HAK5/packetsquirrel-payloads
1
0
Fork 0
mirror of https://github.com/hak5/packetsquirrel-payloads.git synced 2025-12-19 17:58:49 +00:00
Code Issues Packages Projects Releases Wiki Activity

Capturing Credentials Submitted via HTTP

Browse Source 
This payload uses *inotifywait* and *DYNAMICPROXY* to monitor the HTTP POST data streams generated by a client and extract sensitive information using *awk*.
This commit is contained in:
TW-D
2025-12-03 07:57:54 -05:00
committed by GitHub
parent 2a7390801d
commit 1c86254f9e
3 changed files with 133 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
payloads/credentials/capturing-http-credentials/README.md Normal file
View File

@@ -0,0 +1,22 @@
# Capturing Credentials Submitted via HTTP
- Author: TW-D
- Version: 1.0
- Category: Credentials
- Netmode: NAT
## Prerequisite
Packet Squirrel Mark II
## Description
This payload uses *inotifywait* and *DYNAMICPROXY* to monitor the HTTP POST data streams generated by a client and extract sensitive information using *awk*.
## Configuration
In the **./modules/login_request.awk** file, you can improve the regular expression, contained in the **login_patterns** variable (L3), by adding new HTTP parameters. Additionally, you can add new *AWK* files to the **./modules/** directory; they will be automatically taken into account.
## Usage
The captured credentials will be available in the file **./loots/credentials/<TIMESTAMP>.log**.