willem/inquisitor
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Enhance Dockerfile to include custom bashrc for interactive shell and improve FTP packet logging in the Python script

Browse Source
This commit is contained in:
whaffman 2025-07-11 13:19:14 +02:00
parent 38902a98e1
commit fb68cd0375
2 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
inquisitor/Dockerfile
View File

@ -25,6 +25,9 @@ RUN python3 -m venv /opt/venv && \
COPY src/ ./src/
COPY entrypoint.sh .
# Copy custom bashrc for interactive shell
COPY bashrc /root/.bashrc
# Make entrypoint script executable
RUN chmod +x entrypoint.sh

3
inquisitor/src/inquisitor.py
View File

@ -40,11 +40,12 @@ def ftp_packet_callback(packet):
"""
if packet.haslayer('IP') and packet.haslayer('TCP'):
if packet['TCP'].dport == 21 or packet['TCP'].sport == 21:
payload = bytes(packet['TCP'].payload).decode(errors='ignore')
print(f"the FTP payload: {payload}")
# print(f"FTP Packet: {packet.summary()}")
if b"RETR" in bytes(packet['TCP'].payload):
# Extract filename from FTP RETR command
payload = bytes(packet['TCP'].payload).decode(errors='ignore')
print(f"the FTP payload: {payload}")
parts = payload.split()
if "RETR" in parts:
idx = parts.index("RETR")