diff --git a/lib/bettercap/options/proxy_options.rb b/lib/bettercap/options/proxy_options.rb index 05b272d7..56184a64 100644 --- a/lib/bettercap/options/proxy_options.rb +++ b/lib/bettercap/options/proxy_options.rb @@ -36,6 +36,8 @@ class ProxyOptions attr_accessor :sslstrip # If true, direct connections to the IP of this machine will be allowed. attr_accessor :allow_local_connections + # If true, log HTTP responses too. + attr_accessor :log_response # If true, TCP proxy will be enabled. attr_accessor :tcp_proxy # TCP proxy local port. @@ -69,6 +71,7 @@ def initialize @proxy_module = nil @sslstrip = true @allow_local_connections = false + @log_response = false @tcp_proxy = false @tcp_proxy_port = 2222 @@ -160,6 +163,10 @@ def parse!( ctx, opts ) @sslstrip = false end + opts.on( '--log-http-response', 'Log HTTP responses.' ) do + @log_response = true + end + opts.on( '--proxy-module MODULE', "Ruby proxy module to load, either a custom file or one of the following: #{Proxy::HTTP::Module.available.map{|x| x.yellow}.join(', ')}." ) do |v| Proxy::HTTP::Module.load(ctx, opts, v) @proxy = true diff --git a/lib/bettercap/proxy/stream_logger.rb b/lib/bettercap/proxy/stream_logger.rb index f1fbaeae..7eb54b91 100644 --- a/lib/bettercap/proxy/stream_logger.rb +++ b/lib/bettercap/proxy/stream_logger.rb @@ -130,11 +130,11 @@ def self.dump_json( request ) def self.log_post( request ) # the packet could be incomplete if request.post? and !request.body.nil? and !request.body.empty? - msg = "\n[#{'HEADERS'.green}]\n\n" + msg = "\n[#{'REQUEST HEADERS'.green}]\n\n" request.headers.each do |name,value| msg << " #{name.blue} : #{value.yellow}\n" end - msg << "\n[#{'BODY'.green}]\n\n" + msg << "\n[#{'REQUEST BODY'.green}]\n\n" case request['Content-Type'] when /application\/x-www-form-urlencoded.*/i @@ -157,6 +157,34 @@ def self.log_post( request ) end end + # This method will log every header and the body of +response+. + def self.log_response( response ) + msg = "\n[#{'RESPONSE HEADERS'.light_red}]\n\n" + response.headers.each do |name,value| + msg << " #{name.blue} : #{value.to_s.yellow}\n" + end + msg << "\n[#{'RESPONSE BODY'.light_red}]\n\n" + + case response['Content-Type'] + when /application\/x-www-form-urlencoded.*/i + msg << self.dump_form( response ) + + when /text\/plain.*/i + msg << response.body + "\n" + + when /gzip.*/i + msg << self.dump_gzip( response ) + + when /application\/json.*/i + msg << self.dump_json( response ) + + else + msg << self.hexdump( response.body ) + end + + Logger.raw "#{msg}\n" + end + # Log a HTTP ( HTTPS if +is_https+ is true ) stream performed by the +client+ # with the +request+ and +response+ most important informations. def self.log_http( request, response ) @@ -172,10 +200,15 @@ def self.log_http( request, response ) end Logger.raw "[#{self.addr2s(request.client)}] #{request.method.light_blue} #{request_s}#{response_s}" + # Log post body if the POST sniffer is enabled. if Context.get.options.sniff.enabled?('POST') self.log_post( request ) end + + if Context.get.options.proxies.log_response + self.log_response( response ) + end end end end