Refactoring modules

2025-08-21 05:53:20 -07:00 · 2019-02-10 23:58:08 +01:00 · 2019-02-10 23:58:08 +01:00 · ed652622e2
commit ed652622e2
parent c0d3c314fc
89 changed files with 186 additions and 138 deletions
--- a/modules/events_stream/events_ignore_list.go
+++ b/modules/events_stream/events_ignore_list.go
@ -0,0 +1,113 @@
+package events_stream
+
+import (
+	"errors"
+	"fmt"
+	"strings"
+	"sync"
+
+	"github.com/bettercap/bettercap/session"
+
+	"github.com/evilsocket/islazy/str"
+)
+
+var (
+	ErrEmptyExpression = errors.New("expression can not be empty")
+)
+
+type IgnoreFilter string
+
+func (f IgnoreFilter) Matches(s string) bool {
+	return string(f) == s || strings.HasPrefix(s, string(f))
+}
+
+type IgnoreList struct {
+	sync.RWMutex
+	filters []IgnoreFilter
+}
+
+func NewIgnoreList() *IgnoreList {
+	return &IgnoreList{
+		filters: make([]IgnoreFilter, 0),
+	}
+}
+
+func (l *IgnoreList) checkExpression(expr string) (string, error) {
+	expr = str.Trim(expr)
+	if expr == "" {
+		return "", ErrEmptyExpression
+	}
+
+	return expr, nil
+}
+
+func (l *IgnoreList) Add(expr string) (err error) {
+	if expr, err = l.checkExpression(expr); err != nil {
+		return err
+	}
+
+	l.Lock()
+	defer l.Unlock()
+
+	// first check for duplicates
+	for _, filter := range l.filters {
+		if filter.Matches(expr) {
+			return fmt.Errorf("filter '%s' already matches the expression '%s'", filter, expr)
+		}
+	}
+
+	// all good
+	l.filters = append(l.filters, IgnoreFilter(expr))
+
+	return nil
+}
+
+func (l *IgnoreList) Remove(expr string) (err error) {
+	if expr, err = l.checkExpression(expr); err != nil {
+		return err
+	}
+
+	l.Lock()
+	defer l.Unlock()
+
+	// build a new list with everything that does not match
+	toRemove := IgnoreFilter(expr)
+	newList := make([]IgnoreFilter, 0)
+	for _, filter := range l.filters {
+		if !toRemove.Matches(string(filter)) {
+			newList = append(newList, filter)
+		}
+	}
+
+	if len(newList) == len(l.filters) {
+		return fmt.Errorf("expression '%s' did not match any filter", expr)
+	}
+
+	// swap
+	l.filters = newList
+
+	return nil
+}
+
+func (l *IgnoreList) Ignored(e session.Event) bool {
+	l.RLock()
+	defer l.RUnlock()
+
+	for _, filter := range l.filters {
+		if filter.Matches(e.Tag) {
+			return true
+		}
+	}
+
+	return false
+}
+
+func (l *IgnoreList) Empty() bool {
+	l.RLock()
+	defer l.RUnlock()
+	return len(l.filters) == 0
+}
+
+func (l *IgnoreList) Filters() []IgnoreFilter {
+	return l.filters
+}
--- a/modules/events_stream/events_stream.go
+++ b/modules/events_stream/events_stream.go
@ -0,0 +1,295 @@
+package events_stream
+
+import (
+	"fmt"
+	"os"
+	"strconv"
+	"sync"
+	"time"
+
+	"github.com/bettercap/bettercap/log"
+	"github.com/bettercap/bettercap/session"
+
+	"github.com/evilsocket/islazy/fs"
+	"github.com/evilsocket/islazy/str"
+	"github.com/evilsocket/islazy/tui"
+)
+
+type rotation struct {
+	sync.Mutex
+	Enabled  bool
+	Compress bool
+	Format   string
+	How      string
+	Period   float64
+}
+
+type EventsStream struct {
+	session.SessionModule
+	outputName    string
+	output        *os.File
+	rotation      rotation
+	ignoreList    *IgnoreList
+	waitFor       string
+	waitChan      chan *session.Event
+	eventListener <-chan session.Event
+	quit          chan bool
+	dumpHttpReqs  bool
+	dumpHttpResp  bool
+}
+
+func NewEventsStream(s *session.Session) *EventsStream {
+	stream := &EventsStream{
+		SessionModule: session.NewSessionModule("events.stream", s),
+		output:        os.Stdout,
+		quit:          make(chan bool),
+		waitChan:      make(chan *session.Event),
+		waitFor:       "",
