new: hid.sniff will now hexdump sniffed payloads (closes #490)

modules/hid/hid.go

@@ -32,6 +32,7 @@ type HIDRecon struct {
 	sniffType    string
 	pingPayload  []byte
 	inSniffMode  bool
+	sniffSilent  bool
 	inPromMode   bool
 	inInjectMode bool
 	keyLayout    string
@@ -58,6 +59,7 @@ func NewHIDRecon(s *session.Session) *HIDRecon {
 		inSniffMode:   false,
 		inPromMode:    false,
 		inInjectMode:  false,
+		sniffSilent:   true,
 		pingPayload:   []byte{0x0f, 0x0f, 0x0f, 0x0f},
 		keyLayout:     "US",
 		scriptPath:    "",
@@ -85,7 +87,7 @@ func NewHIDRecon(s *session.Session) *HIDRecon {
 	sniff := session.NewModuleHandler("hid.sniff ADDRESS", `(?i)^hid\.sniff ([a-f0-9]{2}:[a-f0-9]{2}:[a-f0-9]{2}:[a-f0-9]{2}:[a-f0-9]{2}|clear)$`,
 		"Start sniffing a specific ADDRESS in order to collect payloads, use 'clear' to stop collecting.",
 		func(args []string) error {
-			return mod.setSniffMode(args[0])
+			return mod.setSniffMode(args[0], false)
 		})
 
 	sniff.Complete("hid.sniff", s.HIDCompleter)

modules/hid/hid_inject.go

@@ -18,7 +18,7 @@ func (mod *HIDRecon) isInjecting() bool {
 }
 
 func (mod *HIDRecon) setInjectionMode(address string) error {
-	if err := mod.setSniffMode(address); err != nil {
+	if err := mod.setSniffMode(address, true); err != nil {
 		return err
 	} else if address == "clear" {
 		mod.inInjectMode = false

modules/hid/hid_recon.go

@@ -42,11 +42,13 @@ func (mod *HIDRecon) onDeviceDetected(buf []byte) {
 		if isNew, dev := mod.Session.HID.AddIfNew(addr, mod.channel, payload); isNew {
 			// sniff for a while in order to detect the device type
 			go func() {
-				if err := mod.setSniffMode(dev.Address); err == nil {
+				prevSilent := mod.sniffSilent
+
+				if err := mod.setSniffMode(dev.Address, true); err == nil {
 					mod.Debug("detecting device type ...")
 					defer func() {
 						mod.sniffLock.Unlock()
-						mod.setSniffMode("clear")
+						mod.setSniffMode("clear", prevSilent)
 					}()
 					// make sure nobody can sniff to another
 					// address until we're not done here...

modules/hid/hid_sniff.go

@@ -3,12 +3,15 @@
 package hid
 
 import (
+	"encoding/hex"
 	"fmt"
 	"time"
 
 	"github.com/bettercap/bettercap/network"
 
 	"github.com/bettercap/nrf24"
+
+	"github.com/evilsocket/islazy/str"
 	"github.com/evilsocket/islazy/tui"
 )
 
@@ -16,7 +19,7 @@ func (mod *HIDRecon) isSniffing() bool {
 	return mod.sniffAddrRaw != nil
 }
 
-func (mod *HIDRecon) setSniffMode(mode string) error {
+func (mod *HIDRecon) setSniffMode(mode string, silent bool) error {
 	if !mod.Running() {
 		return fmt.Errorf("please turn hid.recon on")
 	}
@@ -24,11 +27,13 @@ func (mod *HIDRecon) setSniffMode(mode string) error {
 	mod.sniffLock.Lock()
 	defer mod.sniffLock.Unlock()
 
+	mod.sniffSilent = silent
 	mod.inSniffMode = false
 	if mode == "clear" {
 		mod.Debug("restoring recon mode")
 		mod.sniffAddrRaw = nil
 		mod.sniffAddr = ""
+		mod.sniffSilent = true
 	} else {
 		if err, raw := nrf24.ConvertAddress(mode); err != nil {
 			return err
@@ -73,13 +78,20 @@ func (mod *HIDRecon) doPing() {
 func (mod *HIDRecon) onSniffedBuffer(buf []byte) {
 	if sz := len(buf); sz > 0 && buf[0] == 0x00 {
 		buf = buf[1:]
-		mod.Debug("sniffed payload %x for %s", buf, mod.sniffAddr)
+		lf := mod.Info
+		if mod.sniffSilent {
+			lf = mod.Debug
+		}
+		lf("payload for %s : %s", tui.Bold(mod.sniffAddr), str.Trim(hex.Dump(buf)))
 		if dev, found := mod.Session.HID.Get(mod.sniffAddr); found {
 			dev.LastSeen = time.Now()
 			dev.AddPayload(buf)
 			dev.AddChannel(mod.channel)
 		} else {
-			mod.Warning("got a payload for unknown device %s", mod.sniffAddr)
+			if lf = mod.Warning; mod.sniffSilent == false {
+				lf = mod.Debug
+			}
+			lf("got a payload for unknown device %s", mod.sniffAddr)
 		}
 	}
 }