3 var sys = require("sys"),
4 pcap = require("pcap"),
5 mysqlPort = parseInt(process.argv[3]) || 3306,
6 pcap_session = pcap.createSession(process.argv[2] || '', 'tcp port '+mysqlPort);
8 sys.puts('This tool allows to reverse engineer the mysql procotocol using node-pcap.');
10 sys.puts('Available devices (active one is denoted by *):');
12 // Print all devices, currently listening device prefixed with an asterisk
13 pcap_session.findalldevs().forEach(function (dev) {
15 if (pcap_session.device_name === dev.name) {
18 sys.print(dev.name + " ");
19 if (dev.addresses.length > 0) {
20 dev.addresses.forEach(function (address) {
21 sys.print(address.addr + "/" + address.netmask);
25 sys.print("no address\n");
30 sys.puts('Execute `./pcap-mysql.js <device> <mysql-port>` to listen on another device.');
33 // Listen for packets, decode them, and feed the simple printer. No tricks.
34 pcap_session.on('packet', function (raw_packet) {
35 var packet = pcap.decode.packet(raw_packet);
36 //sys.puts(pcap.print.packet(packet));
37 var tcp = packet.link.ip.tcp;
42 if (tcp.sport == mysqlPort) {
43 sys.puts('<- '+tcp.data.inspect());
45 sys.puts('-> '+tcp.data.inspect());