Enhance Dockerfile to include custom bashrc for interactive shell and improve FTP packet logging in the Python script

inquisitor/Dockerfile

@@ -25,6 +25,9 @@ RUN python3 -m venv /opt/venv && \
 COPY src/ ./src/
 COPY entrypoint.sh .
 
+# Copy custom bashrc for interactive shell
+COPY bashrc /root/.bashrc
+
 # Make entrypoint script executable
 RUN chmod +x entrypoint.sh
 

inquisitor/src/inquisitor.py

@@ -40,11 +40,12 @@ def ftp_packet_callback(packet):
     """
     if packet.haslayer('IP') and packet.haslayer('TCP'):
         if packet['TCP'].dport == 21 or packet['TCP'].sport == 21:
+            payload = bytes(packet['TCP'].payload).decode(errors='ignore')
+            print(f"the FTP payload: {payload}")
             # print(f"FTP Packet: {packet.summary()}") 
             if b"RETR" in bytes(packet['TCP'].payload):
                 # Extract filename from FTP RETR command
                 payload = bytes(packet['TCP'].payload).decode(errors='ignore')
-                print(f"the FTP payload: {payload}")
                 parts = payload.split()
                 if "RETR" in parts:
                     idx = parts.index("RETR")