#!/bin/bash
############################################################
# Decription: Capture password from tcp trame
# Author: Gilles Mouchet (gmo@ville-ge.ch)
# Creation Date: 27-Dec-2023
# Version: 1.0
# Usage: ./displayTraffic.sh
# Changelog:
#
#    V1.0 - 18-Dec-2023 - GMo
#      Added
#      - Creation of script from scratch
#
############################################################

case "$1" in
  all)
    sudo tcpdump port http or https -i lo -l -A
  ;;
  https) 
    sudo tcpdump port https -i lo -l -A
  ;;
  http) 
    sudo tcpdump port http -i lo -l -A  
  ;;
  pass)
    sudo tcpdump port http -i lo -l -A | grep -i "task=login?&_user=$LOGNAME&_pass" --color=auto --line-buffered -B20
  ;;
  *)
    cat << EOF 

Usage: ./displayTraffic.sh [ options ]
  Options: 
    all	   display all traffic (http and https)
    https  display all https traffic 
    http   dispaly all http traffic
    pass   display password from $LOGNAME

2023-$(date +"%Y") - DSIC - Gilles Mouchet (gilles.mouchet@ville-ge.ch)

EOF
    ;;
esac