+		ignoreList:    NewIgnoreList(),
+	}
+
+	stream.AddHandler(session.NewModuleHandler("events.stream on", "",
+		"Start events stream.",
+		func(args []string) error {
+			return stream.Start()
+		}))
+
+	stream.AddHandler(session.NewModuleHandler("events.stream off", "",
+		"Stop events stream.",
+		func(args []string) error {
+			return stream.Stop()
+		}))
+
+	stream.AddHandler(session.NewModuleHandler("events.show LIMIT?", "events.show(\\s\\d+)?",
+		"Show events stream.",
+		func(args []string) error {
+			limit := -1
+			if len(args) == 1 {
+				arg := str.Trim(args[0])
+				limit, _ = strconv.Atoi(arg)
+			}
+			return stream.Show(limit)
+		}))
+
+	stream.AddHandler(session.NewModuleHandler("events.waitfor TAG TIMEOUT?", `events.waitfor ([^\s]+)([\s\d]*)`,
+		"Wait for an event with the given tag either forever or for a timeout in seconds.",
+		func(args []string) error {
+			tag := args[0]
+			timeout := 0
+			if len(args) == 2 {
+				t := str.Trim(args[1])
+				if t != "" {
+					n, err := strconv.Atoi(t)
+					if err != nil {
+						return err
+					}
+					timeout = n
+				}
+			}
+			return stream.startWaitingFor(tag, timeout)
+		}))
+
+	stream.AddHandler(session.NewModuleHandler("events.ignore FILTER", "events.ignore ([^\\s]+)",
+		"Events with an identifier matching this filter will not be shown (use multiple times to add more filters).",
+		func(args []string) error {
+			return stream.ignoreList.Add(args[0])
+		}))
+
+	stream.AddHandler(session.NewModuleHandler("events.include FILTER", "events.include ([^\\s]+)",
+		"Used to remove filters passed with the events.ignore command.",
+		func(args []string) error {
+			return stream.ignoreList.Remove(args[0])
+		}))
+
+	stream.AddHandler(session.NewModuleHandler("events.filters", "",
+		"Print the list of filters used to ignore events.",
+		func(args []string) error {
+			if stream.ignoreList.Empty() {
+				fmt.Printf("Ignore filters list is empty.\n")
+			} else {
+				stream.ignoreList.RLock()
+				defer stream.ignoreList.RUnlock()
+
+				for _, filter := range stream.ignoreList.Filters() {
+					fmt.Printf("  '%s'\n", string(filter))
+				}
+			}
+			return nil
+		}))
+
+	stream.AddHandler(session.NewModuleHandler("events.clear", "",
+		"Clear events stream.",
+		func(args []string) error {
+			stream.Session.Events.Clear()
+			return nil
+		}))
+
+	stream.AddParam(session.NewStringParameter("events.stream.output",
+		"",
+		"",
+		"If not empty, events will be written to this file instead of the standard output."))
+
+	stream.AddParam(session.NewBoolParameter("events.stream.output.rotate",
+		"true",
+		"If true will enable log rotation."))
+
+	stream.AddParam(session.NewBoolParameter("events.stream.output.rotate.compress",
+		"true",
+		"If true will enable log rotation compression."))
+
+	stream.AddParam(session.NewStringParameter("events.stream.output.rotate.how",
+		"size",
+		"(size|time)",
+		"Rotate by 'size' or 'time'."))
+
+	stream.AddParam(session.NewStringParameter("events.stream.output.rotate.format",
+		"2006-01-02 15:04:05",
+		"",
+		"Datetime format to use for log rotation file names."))
+
+	stream.AddParam(session.NewDecimalParameter("events.stream.output.rotate.when",
+		"10",
+		"File size (in MB) or time duration (in seconds) for log rotation."))
+
+	stream.AddParam(session.NewBoolParameter("events.stream.http.request.dump",
+		"false",
+		"If true all HTTP requests will be dumped."))
+
+	stream.AddParam(session.NewBoolParameter("events.stream.http.response.dump",
+		"false",
+		"If true all HTTP responses will be dumped."))
