This repository has been archived by the owner on Aug 3, 2022. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 9
/
Copy pathmsflogdump
executable file
·98 lines (81 loc) · 2.17 KB
/
msflogdump
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
#!/usr/bin/perl
##
# Name: msflogdump
# Author: spoonm <ninjatools [at] hush.com>
# Version: $Revision$
# Description: Simple utility to view log files created with msf
# License:
#
# This file is part of the Metasploit Exploit Framework
# and is subject to the same licenses and copyrights as
# the rest of this package.
#
##
use Getopt::Std;
use strict;
no utf8;
no locale;
my $VERSION = '$Revision$';
my %opts;
getopts('hv', \%opts);
Version() if($opts{'v'});
if ($opts{'h'} || ! scalar(@ARGV)) {
Usage();
}
# heh, shokdial is good for something
my $NORMAL = "\033[0m";
my $BLUE = "\033[34m";
my $RED = "\033[31m";
foreach my $filename (@ARGV) {
open(INFILE, "<$filename") or do { print STDOUT "Error opening $_: $!\n"; next; };
my $printmode = 2; # this variable keeps track of what the last line printed was,
# it is 0 if the line was from the client and 1 if it was from the server
# this value is used to only put a timestamp on the first of a series of lines
# from a given source.
while(<INFILE>) {
s/\r//g;
chomp;
if(/Socket(In|Out): ([^ ]+) ([^ ]+)/ig) {
my $in = $1;
my $src = $2;
my $dest = $3;
print "Socket$in: $BLUE$src$NORMAL -> $RED$dest$NORMAL\n";
print "-" x 60 . "\n" if($in eq 'Out');
}
elsif(/(.*?) CLIENT (.*)/ig) {
if ($printmode != 0) {
print '[' . localtime($1) . '] ' . $BLUE . HexToAscii($2) . $NORMAL;
$printmode = 0;
} else {
print $BLUE . HexToAscii($2) . $NORMAL . "\n";
}
}
elsif(/(.*?) SERVER (.*)/ig) {
if ($printmode != 1) {
print '[' . localtime($1) . '] ' . $RED . HexToAscii($2) . $NORMAL;
$printmode = 1;
} else {
print $RED . HexToAscii($2) . $NORMAL . "\n";
}
}
else {
print $_ . "\n";
}
}
}
sub HexToAscii {
my $hex = shift;
$hex =~ s/([0-9a-f]{2})/chr(hex($1))/egi;
return($hex);
}
sub Usage {
print STDERR "\nUsage: $0 <~/.msf/logs/session_logfile_path.log>\n\n";
exit(0);
}
sub Version {
my $ver = Pex::Utils::Rev2Ver($VERSION);
print STDERR qq{
Msflogdump Version: $ver
};
exit(0);
}