Class: BetterCap::Parsers::Httpauth

Inherits:
Base
  • Object
show all
Defined in:
lib/bettercap/sniffer/parsers/httpauth.rb

Overview

HTTP basic and digest authentication parser.

Instance Method Summary collapse

Methods inherited from Base

#initialize

Constructor Details

This class inherits a constructor from BetterCap::Parsers::Base

Instance Method Details

#on_packet(pkt) ⇒ Object


20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
# File 'lib/bettercap/sniffer/parsers/httpauth.rb', line 20

def on_packet( pkt )
  lines = pkt.to_s.split("\n")
  hostname = nil
  path = nil

  lines.each do |line|
    if line =~ /[A-Z]+\s+(\/[^\s]+)\s+HTTP\/\d\.\d/
      path = $1

    elsif line =~ /Host:\s*([^\s]+)/i
      hostname = $1

    elsif line =~ /Authorization:\s*Basic\s+([^\s]+)/i
      encoded = $1
      decoded = Base64.decode64(encoded)
      user, pass = decoded.split(':')

      StreamLogger.log_raw( pkt, 'HTTP BASIC AUTH', "http://#{hostname}#{path} - username=#{user} password=#{pass}".yellow )

    elsif line =~ /Authorization:\s*Digest\s+(.+)/i
      StreamLogger.log_raw( pkt, 'HTTP DIGEST AUTH', "http://#{hostname}#{path}\n#{$1}".yellow )
    end
  end
end