+
+	return stream
+}
+
+func (s EventsStream) Name() string {
+	return "events.stream"
+}
+
+func (s EventsStream) Description() string {
+	return "Print events as a continuous stream."
+}
+
+func (s EventsStream) Author() string {
+	return "Simone Margaritelli <evilsocket@protonmail.com>"
+}
+
+func (s *EventsStream) Configure() (err error) {
+	var output string
+
+	if err, output = s.StringParam("events.stream.output"); err == nil {
+		if output == "" {
+			s.output = os.Stdout
+		} else if s.outputName, err = fs.Expand(output); err == nil {
+			s.output, err = os.OpenFile(s.outputName, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0644)
+		}
+	}
+
+	if err, s.rotation.Enabled = s.BoolParam("events.stream.output.rotate"); err != nil {
+		return err
+	} else if err, s.rotation.Compress = s.BoolParam("events.stream.output.rotate.compress"); err != nil {
+		return err
+	} else if err, s.rotation.Format = s.StringParam("events.stream.output.rotate.format"); err != nil {
+		return err
+	} else if err, s.rotation.How = s.StringParam("events.stream.output.rotate.how"); err != nil {
+		return err
+	} else if err, s.rotation.Period = s.DecParam("events.stream.output.rotate.when"); err != nil {
+		return err
+	}
+
+	if err, s.dumpHttpReqs = s.BoolParam("events.stream.http.request.dump"); err != nil {
+		return err
+	} else if err, s.dumpHttpResp = s.BoolParam("events.stream.http.response.dump"); err != nil {
+		return err
+	}
+
+	return err
+}
+
+func (s *EventsStream) Start() error {
+	if err := s.Configure(); err != nil {
+		return err
+	}
+
+	return s.SetRunning(true, func() {
+		s.eventListener = s.Session.Events.Listen()
+		defer s.Session.Events.Unlisten(s.eventListener)
+
+		for {
+			var e session.Event
+			select {
+			case e = <-s.eventListener:
+				if e.Tag == s.waitFor {
+					s.waitFor = ""
+					s.waitChan <- &e
+				}
+
+				if !s.ignoreList.Ignored(e) {
+					s.View(e, true)
+				}
+
+			case <-s.quit:
+				return
+			}
+		}
+	})
+}
+
+func (s *EventsStream) Show(limit int) error {
+	events := s.Session.Events.Sorted()
+	num := len(events)
+
+	selected := []session.Event{}
+	for i := range events {
+		e := events[num-1-i]
+		if !s.ignoreList.Ignored(e) {
+			selected = append(selected, e)
+			if len(selected) == limit {
+				break
+			}
+		}
+	}
+
+	if numSelected := len(selected); numSelected > 0 {
+		fmt.Println()
+		for i := range selected {
+			s.View(selected[numSelected-1-i], false)
+		}
+		s.Session.Refresh()
+	}
+
+	return nil
+}
+
+func (s *EventsStream) startWaitingFor(tag string, timeout int) error {
+	if timeout == 0 {
+		log.Info("waiting for event %s ...", tui.Green(tag))
+	} else {
+		log.Info("waiting for event %s for %d seconds ...", tui.Green(tag), timeout)
+		go func() {
+			time.Sleep(time.Duration(timeout) * time.Second)
+			s.waitFor = ""
+			s.waitChan <- nil
+		}()
+	}
+
+	s.waitFor = tag
+	event := <-s.waitChan
+
+	if event == nil {
+		return fmt.Errorf("'events.waitFor %s %d' timed out.", tag, timeout)
+	} else {
+		log.Debug("got event: %v", event)
+	}
+
+	return nil
+}
+
+func (s *EventsStream) Stop() error {
+	return s.SetRunning(false, func() {
