Module: SocketLogger::SocketTracer

Defined in:

plugins/socket_logger.rb

Constant Summary

@@last_id =

0

Instance Attribute Summary

• #context ⇒ Object

  Returns the value of attribute context.

• #params ⇒ Object

  Returns the value of attribute params.

Instance Method Summary

• #close(*args) ⇒ Object
• #format_module_info ⇒ Object
• #format_socket_conn ⇒ Object
• #initlog(path, prefix) ⇒ Object
• #read(length = nil, opts = {}) ⇒ Object

  Hook the read method.

• #write(buf, opts = {}) ⇒ Object

  Hook the write method.

Instance Attribute Details

#context ⇒ Object

Returns the value of attribute context.

# File 'plugins/socket_logger.rb', line 65

def context
  @context
end

#params ⇒ Object

Returns the value of attribute params.

# File 'plugins/socket_logger.rb', line 65

def params
  @params
end

Instance Method Details

#close(*args) ⇒ Object

# File 'plugins/socket_logger.rb', line 82

def close(*args)
  super(*args)
  @fd.close
end

#format_module_info ⇒ Object

# File 'plugins/socket_logger.rb', line 91

def format_module_info
  return '' unless params.context && params.context['MsfExploit']
  if params.context['MsfExploit'].respond_to? :fullname
    return 'via ' + params.context['MsfExploit'].fullname
  end

  'via ' + params.context['MsfExploit'].to_s
end

#format_socket_conn ⇒ Object

# File 'plugins/socket_logger.rb', line 87

def format_socket_conn
  "#{params.proto.upcase} #{params.localhost}:#{params.localport} > #{params.peerhost}:#{params.peerport}"
end

#initlog(path, prefix) ⇒ Object

# File 'plugins/socket_logger.rb', line 100

def initlog(path, prefix)
  @log_path = path
  @log_prefix = prefix
  @log_id = @@last_id
  @@last_id += 1
  @fd = File.open(File.join(@log_path, "#{@log_prefix}#{@log_id}.log"), 'w')
  @fd.puts "Socket created at #{Time.now} (#{Time.now.to_i})"
  @fd.puts "Info: #{format_socket_conn} #{format_module_info}"
  @fd.puts ''
  @fd.flush
end

#read(length = nil, opts = {}) ⇒ Object

Hook the read method

# File 'plugins/socket_logger.rb', line 75

def read(length = nil, opts = {})
  r = super(length, opts)
  @fd.puts "READ\t#{r ? r.length : 0}\t#{Rex::Text.encode_base64(r.to_s)}"
  @fd.flush
  return r
end

#write(buf, opts = {}) ⇒ Object

Hook the write method

# File 'plugins/socket_logger.rb', line 68

def write(buf, opts = {})
  @fd.puts "WRITE\t#{buf.length}\t#{Rex::Text.encode_base64(buf)}"
  @fd.flush
  super(buf, opts)
end