Add verbose mode to Inquisitor for enhanced FTP packet logging

2025-07-11 14:03:55 +02:00 · 2025-07-11 14:03:55 +02:00 · bbd0b003d3
commit bbd0b003d3
parent 0accde8ee2
2 changed files with 15 additions and 4 deletions
--- a/inquisitor/bashrc
+++ b/inquisitor/bashrc
@ -59,6 +59,6 @@ source /opt/venv/bin/activate

 # Custom aliases
 alias inquisitor='python3 /app/src/inquisitor.py $TARGET_IP $TARGET_MAC $GATEWAY_IP $GATEWAY_MAC'
-
+alias inquisitor-verbose='python3 /app/src/inquisitor.py --verbose $TARGET_IP $TARGET_MAC $GATEWAY_IP $GATEWAY_MAC'
 # Custom prompt
 export PS1='\[\033[1;32m\][inquisitor@\h]\[\033[0m\] \[\033[1;34m\]\w\[\033[0m\] $ '
--- a/inquisitor/src/inquisitor.py
+++ b/inquisitor/src/inquisitor.py
@ -35,17 +35,21 @@ def ftp_packet_callback(packet):
    """
    if packet.haslayer('IP') and packet.haslayer('TCP'):
        if packet['TCP'].dport == 21 or packet['TCP'].sport == 21:
+            payload = bytes(packet['TCP'].payload).decode(errors='ignore')
            if b"RETR" in bytes(packet['TCP'].payload):
-                payload = bytes(packet['TCP'].payload).decode(errors='ignore')
                parts = payload.split()
                if "RETR" in parts:
                    idx = parts.index("RETR")
                    if idx + 1 < len(parts):
                        filename = parts[idx + 1]
                        print(f"\033[92mFTP file download detected: {filename} \033[0m")
-            payload = bytes(packet['TCP'].payload).decode(errors='ignore')
-            if payload.startswith("150 "):
+            
+            elif payload.startswith("150 "):
                print(f"\033[94mFTP server response: {payload.strip()} \033[0m")
+            elif verbose:
+                print(f"\033[93mFTP packet: {payload.strip()} \033[0m")
+                    
+            

 def start_sniffing(interface=conf.iface):
    """
@ -101,6 +105,7 @@ def run(target_ip, target_mac, gateway_ip, gateway_mac):
            time.sleep(1) 
            restore(target_ip, target_mac, gateway_ip, gateway_mac)

+verbose = False

 def main():
    parser = argparse.ArgumentParser(description="Inquisitor Command Line Interface")
@ -110,8 +115,14 @@ def main():
    parser.add_argument('target_mac', help='Target MAC address')
    parser.add_argument('gateway_ip', help='Gateway IP address')
    parser.add_argument('gateway_mac', help='Gateway MAC address')
+    parser.add_argument('-v','--verbose', action='store_true', help='Enable verbose output')
    args = parser.parse_args()

+    global verbose
+    verbose = args.verbose
+    if verbose:
+        print("Verbose mode enabled")
+
    def signal_handler(sig, frame):
        print("\nSignal received, stopping Inquisitor...")
        restore(args.target_ip, args.target_mac, args.gateway_ip, args.gateway_mac)