willem/inquisitor
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add verbose mode to Inquisitor for enhanced FTP packet logging

Browse Source
This commit is contained in:
whaffman 2025-07-11 14:03:55 +02:00
parent 0accde8ee2
commit bbd0b003d3
2 changed files with 15 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
inquisitor/bashrc
View File

@ -59,6 +59,6 @@ source /opt/venv/bin/activate
# Custom aliases # Custom aliases
alias inquisitor='python3 /app/src/inquisitor.py $TARGET_IP $TARGET_MAC $GATEWAY_IP $GATEWAY_MAC' alias inquisitor='python3 /app/src/inquisitor.py $TARGET_IP $TARGET_MAC $GATEWAY_IP $GATEWAY_MAC'
alias inquisitor-verbose='python3 /app/src/inquisitor.py --verbose $TARGET_IP $TARGET_MAC $GATEWAY_IP $GATEWAY_MAC'
# Custom prompt # Custom prompt
export PS1='\[\033[1;32m\][inquisitor@\h]\[\033[0m\] \[\033[1;34m\]\w\[\033[0m\] $ ' export PS1='\[\033[1;32m\][inquisitor@\h]\[\033[0m\] \[\033[1;34m\]\w\[\033[0m\] $ '

17
inquisitor/src/inquisitor.py
View File

@ -35,17 +35,21 @@ def ftp_packet_callback(packet):
""" """
if packet.haslayer('IP') and packet.haslayer('TCP'): if packet.haslayer('IP') and packet.haslayer('TCP'):
if packet['TCP'].dport == 21 or packet['TCP'].sport == 21: if packet['TCP'].dport == 21 or packet['TCP'].sport == 21:
payload = bytes(packet['TCP'].payload).decode(errors='ignore')
if b"RETR" in bytes(packet['TCP'].payload): if b"RETR" in bytes(packet['TCP'].payload):
payload = bytes(packet['TCP'].payload).decode(errors='ignore')
parts = payload.split() parts = payload.split()
if "RETR" in parts: if "RETR" in parts:
idx = parts.index("RETR") idx = parts.index("RETR")
if idx + 1 < len(parts): if idx + 1 < len(parts):
filename = parts[idx + 1] filename = parts[idx + 1]
print(f"\033[92mFTP file download detected: {filename} \033[0m") print(f"\033[92mFTP file download detected: {filename} \033[0m")
payload = bytes(packet['TCP'].payload).decode(errors='ignore')
if payload.startswith("150 "): elif payload.startswith("150 "):
print(f"\033[94mFTP server response: {payload.strip()} \033[0m") print(f"\033[94mFTP server response: {payload.strip()} \033[0m")
elif verbose:
print(f"\033[93mFTP packet: {payload.strip()} \033[0m")
def start_sniffing(interface=conf.iface): def start_sniffing(interface=conf.iface):
""" """
@ -101,6 +105,7 @@ def run(target_ip, target_mac, gateway_ip, gateway_mac):
time.sleep(1) time.sleep(1)
restore(target_ip, target_mac, gateway_ip, gateway_mac) restore(target_ip, target_mac, gateway_ip, gateway_mac)
verbose = False
def main(): def main():
parser = argparse.ArgumentParser(description="Inquisitor Command Line Interface") parser = argparse.ArgumentParser(description="Inquisitor Command Line Interface")
@ -110,8 +115,14 @@ def main():
parser.add_argument('target_mac', help='Target MAC address') parser.add_argument('target_mac', help='Target MAC address')
parser.add_argument('gateway_ip', help='Gateway IP address') parser.add_argument('gateway_ip', help='Gateway IP address')
parser.add_argument('gateway_mac', help='Gateway MAC address') parser.add_argument('gateway_mac', help='Gateway MAC address')
parser.add_argument('-v','--verbose', action='store_true', help='Enable verbose output')
args = parser.parse_args() args = parser.parse_args()
global verbose
verbose = args.verbose
if verbose:
print("Verbose mode enabled")
def signal_handler(sig, frame): def signal_handler(sig, frame):
print("\nSignal received, stopping Inquisitor...") print("\nSignal received, stopping Inquisitor...")
restore(args.target_ip, args.target_mac, args.gateway_ip, args.gateway_mac) restore(args.target_ip, args.target_mac, args.gateway_ip, args.gateway_mac)