github/bettercap
1
0
Fork 0
mirror of https://github.com/bettercap/bettercap synced 2025-07-31 12:10:10 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

new: net.sniff now also reports mDNS questions

Browse source
This commit is contained in:
evilsocket 2018-08-30 19:18:38 +03:00
parent cf000fc5f7
commit da9919484b
No known key found for this signature in database
GPG key ID: 1564D7F30393A456
1 changed files with 15 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

15
modules/net_sniff_mdns.go
View file

@ -14,6 +14,21 @@ func mdnsParser(ip *layers.IPv4, pkt gopacket.Packet, udp *layers.UDP) bool {
if udp.SrcPort == packets.MDNSPort && udp.DstPort == packets.MDNSPort { if udp.SrcPort == packets.MDNSPort && udp.DstPort == packets.MDNSPort {
dns := layers.DNS{} dns := layers.DNS{}
if err := dns.DecodeFromBytes(udp.Payload, gopacket.NilDecodeFeedback); err == nil && dns.OpCode == layers.DNSOpCodeQuery { if err := dns.DecodeFromBytes(udp.Payload, gopacket.NilDecodeFeedback); err == nil && dns.OpCode == layers.DNSOpCodeQuery {
for _, q := range dns.Questions {
NewSnifferEvent(
pkt.Metadata().Timestamp,
"mdns",
ip.SrcIP.String(),
ip.DstIP.String(),
nil,
"%s %s : %s query for %s",
core.W(core.BG_DGRAY+core.FG_WHITE, "mdns"),
vIP(ip.SrcIP),
core.Dim(q.Type.String()),
core.Yellow(string(q.Name)),
).Push()
}
m := make(map[string][]string) m := make(map[string][]string)
answers := append(dns.Answers, dns.Additionals...) answers := append(dns.Answers, dns.Additionals...)
answers = append(answers, dns.Authorities...) answers = append(answers, dns.Authorities...)