+		s.quit <- true
+		if s.output != os.Stdout {
+			s.output.Close()
+		}
+	})
+}
--- a/modules/events_stream/events_view.go
+++ b/modules/events_stream/events_view.go
@ -0,0 +1,180 @@
+package events_stream
+
+import (
+	"fmt"
+	"github.com/bettercap/bettercap/modules/net_sniff"
+	"os"
+	"strings"
+	"time"
+
+	"github.com/bettercap/bettercap/network"
+	"github.com/bettercap/bettercap/session"
+
+	"github.com/bettercap/bettercap/modules/syn_scan"
+
+	"github.com/google/go-github/github"
+
+	"github.com/evilsocket/islazy/tui"
+	"github.com/evilsocket/islazy/zip"
+)
+
+const eventTimeFormat = "15:04:05"
+
+func (s *EventsStream) viewLogEvent(e session.Event) {
+	fmt.Fprintf(s.output, "[%s] [%s] [%s] %s\n",
+		e.Time.Format(eventTimeFormat),
+		tui.Green(e.Tag),
+		e.Label(),
+		e.Data.(session.LogMessage).Message)
+}
+
+func (s *EventsStream) viewEndpointEvent(e session.Event) {
+	t := e.Data.(*network.Endpoint)
+	vend := ""
+	name := ""
+
+	if t.Vendor != "" {
+		vend = fmt.Sprintf(" (%s)", t.Vendor)
+	}
+
+	if t.Alias != "" {
+		name = fmt.Sprintf(" (%s)", t.Alias)
+	} else if t.Hostname != "" {
+		name = fmt.Sprintf(" (%s)", t.Hostname)
+	}
+
+	if e.Tag == "endpoint.new" {
+		fmt.Fprintf(s.output, "[%s] [%s] endpoint %s%s detected as %s%s.\n",
+			e.Time.Format(eventTimeFormat),
+			tui.Green(e.Tag),
+			tui.Bold(t.IpAddress),
+			tui.Dim(name),
+			tui.Green(t.HwAddress),
+			tui.Dim(vend))
+	} else if e.Tag == "endpoint.lost" {
+		fmt.Fprintf(s.output, "[%s] [%s] endpoint %s%s %s%s lost.\n",
+			e.Time.Format(eventTimeFormat),
+			tui.Green(e.Tag),
+			tui.Red(t.IpAddress),
+			tui.Dim(name),
+			tui.Green(t.HwAddress),
+			tui.Dim(vend))
+	} else {
+		fmt.Fprintf(s.output, "[%s] [%s] %s\n",
+			e.Time.Format(eventTimeFormat),
+			tui.Green(e.Tag),
+			t.String())
+	}
+}
+
+func (s *EventsStream) viewModuleEvent(e session.Event) {
+	fmt.Fprintf(s.output, "[%s] [%s] %s\n",
+		e.Time.Format(eventTimeFormat),
+		tui.Green(e.Tag),
+		e.Data)
+}
+
+func (s *EventsStream) viewSnifferEvent(e session.Event) {
+	if strings.HasPrefix(e.Tag, "net.sniff.http.") {
+		s.viewHttpEvent(e)
+	} else {
+		fmt.Fprintf(s.output, "[%s] [%s] %s\n",
+			e.Time.Format(eventTimeFormat),
+			tui.Green(e.Tag),
+			e.Data.(net_sniff.SnifferEvent).Message)
+	}
+}
+
+func (s *EventsStream) viewSynScanEvent(e session.Event) {
+	se := e.Data.(syn_scan.SynScanEvent)
+	fmt.Fprintf(s.output, "[%s] [%s] found open port %d for %s\n",
+		e.Time.Format(eventTimeFormat),
+		tui.Green(e.Tag),
+		se.Port,
+		tui.Bold(se.Address))
+}
+
+func (s *EventsStream) viewUpdateEvent(e session.Event) {
+	update := e.Data.(*github.RepositoryRelease)
+
+	fmt.Fprintf(s.output, "[%s] [%s] an update to version %s is available at %s\n",
+		e.Time.Format(eventTimeFormat),
+		tui.Bold(tui.Yellow(e.Tag)),
+		tui.Bold(*update.TagName),
+		*update.HTMLURL)
+}
+
+func (s *EventsStream) doRotation() {
+	if s.output == os.Stdout {
+		return
+	} else if !s.rotation.Enabled {
+		return
+	}
+
+	s.rotation.Lock()
+	defer s.rotation.Unlock()
+
+	doRotate := false
+	if info, err := s.output.Stat(); err == nil {
+		if s.rotation.How == "size" {
