Class: BetterCap::Parsers::Ntlmss

Inherits:
Base
  • Object
show all
Defined in:
lib/bettercap/sniffer/parsers/ntlmss.rb

Overview

NTLMSS traffic parser.

Instance Method Summary collapse

Methods inherited from Base

#initialize

Constructor Details

This class inherits a constructor from BetterCap::Parsers::Base

Instance Method Details

#bin2hex(data) ⇒ Object

Convert binary data into human readable hexadecimal representation.


20
21
22
23
24
25
26
27
28
29
30
# File 'lib/bettercap/sniffer/parsers/ntlmss.rb', line 20

def bin2hex( data )
  hex = ''
  data.each_byte do |byte|
    if /[[:print:]]/ === byte.chr
      hex += byte.chr
    else
      hex += "\\x" + byte.to_s(16)
    end
  end
  hex
end

#on_packet(pkt) ⇒ Object


32
33
34
35
36
37
38
# File 'lib/bettercap/sniffer/parsers/ntlmss.rb', line 32

def on_packet( pkt )
  s = pkt.to_s
  if s =~ /NTLMSSP\x00\x03\x00\x00\x00.+/
    # TODO: Parse NTLMSSP packet.
    StreamLogger.log_raw( pkt, 'NTLMSS', bin2hex( pkt.payload ) )
  end
end