CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!
Path: blob/master/lib/rex/post/meterpreter/extensions/sniffer/sniffer.rb
Views: 1904
# -*- coding: binary -*-12require 'rex/post/meterpreter/extensions/sniffer/tlv'3require 'rex/post/meterpreter/extensions/sniffer/command_ids'4require 'rex/post/meterpreter/extension'56module Rex7module Post8module Meterpreter9module Extensions10module Sniffer1112###13#14# This meterpreter extension can be used to capture remote traffic15#16###17class Sniffer < Extension1819def self.extension_id20EXTENSION_ID_SNIFFER21end2223def initialize(client)24super(client, 'sniffer')2526client.register_extension_aliases(27[28{29'name' => 'sniffer',30'ext' => self31},32])33end343536# Enumerate the remote sniffable interfaces37def interfaces()38ifaces = []39request = Packet.create_request(COMMAND_ID_SNIFFER_INTERFACES)40response = client.send_request(request)41response.each(TLV_TYPE_SNIFFER_INTERFACES) { |p|42vals = p.tlvs.map{|x| x.value }43iface = { }44if vals.length == 845# Windows46ikeys = %W{idx name description type mtu wireless usable dhcp}47else48# Mettle49ikeys = %W{idx name description usable}50end51ikeys.each_index { |i| iface[ikeys[i]] = vals[i] }52ifaces << iface53}54return ifaces55end5657# Start a packet capture on an opened interface58def capture_start(intf,maxp=200000,filter="")59request = Packet.create_request(COMMAND_ID_SNIFFER_CAPTURE_START)60request.add_tlv(TLV_TYPE_SNIFFER_INTERFACE_ID, intf.to_i)61request.add_tlv(TLV_TYPE_SNIFFER_PACKET_COUNT, maxp.to_i)62request.add_tlv(TLV_TYPE_SNIFFER_ADDITIONAL_FILTER, filter) if filter.length > 063client.send_request(request)64end6566# Stop an active packet capture67def capture_stop(intf)68request = Packet.create_request(COMMAND_ID_SNIFFER_CAPTURE_STOP)69request.add_tlv(TLV_TYPE_SNIFFER_INTERFACE_ID, intf.to_i)70response = client.send_request(request)71{72:packets => response.get_tlv_value(TLV_TYPE_SNIFFER_PACKET_COUNT),73:bytes => response.get_tlv_value(TLV_TYPE_SNIFFER_BYTE_COUNT),74}75end7677# Retrieve stats about a current capture78def capture_stats(intf)79request = Packet.create_request(COMMAND_ID_SNIFFER_CAPTURE_STATS)80request.add_tlv(TLV_TYPE_SNIFFER_INTERFACE_ID, intf.to_i)81response = client.send_request(request)82{83:packets => response.get_tlv_value(TLV_TYPE_SNIFFER_PACKET_COUNT),84:bytes => response.get_tlv_value(TLV_TYPE_SNIFFER_BYTE_COUNT),85}86end8788# Release packets from a current capture89def capture_release(intf)90request = Packet.create_request(COMMAND_ID_SNIFFER_CAPTURE_RELEASE)91request.add_tlv(TLV_TYPE_SNIFFER_INTERFACE_ID, intf.to_i)92response = client.send_request(request)93{94:packets => response.get_tlv_value(TLV_TYPE_SNIFFER_PACKET_COUNT),95:bytes => response.get_tlv_value(TLV_TYPE_SNIFFER_BYTE_COUNT),96}97end9899# Buffer the current capture to a readable buffer100def capture_dump(intf)101request = Packet.create_request(COMMAND_ID_SNIFFER_CAPTURE_DUMP)102request.add_tlv(TLV_TYPE_SNIFFER_INTERFACE_ID, intf.to_i)103response = client.send_request(request, 3600)104{105:packets => response.get_tlv_value(TLV_TYPE_SNIFFER_PACKET_COUNT),106:bytes => response.get_tlv_value(TLV_TYPE_SNIFFER_BYTE_COUNT),107:linktype => response.get_tlv_value(TLV_TYPE_SNIFFER_INTERFACE_ID) || 1,108}109end110111# Retrieve the packet data for the specified capture112def capture_dump_read(intf, len=16384)113request = Packet.create_request(COMMAND_ID_SNIFFER_CAPTURE_DUMP_READ)114request.add_tlv(TLV_TYPE_SNIFFER_INTERFACE_ID, intf.to_i)115request.add_tlv(TLV_TYPE_SNIFFER_BYTE_COUNT, len.to_i)116response = client.send_request(request, 3600)117{118:bytes => response.get_tlv_value(TLV_TYPE_SNIFFER_BYTE_COUNT),119:data => response.get_tlv_value(TLV_TYPE_SNIFFER_PACKET)120}121end122123end124125end; end; end; end; end126127128