+			doRotate = float64(info.Size()) >= float64(s.rotation.Period*1024*1024)
+		} else if s.rotation.How == "time" {
+			doRotate = info.ModTime().Unix()%int64(s.rotation.Period) == 0
+		}
+	}
+
+	if doRotate {
+		var err error
+
+		name := fmt.Sprintf("%s-%s", s.outputName, time.Now().Format(s.rotation.Format))
+
+		if err := s.output.Close(); err != nil {
+			fmt.Printf("could not close log for rotation: %s\n", err)
+			return
+		}
+
+		if err := os.Rename(s.outputName, name); err != nil {
+			fmt.Printf("could not rename %s to %s: %s\n", s.outputName, name, err)
+		} else if s.rotation.Compress {
+			zipName := fmt.Sprintf("%s.zip", name)
+			if err = zip.Files(zipName, []string{name}); err != nil {
+				fmt.Printf("error creating %s: %s", zipName, err)
+			} else if err = os.Remove(name); err != nil {
+				fmt.Printf("error deleting %s: %s", name, err)
+			}
+		}
+
+		s.output, err = os.OpenFile(s.outputName, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0644)
+		if err != nil {
+			fmt.Printf("could not open %s: %s", s.outputName, err)
+		}
+	}
+}
+
+func (s *EventsStream) View(e session.Event, refresh bool) {
+	if e.Tag == "sys.log" {
+		s.viewLogEvent(e)
+	} else if strings.HasPrefix(e.Tag, "endpoint.") {
+		s.viewEndpointEvent(e)
+	} else if strings.HasPrefix(e.Tag, "wifi.") {
+		s.viewWiFiEvent(e)
+	} else if strings.HasPrefix(e.Tag, "ble.") {
+		s.viewBLEEvent(e)
+	} else if strings.HasPrefix(e.Tag, "mod.") {
+		s.viewModuleEvent(e)
+	} else if strings.HasPrefix(e.Tag, "net.sniff.") {
+		s.viewSnifferEvent(e)
+	} else if e.Tag == "syn.scan" {
+		s.viewSynScanEvent(e)
+	} else if e.Tag == "update.available" {
+		s.viewUpdateEvent(e)
+	} else {
+		fmt.Fprintf(s.output, "[%s] [%s] %v\n", e.Time.Format(eventTimeFormat), tui.Green(e.Tag), e)
+	}
+
+	if refresh && s.output == os.Stdout {
+		s.Session.Refresh()
+	}
+
+	s.doRotation()
+}
--- a/modules/events_stream/events_view_ble.go
+++ b/modules/events_stream/events_view_ble.go
@ -0,0 +1,56 @@
+// +build !windows
+// +build !darwin
+
+package events_stream
+
+import (
+	"fmt"
+
+	"github.com/bettercap/bettercap/network"
+	"github.com/bettercap/bettercap/session"
+
+	"github.com/evilsocket/islazy/tui"
+)
+
+func (s *EventsStream) viewBLEEvent(e session.Event) {
+	if e.Tag == "ble.device.new" {
+		dev := e.Data.(*network.BLEDevice)
+		name := dev.Device.Name()
+		if name != "" {
+			name = " " + tui.Bold(name)
+		}
+		vend := dev.Vendor
+		if vend != "" {
+			vend = fmt.Sprintf(" (%s)", tui.Yellow(vend))
+		}
+
+		fmt.Fprintf(s.output, "[%s] [%s] new BLE device%s detected as %s%s %s.\n",
+			e.Time.Format(eventTimeFormat),
+			tui.Green(e.Tag),
+			name,
+			dev.Device.ID(),
+			vend,
+			tui.Dim(fmt.Sprintf("%d dBm", dev.RSSI)))
+	} else if e.Tag == "ble.device.lost" {
+		dev := e.Data.(*network.BLEDevice)
+		name := dev.Device.Name()
+		if name != "" {
+			name = " " + tui.Bold(name)
+		}
+		vend := dev.Vendor
+		if vend != "" {
+			vend = fmt.Sprintf(" (%s)", tui.Yellow(vend))
+		}
+
+		fmt.Fprintf(s.output, "[%s] [%s] BLE device%s %s%s lost.\n",
+			e.Time.Format(eventTimeFormat),
+			tui.Green(e.Tag),
+			name,
+			dev.Device.ID(),
+			vend)
+	} /* else {
