github/bettercap
1
0
Fork 0
mirror of https://github.com/bettercap/bettercap synced 2025-07-30 11:40:33 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

new: net.probe on uses both NBNS and MDNS queries to fetch endpoints metadata and hostnames

Browse source
This commit is contained in:
evilsocket 2018-09-09 12:35:00 +03:00
parent 36999813c4
commit e2cc4574c4
No known key found for this signature in database
GPG key ID: 1564D7F30393A456
8 changed files with 127 additions and 106 deletions
Download patch file Download diff file Expand all files Collapse all files

37
packets/mdns.go
View file

@ -18,54 +18,41 @@ var (
)
func MDNSGetMeta(pkt gopacket.Packet) map[string]string {
meta := make(map[string]string)
if ludp := pkt.Layer(layers.LayerTypeUDP); ludp != nil {
if udp := ludp.(*layers.UDP); udp != nil && udp.SrcPort == MDNSPort && udp.DstPort == MDNSPort {
dns := layers.DNS{}
if err := dns.DecodeFromBytes(udp.Payload, gopacket.NilDecodeFeedback); err == nil {
answers := append(dns.Answers, dns.Additionals...)
answers = append(answers, dns.Authorities...)
for _, answer := range answers {
switch answer.Type {
case layers.DNSTypePTR:
case layers.DNSTypeA:
case layers.DNSTypeAAAA:
meta["mdns:hostname"] = string(answer.Name)
case layers.DNSTypeTXT:
meta := make(map[string]string)
for _, raw := range answer.TXTs {
if value := string(raw); strings.Contains(value, "=") {
parts := strings.SplitN(value, "=", 2)
meta[core.Trim(parts[0])] = core.Trim(parts[1])
}
}
if len(meta) > 0 {
return meta
}
}
}
}
}
}
if len(meta) > 0 {
return meta
}
return nil
}
func MDNSGetHostname(pkt gopacket.Packet) string {
if ludp := pkt.Layer(layers.LayerTypeUDP); ludp != nil {
if udp := ludp.(*layers.UDP); udp != nil && udp.SrcPort == MDNSPort && udp.DstPort == MDNSPort {
dns := layers.DNS{}
if err := dns.DecodeFromBytes(udp.Payload, gopacket.NilDecodeFeedback); err == nil {
answers := append(dns.Answers, dns.Additionals...)
answers = append(answers, dns.Authorities...)
for _, answer := range answers {
switch answer.Type {
case layers.DNSTypePTR:
case layers.DNSTypeA:
case layers.DNSTypeAAAA:
return string(answer.Name)
}
}
}
}
}
return ""
}
func NewMDNSProbe(from net.IP, from_hw net.HardwareAddr) (error, []byte) {
eth := layers.Ethernet{
SrcMAC: from_hw,