Class: BetterCap::Parsers::NTLMSS
- Defined in:
- lib/bettercap/sniffer/parsers/ntlmss.rb
Overview
NTLMSS authentication parser.
Instance Method Summary collapse
Methods inherited from Base
available, from_cmdline, inherited, #initialize, load_by_names, load_custom
Constructor Details
This class inherits a constructor from BetterCap::Parsers::Base
Instance Method Details
#on_packet(pkt) ⇒ Object
18 19 20 21 22 23 24 25 26 27 28 29 30 31 |
# File 'lib/bettercap/sniffer/parsers/ntlmss.rb', line 18 def on_packet( pkt ) packet = Network::Protos::NTLM::Packet.parse( pkt.payload ) if !packet.nil? and packet.is_auth? msg = "NTLMSSP Authentication:\n" msg += " #{'LM Response'.blue} : #{packet.lm_response.map { |x| sprintf("%02X", x )}.join.yellow}\n" msg += " #{'NTLM Response'.blue} : #{packet.ntlm_response.map { |x| sprintf("%02X", x )}.join.yellow}\n" msg += " #{'Domain Name'.blue} : #{packet.domain_name.yellow}\n" msg += " #{'User Name'.blue} : #{packet.user_name.yellow}\n" msg += " #{'Host Name'.blue} : #{packet.host_name.yellow}\n" msg += " #{'Session Key'.blue} : #{packet.session_key_resp.map { |x| sprintf("%02X", x )}.join.yellow}" StreamLogger.log_raw( pkt, 'NTLM', msg ) end end |