",
-			e.Time.Format(eventTimeFormat),
+			e.Time.Format(mod.timeFormat),
 			tui.Green(e.Tag),
 			ce.Client.String(),
 			tui.Bold(ce.AP.ESSID()),
@@ -123,6 +123,6 @@ func (mod *EventsStream) viewWiFiEvent(e session.Event) {
 	} else if e.Tag == "wifi.client.new" || e.Tag == "wifi.client.lost" {
 		mod.viewWiFiClientEvent(e)
 	} else {
-		fmt.Fprintf(mod.output, "[%s] [%s] %v\n", e.Time.Format(eventTimeFormat), tui.Green(e.Tag), e)
+		fmt.Fprintf(mod.output, "[%s] [%s] %v\n", e.Time.Format(mod.timeFormat), tui.Green(e.Tag), e)
 	}
 }