New --log-http-response option.

evilsocket · Aug 26, 2016 · 0121ce9 · 0121ce9
1 parent 4d1a8f2
commit 0121ce9
Show file tree

Hide file tree

Showing 2 changed files with 42 additions and 2 deletions.
diff --git a/lib/bettercap/options/proxy_options.rb b/lib/bettercap/options/proxy_options.rb
@@ -36,6 +36,8 @@ class ProxyOptions
   attr_accessor :sslstrip
   # If true, direct connections to the IP of this machine will be allowed.
   attr_accessor :allow_local_connections
+  # If true, log HTTP responses too.
+  attr_accessor :log_response
   # If true, TCP proxy will be enabled.
   attr_accessor :tcp_proxy
   # TCP proxy local port.
@@ -69,6 +71,7 @@ def initialize
     @proxy_module = nil
     @sslstrip = true
     @allow_local_connections = false
+    @log_response = false
 
     @tcp_proxy = false
     @tcp_proxy_port = 2222
@@ -160,6 +163,10 @@ def parse!( ctx, opts )
       @sslstrip = false
     end
 
+    opts.on( '--log-http-response', 'Log HTTP responses.' ) do
+      @log_response = true
+    end
+
     opts.on( '--proxy-module MODULE', "Ruby proxy module to load, either a custom file or one of the following: #{Proxy::HTTP::Module.available.map{|x| x.yellow}.join(', ')}." ) do |v|
       Proxy::HTTP::Module.load(ctx, opts, v)
       @proxy = true

diff --git a/lib/bettercap/proxy/stream_logger.rb b/lib/bettercap/proxy/stream_logger.rb
@@ -130,11 +130,11 @@ def self.dump_json( request )
   def self.log_post( request )
     # the packet could be incomplete
     if request.post? and !request.body.nil? and !request.body.empty?
-      msg = "\n[#{'HEADERS'.green}]\n\n"
+      msg = "\n[#{'REQUEST HEADERS'.green}]\n\n"
       request.headers.each do |name,value|
         msg << "  #{name.blue} : #{value.yellow}\n"
       end
-      msg << "\n[#{'BODY'.green}]\n\n"
+      msg << "\n[#{'REQUEST BODY'.green}]\n\n"
 
       case request['Content-Type']
       when /application\/x-www-form-urlencoded.*/i
@@ -157,6 +157,34 @@ def self.log_post( request )
     end
   end
 
+  # This method will log every header and the body of +response+.
+  def self.log_response( response )
+    msg = "\n[#{'RESPONSE HEADERS'.light_red}]\n\n"
+    response.headers.each do |name,value|
+      msg << "  #{name.blue} : #{value.to_s.yellow}\n"
+    end
+    msg << "\n[#{'RESPONSE BODY'.light_red}]\n\n"
+
+    case response['Content-Type']
+    when /application\/x-www-form-urlencoded.*/i
+      msg << self.dump_form( response )
+
+    when /text\/plain.*/i
+      msg << response.body + "\n"
+
+    when /gzip.*/i
+      msg << self.dump_gzip( response )
+
+    when /application\/json.*/i
+      msg << self.dump_json( response )
+
+    else
+      msg << self.hexdump( response.body )
+    end
+
+    Logger.raw "#{msg}\n"
+  end
+
   # Log a HTTP ( HTTPS if +is_https+ is true ) stream performed by the +client+
   # with the +request+ and +response+ most important informations.
   def self.log_http( request, response )
@@ -172,10 +200,15 @@ def self.log_http( request, response )
     end
 
     Logger.raw "[#{self.addr2s(request.client)}] #{request.method.light_blue} #{request_s}#{response_s}"
+
     # Log post body if the POST sniffer is enabled.
     if Context.get.options.sniff.enabled?('POST')
       self.log_post( request )
     end
+
+    if Context.get.options.proxies.log_response
+      self.log_response( response )
+    end
   end
 end
 end