+		fmt.Fprintf(s.output,"[%s] [%s]\n",
+			e.Time.Format(eventTimeFormat),
+			tui.Green(e.Tag))
+	} */
+}
--- a/modules/events_stream/events_view_ble_unsupported.go
+++ b/modules/events_stream/events_view_ble_unsupported.go
@ -0,0 +1,11 @@
+// +build windows darwin
+
+package events_stream
+
+import (
+	"github.com/bettercap/bettercap/session"
+)
+
+func (s *EventsStream) viewBLEEvent(e session.Event) {
+
+}
--- a/modules/events_stream/events_view_http.go
+++ b/modules/events_stream/events_view_http.go
@ -0,0 +1,198 @@
+package events_stream
+
+import (
+	"bytes"
+	"compress/gzip"
+	"encoding/hex"
+	"encoding/json"
+	"fmt"
+	"github.com/bettercap/bettercap/modules/net_sniff"
+	"net/url"
+	"regexp"
+	"strings"
+
+	"github.com/bettercap/bettercap/session"
+
+	"github.com/evilsocket/islazy/tui"
+)
+
+var (
+	reJsonKey = regexp.MustCompile(`("[^"]+"):`)
+)
+
+func (s *EventsStream) shouldDumpHttpRequest(req net_sniff.HTTPRequest) bool {
+	if s.dumpHttpReqs {
+		// dump all
+		return true
+	} else if req.Method != "GET" {
+		// dump if it's not just a GET
+		return true
+	}
+	// search for interesting headers and cookies
+	for name := range req.Headers {
+		headerName := strings.ToLower(name)
+		if strings.Contains(headerName, "auth") || strings.Contains(headerName, "token") {
+			return true
+		}
+	}
+	return false
+}
+
+func (s *EventsStream) shouldDumpHttpResponse(res net_sniff.HTTPResponse) bool {
+	if s.dumpHttpResp {
+		return true
+	} else if strings.Contains(res.ContentType, "text/plain") {
+		return true
+	} else if strings.Contains(res.ContentType, "application/json") {
+		return true
+	} else if strings.Contains(res.ContentType, "text/xml") {
+		return true
+	}
+	// search for interesting headers
+	for name := range res.Headers {
+		headerName := strings.ToLower(name)
+		if strings.Contains(headerName, "auth") || strings.Contains(headerName, "token") || strings.Contains(headerName, "cookie") {
+			return true
+		}
+	}
+	return false
+}
+
+func (s *EventsStream) dumpForm(body []byte) string {
+	form := []string{}
+	for _, v := range strings.Split(string(body), "&") {
+		if strings.Contains(v, "=") {
+			parts := strings.SplitN(v, "=", 2)
+			name := parts[0]
+			value, err := url.QueryUnescape(parts[1])
+			if err != nil {
+				value = parts[1]
+			}
+
+			form = append(form, fmt.Sprintf("%s=%s", tui.Green(name), tui.Bold(tui.Red(value))))
+		} else {
+			value, err := url.QueryUnescape(v)
+			if err != nil {
+				value = v
+			}
+			form = append(form, fmt.Sprintf("%s", tui.Bold(tui.Red(value))))
+		}
+	}
+	return "\n" + strings.Join(form, "&") + "\n"
+}
+
+func (s *EventsStream) dumpText(body []byte) string {
+	return "\n" + tui.Bold(tui.Red(string(body))) + "\n"
+}
+
+func (s *EventsStream) dumpGZIP(body []byte) string {
+	buffer := bytes.NewBuffer(body)
+	uncompressed := bytes.Buffer{}
+	reader, err := gzip.NewReader(buffer)
+	if err != nil {
+		return s.dumpRaw(body)
+	} else if _, err = uncompressed.ReadFrom(reader); err != nil {
+		return s.dumpRaw(body)
+	}
+	return s.dumpRaw(uncompressed.Bytes())
+}
+
+func (s *EventsStream) dumpJSON(body []byte) string {
+	var buf bytes.Buffer
