Class: BetterCap::Parsers::Rlogin
- Defined in:
- lib/bettercap/sniffer/parsers/rlogin.rb
Overview
BSD rlogin authentication parser.
Instance Method Summary collapse
-
#initialize ⇒ Rlogin
constructor
A new instance of Rlogin.
- #on_packet(pkt) ⇒ Object
Methods inherited from Base
available, from_cmdline, inherited, load_by_names, load_custom
Constructor Details
#initialize ⇒ Rlogin
Returns a new instance of Rlogin.
17 18 19 |
# File 'lib/bettercap/sniffer/parsers/rlogin.rb', line 17 def initialize @name = 'RLOGIN' end |
Instance Method Details
#on_packet(pkt) ⇒ Object
20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 |
# File 'lib/bettercap/sniffer/parsers/rlogin.rb', line 20 def on_packet( pkt ) begin if pkt.tcp_dst == 513 # rlogin packet data = 0x00[client-username]0x00<server-username>0x00<terminal/speed>0x00 # if client username, server username and terminal/speed were supplied... # regex starts at client username as the first null byte is stripped from pkt.payload.to_s if pkt.payload.to_s =~ /\A([a-z0-9_-]+)\x00([a-z0-9_-]+)\x00([a-z0-9_-]+\/[0-9]+)\x00\Z/i client_user = $1 server_user = $2 terminal = $3 StreamLogger.log_raw( pkt, @name, "client-username=#{client_user} server-username=#{server_user} terminal=#{terminal}" ) # else, if only server username and terminal/speed were supplied... # regex starts at 0x00 as the first null byte is stripped from pkt.payload.to_s and the client username is empty elsif pkt.payload.to_s =~ /\A\x00([a-z0-9_-]+)\x00([a-z0-9_-]+\/[0-9]+)\x00\Z/i server_user = $1 terminal = $2 StreamLogger.log_raw( pkt, @name, "server-username=#{server_user} terminal=#{terminal}" ) end end rescue end end |