-
Notifications
You must be signed in to change notification settings - Fork 13.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add support for HTTP POST and Basic Auth to psnuffle #10315
Conversation
} | ||
end | ||
|
||
def parse(pkt) | ||
# We want to return immediantly if we do not have a packet which is handled by us | ||
# We want to return immediatly if we do not have a packet which is handled by us |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Immediately.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is the only thing I'd change for sure. :-)
class SnifferURL < BaseProtocolParser | ||
def register_sigs | ||
self.sigs = { | ||
:get => /^GET\s+([^\n]+)\s+HTTP\/\d\.\d/i, | ||
:webhost => /^HOST\:\s+([^\n\r]+)/i, | ||
:get => /^GET\s+([^\n]+)\s+HTTP\/\d\.\d/i, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Prefer get:
, etc.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Assuming you're keeping the style because no one really uses this anymore anyway.
end | ||
if s[:basic_auth] | ||
s[:user], s[:pass] = Rex::Text.decode_base64(s[:basic_auth]).split(':', 2) | ||
report_auth_info s |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Same down here re style. No one really uses this. I'd change it to store_valid_credential
, but there are other calls to pSnuffle's report_auth_info
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Left it the same for consistency. Figured I someone would update all the report_auth_info
in one go. I left it out for now to prevent merge conflicts.
@@ -1,22 +1,24 @@ | |||
# Psnuffle password sniffer add-on class for HTTP GET URL's | |||
# Psnuffle password sniffer add-on class for HTTP URLs |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This file isn't even in the right place. :/
Release NotesHTTP POST and basic authentication support has been added to pSnuffle. |
This PR adds support for HTTP POST and Basic Authentication to psnuffle.
From the does-anyone-even-use-this department.
This code is pretty bad. It's probably not even correct. The psnuffle codebase did not age well, the code comments are a lie, and the documentation does not exist.
Also, I removed
sessions.delete(s[:session])
. Seems like that was probably important to prevent using tonnes of memory.¯\_(ツ)_/¯
Test
HTTP Basic Authentication
Marvel at this beautiful output.
HTTP POST