+	var pretty string
+
+	if err := json.Indent(&buf, body, "", "  "); err != nil {
+		pretty = string(body)
+	} else {
+		pretty = string(buf.Bytes())
+	}
+
+	return "\n" + reJsonKey.ReplaceAllString(pretty, tui.Green(`$1:`)) + "\n"
+}
+
+func (s *EventsStream) dumpXML(body []byte) string {
+	// TODO: indent xml
+	return "\n" + string(body) + "\n"
+}
+
+func (s *EventsStream) dumpRaw(body []byte) string {
+	return "\n" + hex.Dump(body) + "\n"
+}
+
+func (s *EventsStream) viewHttpRequest(e session.Event) {
+	se := e.Data.(net_sniff.SnifferEvent)
+	req := se.Data.(net_sniff.HTTPRequest)
+
+	fmt.Fprintf(s.output, "[%s] [%s] %s\n",
+		e.Time.Format(eventTimeFormat),
+		tui.Green(e.Tag),
+		se.Message)
+
+	if s.shouldDumpHttpRequest(req) {
+		dump := fmt.Sprintf("%s %s %s\n", tui.Bold(req.Method), req.URL, tui.Dim(req.Proto))
+		dump += fmt.Sprintf("%s: %s\n", tui.Blue("Host"), tui.Yellow(req.Host))
+		for name, values := range req.Headers {
+			for _, value := range values {
+				dump += fmt.Sprintf("%s: %s\n", tui.Blue(name), tui.Yellow(value))
+			}
+		}
+
+		if req.Body != nil {
+			if req.IsType("application/x-www-form-urlencoded") {
+				dump += s.dumpForm(req.Body)
+			} else if req.IsType("text/plain") {
+				dump += s.dumpText(req.Body)
+			} else if req.IsType("text/xml") {
+				dump += s.dumpXML(req.Body)
+			} else if req.IsType("gzip") {
+				dump += s.dumpGZIP(req.Body)
+			} else if req.IsType("application/json") {
+				dump += s.dumpJSON(req.Body)
+			} else {
+				dump += s.dumpRaw(req.Body)
+			}
+		}
+
+		fmt.Fprintf(s.output, "\n%s\n", dump)
+	}
+}
+
+func (s *EventsStream) viewHttpResponse(e session.Event) {
+	se := e.Data.(net_sniff.SnifferEvent)
+	res := se.Data.(net_sniff.HTTPResponse)
+
+	fmt.Fprintf(s.output, "[%s] [%s] %s\n",
+		e.Time.Format(eventTimeFormat),
+		tui.Green(e.Tag),
+		se.Message)
+
+	if s.shouldDumpHttpResponse(res) {
+		dump := fmt.Sprintf("%s %s\n", tui.Dim(res.Protocol), res.Status)
+		for name, values := range res.Headers {
+			for _, value := range values {
+				dump += fmt.Sprintf("%s: %s\n", tui.Blue(name), tui.Yellow(value))
+			}
+		}
+
+		if res.Body != nil {
+			// TODO: add more interesting response types
+			if res.IsType("text/plain") {
+				dump += s.dumpText(res.Body)
+			} else if res.IsType("application/json") {
+				dump += s.dumpJSON(res.Body)
+			} else if res.IsType("text/xml") {
+				dump += s.dumpXML(res.Body)
+			}
+		}
+
+		fmt.Fprintf(s.output, "\n%s\n", dump)
+	}
+}
+
+func (s *EventsStream) viewHttpEvent(e session.Event) {
+	if e.Tag == "net.sniff.http.request" {
+		s.viewHttpRequest(e)
+	} else if e.Tag == "net.sniff.http.response" {
+		s.viewHttpResponse(e)
+	}
+}
--- a/modules/events_stream/events_view_wifi.go
+++ b/modules/events_stream/events_view_wifi.go
@ -0,0 +1,128 @@
+package events_stream
+
+import (
+	"fmt"
+	"github.com/bettercap/bettercap/modules/wifi"
+	"strings"
+
+	"github.com/bettercap/bettercap/network"
+	"github.com/bettercap/bettercap/session"
+
+	"github.com/evilsocket/islazy/tui"
+)
+
+func (s *EventsStream) viewWiFiApEvent(e session.Event) {
+	ap := e.Data.(*network.AccessPoint)
+	vend := ""
+	if ap.Vendor != "" {
