Class: BetterCap::Parsers::PgSQL
- Defined in:
- lib/bettercap/sniffer/parsers/pgsql.rb
Overview
PgSQL authentication parser.
Constant Summary collapse
- STARTUP_EXPR =
/....\x00\x03\x00\x00user\x00([^\x00]+)\x00database\x00([^\x00]+)/- MD5_AUTH_REQ_EXPR =
/\x52....\x00\x00\x00\x05(....)/- MD5_PASSWORD_EXPR =
/\x70....md5(.+)/
Instance Method Summary collapse
Methods inherited from Base
available, from_cmdline, inherited, #initialize, load_by_names, load_custom
Constructor Details
This class inherits a constructor from BetterCap::Parsers::Base
Instance Method Details
#on_packet(pkt) ⇒ Object
22 23 24 25 26 27 28 29 30 31 32 33 |
# File 'lib/bettercap/sniffer/parsers/pgsql.rb', line 22 def on_packet( pkt ) if pkt.payload =~ STARTUP_EXPR StreamLogger.log_raw( pkt, 'PGSQL', "STARTUP #{'username'.blue}='#{$1.yellow}' #{'database'.blue}='#{$2.yellow}'" ) elsif pkt.payload =~ MD5_AUTH_REQ_EXPR salt = $1.reverse.unpack('L')[0] StreamLogger.log_raw( pkt, 'PGSQL', "MD5 AUTH REQUEST #{'salt'.blue}=#{sprintf("0x%X", salt).yellow}" ) elsif pkt.payload =~ MD5_PASSWORD_EXPR StreamLogger.log_raw( pkt, 'PGSQL', "PASSWORD #{'md5'.blue}='#{$1.yellow}'" ) end end |