github/bettercap
1
0
Fork 0
mirror of https://github.com/bettercap/bettercap.git synced 2024-11-08 06:30:13 -08:00
Code Issues Packages Projects Releases Wiki Activity
master
bettercap/modules/net_sniff/net_sniff_krb5.go
Simone Margaritelli 2659a559c9 fix: using proper v2 package suffix (fixes #727)
2024-08-09 18:19:21 +02:00

45 lines
796 B
Go
Raw Permalink Blame History

package net_sniff
import (
"encoding/asn1"
"net"
"github.com/bettercap/bettercap/v2/packets"
"github.com/google/gopacket"
"github.com/google/gopacket/layers"
"github.com/evilsocket/islazy/tui"
)
func krb5Parser(srcIP, dstIP net.IP, payload []byte, pkt gopacket.Packet, udp *layers.UDP) bool {
if udp.DstPort != 88 {
return false
}
var req packets.Krb5Request
_, err := asn1.UnmarshalWithParams(udp.Payload, &req, packets.Krb5AsReqParam)
if err != nil {
return false
}
if s, err := req.String(); err == nil {
NewSnifferEvent(
pkt.Metadata().Timestamp,
"krb5",
srcIP.String(),
dstIP.String(),
nil,
"%s %s -> %s : %s",
tui.Wrap(tui.BACKRED+tui.FOREBLACK, "krb-as-req"),
vIP(srcIP),
vIP(dstIP),
s,
).Push()
return true
}
return false
}
Reference in New Issue View Git Blame Copy Permalink