+		vend = fmt.Sprintf(" (%s)", ap.Vendor)
+	}
+	rssi := ""
+	if ap.RSSI != 0 {
+		rssi = fmt.Sprintf(" (%d dBm)", ap.RSSI)
+	}
+
+	if e.Tag == "wifi.ap.new" {
+		fmt.Fprintf(s.output, "[%s] [%s] wifi access point %s%s detected as %s%s.\n",
+			e.Time.Format(eventTimeFormat),
+			tui.Green(e.Tag),
+			tui.Bold(ap.ESSID()),
+			tui.Dim(tui.Yellow(rssi)),
+			tui.Green(ap.BSSID()),
+			tui.Dim(vend))
+	} else if e.Tag == "wifi.ap.lost" {
+		fmt.Fprintf(s.output, "[%s] [%s] wifi access point %s (%s) lost.\n",
+			e.Time.Format(eventTimeFormat),
+			tui.Green(e.Tag),
+			tui.Red(ap.ESSID()),
+			ap.BSSID())
+	} else {
+		fmt.Fprintf(s.output, "[%s] [%s] %s\n",
+			e.Time.Format(eventTimeFormat),
+			tui.Green(e.Tag),
+			ap.String())
+	}
+}
+
+func (s *EventsStream) viewWiFiClientProbeEvent(e session.Event) {
+	probe := e.Data.(wifi.WiFiProbeEvent)
+	desc := ""
+	if probe.FromAlias != "" {
+		desc = fmt.Sprintf(" (%s)", probe.FromAlias)
+	} else if probe.FromVendor != "" {
+		desc = fmt.Sprintf(" (%s)", probe.FromVendor)
+	}
+	rssi := ""
+	if probe.RSSI != 0 {
+		rssi = fmt.Sprintf(" (%d dBm)", probe.RSSI)
+	}
+
+	fmt.Fprintf(s.output, "[%s] [%s] station %s%s is probing for SSID %s%s\n",
+		e.Time.Format(eventTimeFormat),
+		tui.Green(e.Tag),
+		probe.FromAddr.String(),
+		tui.Dim(desc),
+		tui.Bold(probe.SSID),
+		tui.Yellow(rssi))
+}
+
+func (s *EventsStream) viewWiFiHandshakeEvent(e session.Event) {
+	hand := e.Data.(wifi.WiFiHandshakeEvent)
+
+	from := hand.Station.String()
+	to := hand.AP.String()
+	what := "handshake"
+
+	if ap, found := s.Session.WiFi.Get(hand.AP.String()); found {
+		to = fmt.Sprintf("%s (%s)", tui.Bold(ap.ESSID()), tui.Dim(ap.BSSID()))
+		what = fmt.Sprintf("%s handshake", ap.Encryption)
+	}
+
+	if hand.PMKID != nil {
+		what = "RSN PMKID"
+	}
+
+	fmt.Fprintf(s.output, "[%s] [%s] captured %s -> %s %s to %s\n",
+		e.Time.Format(eventTimeFormat),
+		tui.Green(e.Tag),
+		from,
+		to,
+		tui.Red(what),
+		hand.File)
+}
+
+func (s *EventsStream) viewWiFiClientEvent(e session.Event) {
+	ce := e.Data.(wifi.WiFiClientEvent)
+
+	ce.Client.Alias = s.Session.Lan.GetAlias(ce.Client.BSSID())
+
+	if e.Tag == "wifi.client.new" {
+		fmt.Fprintf(s.output, "[%s] [%s] new station %s detected for %s (%s)\n",
+			e.Time.Format(eventTimeFormat),
+			tui.Green(e.Tag),
+			ce.Client.String(),
+			tui.Bold(ce.AP.ESSID()),
+			tui.Dim(ce.AP.BSSID()))
+	} else if e.Tag == "wifi.client.lost" {
+		fmt.Fprintf(s.output, "[%s] [%s] station %s disconnected from %s (%s)\n",
+			e.Time.Format(eventTimeFormat),
+			tui.Green(e.Tag),
+			ce.Client.String(),
+			tui.Bold(ce.AP.ESSID()),
+			tui.Dim(ce.AP.BSSID()))
+	}
+}
+
+func (s *EventsStream) viewWiFiEvent(e session.Event) {
+	if strings.HasPrefix(e.Tag, "wifi.ap.") {
+		s.viewWiFiApEvent(e)
+	} else if e.Tag == "wifi.client.probe" {
+		s.viewWiFiClientProbeEvent(e)
+	} else if e.Tag == "wifi.client.handshake" {
+		s.viewWiFiHandshakeEvent(e)
+	} else if e.Tag == "wifi.client.new" || e.Tag == "wifi.client.lost" {
+		s.viewWiFiClientEvent(e)
+	} else {
+		fmt.Fprintf(s.output, "[%s] [%s] %v\n", e.Time.Format(eventTimeFormat), tui.Green(e.Tag), e)
+	}
+}