maride/pancap
1
0
Fork 0
mirror of https://github.com/maride/pancap.git synced 2024-11-22 00:44:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add file manager, storing extracted files

Browse Source
This commit is contained in:
maride 2020-01-08 16:34:31 +01:00
parent cd01dc7664
commit 1217153e78
4 changed files with 24 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
main.go
View File

@ -33,9 +33,15 @@ func main() {
log.Fatalf("Error occurred while analyzing: %s", analyzeErr.Error()) log.Fatalf("Error occurred while analyzing: %s", analyzeErr.Error())
} }
// Extract found and requested files
output.StoreFiles()
// Show user analysis // Show user analysis
analyze.PrintSummary() analyze.PrintSummary()
// Print filemanager summary
output.PrintSummary()
// Finalize output // Finalize output
output.Finalize() output.Finalize()
} }

6
output/flag.go
View File

@ -5,11 +5,17 @@ import "flag"
var ( var (
fullOutput *bool fullOutput *bool
printEmptyBlocks *bool printEmptyBlocks *bool
targetFiles *string
targetAllFiles *bool
targetOutput *string
) )
func RegisterFlags() { func RegisterFlags() {
fullOutput = flag.Bool("full-output", false, "Show full output instead of limiting submodule output") fullOutput = flag.Bool("full-output", false, "Show full output instead of limiting submodule output")
printEmptyBlocks = flag.Bool("print-empty-blocks", false, "Prints blocks (submodule output) even if the submodule doesn't have any content to print.") printEmptyBlocks = flag.Bool("print-empty-blocks", false, "Prints blocks (submodule output) even if the submodule doesn't have any content to print.")
targetFiles = flag.String("extract-these", "", "Comma-separated list of files to extract.")
targetAllFiles = flag.Bool("extract-all", false, "Extract all files found.")
targetOutput = flag.String("extract-to", "./extracted", "Directory to store extracted files in.")
} }

6
output/output.go
View File

@ -17,4 +17,10 @@ func Finalize() {
// We did - inform user about this // We did - inform user about this
printer.Println("Some submodule output was hidden. Add --print-empty-blocks to show it.") printer.Println("Some submodule output was hidden. Add --print-empty-blocks to show it.")
} }
// Check if the user didn't use the file extract option, although there were files available to extract
if extractedFiles == 0 && len(registeredFiles) > 0 {
// User avoided the files
printer.Println("Files found in stream. Add --extract-all or --extract-these <list> to extract them.")
}
} }

7
protocol/http/httpResponseFactory.go
View File

@ -3,10 +3,12 @@ package http
import ( import (
"bufio" "bufio"
"fmt" "fmt"
"git.darknebu.la/maride/pancap/output"
"github.com/google/gopacket" "github.com/google/gopacket"
"github.com/google/gopacket/tcpassembly" "github.com/google/gopacket/tcpassembly"
"github.com/google/gopacket/tcpassembly/tcpreader" "github.com/google/gopacket/tcpassembly/tcpreader"
"io" "io"
"io/ioutil"
"net/http" "net/http"
) )
@ -48,9 +50,12 @@ func (h *httpResponseStream) run() {
// Ignore, because it may be a request // Ignore, because it may be a request
} else { } else {
// Try to process assembled request // Try to process assembled request
tcpreader.DiscardBytesToEOF(resp.Body) fileBytes, _ := ioutil.ReadAll(resp.Body)
resp.Body.Close() resp.Body.Close()
// Register file in filemanager
output.RegisterFile("", fileBytes, "HTTP response")
// Build summary // Build summary
line := fmt.Sprintf("Response %s, Type %s, Size %d bytes", resp.Status, resp.Header.Get("Content-Type"), resp.ContentLength) line := fmt.Sprintf("Response %s, Type %s, Size %d bytes", resp.Status, resp.Header.Get("Content-Type"), resp.ContentLength)
responseSummaryLines = append(responseSummaryLines, line) responseSummaryLines = append(responseSummaryLines, line)