Class: Msf::Plugin::PcapLog

Inherits:

Msf::Plugin

• Object
• Msf::Plugin
• Msf::Plugin::PcapLog

Defined in:

plugins/pcap_log.rb

Defined Under Namespace

Classes: PcapLogDispatcher

Constant Summary

PCAP_FILE_HEADER =

Only little-endian is supported in this implementation.

"\xD4\xC3\xB2\xA1\x02\x00\x04\x00\x00\x00\x00\x00\x00\x00\x00\x00`\x00\x00\x00\x01\x00\x00\x00".freeze

Instance Attribute Summary

Attributes inherited from Msf::Plugin

#opts

Attributes included from Framework::Offspring

#framework

Instance Method Summary

• #cleanup ⇒ Object

  Kill the background thread.

• #desc ⇒ Object
• #initialize(framework, opts) ⇒ PcapLog constructor

  A new instance of PcapLog.

• #name ⇒ Object

Methods inherited from Msf::Plugin

#add_console_dispatcher, create, #flush, #input, #output, #print, #print_error, #print_good, #print_line, #print_status, #print_warning, #remove_console_dispatcher

Constructor Details

#initialize(framework, opts) ⇒ PcapLog

Returns a new instance of PcapLog.

# File 'plugins/pcap_log.rb', line 168

def initialize(framework, opts)
  super
  add_console_dispatcher(PcapLogDispatcher)
  print_status 'PcapLog plugin loaded.'
end

Instance Method Details

#cleanup ⇒ Object

Kill the background thread

# File 'plugins/pcap_log.rb', line 175

def cleanup
  @capture_thread.kill if @capture_thread && @capture_thread.alive?
  @capture_file.close if @capture_file.respond_to? :close
  remove_console_dispatcher('PcapLog')
end

#desc ⇒ Object

# File 'plugins/pcap_log.rb', line 185

def desc
  'Logs all socket operations to pcaps (in /tmp by default)'
end

#name ⇒ Object

# File 'plugins/pcap_log.rb', line 181

def name
  'pcap_log'
end