GitHub - bindle/pipedump: Pipe Dump is a utility which captures the data from STDIN, STDOUT, and STDERR of a forked process.

bindle / pipedump Public

Notifications You must be signed in to change notification settings
Fork 0
Star 0

Pipe Dump is a utility which captures the data from STDIN, STDOUT, and STDERR of a forked process.

Notifications

Name		Name	Last commit message	Last commit date
Latest commit History 77 Commits
build-aux		build-aux
build		build
contrib		contrib
doc		doc
include		include
lib		lib
m4		m4
pipedump.xcodeproj		pipedump.xcodeproj
src		src
.gitignore		.gitignore
.gitmodules		.gitmodules
AUTHORS		AUTHORS
COPYING		COPYING
ChangeLog		ChangeLog
Makefile.am		Makefile.am
NEWS		NEWS
README		README
acinclude.m4		acinclude.m4
configure.ac		configure.ac

Repository files navigation

Pipe Dump Utility & Library
===========================

Pipe Dump is a utility which captures the data sent to STDIN and from
STDOUT/STDERR of a program. This is accomplished using fork() and pipe()
to transmit and receive data from the forked process to the pipe dump
utility. Captured data is stored in a file using the libpcap file format.
This is useful for capturing interactions with commands executed
from an SSH connection.

Contents
--------

1. Disclaimer
2. Software Requirements
3. Maintainers
4. Examples
5. Community
6. Source Code

Disclaimer
----------

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL BINDLE BINARIES BE LIABLE FOR
ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
SUCH DAMAGE.

Software Requirements
---------------------

* Git 1.7
* GCC/LLVM
* GNU Autoconf
* GNU Automake
* GNU Libtool

Maintainers
-----------

David M. Syzdek,
Bindle Binaries,
syzdek@bindlebinaries.com

Examples
--------

Command Line
------------

$ cat /etc/resolv.conf | pipedump -dd -o file.pcap -- grep \
-i nameserver

SSH Authorized Keys
-------------------

Pipedump can be inserted into an authorized_keys file to record an SSH
session. This is useful for debugging utilities which use SSH for
authentication and transport such as Gitolite.

Original Entry:

ssh-rsa AAAA..ooU= user@host

Updated Entry:

command="pipedump -dd -o ssh.pcap -- ${SSH_ORIGINAL_COMMAND}" ssh-rsa AAAA..ooU= user@host

Note that the actual RSA key in the above examples has been
truncated to make the lines easier to read.

Display libpcap File
--------------------

Display payload as hexdump:

$ tcpdump -qns 0 -X -r file.pcap

Display payload as ASCII text:

$ tcpdump -qns 0 -A -r file.pcap

Community
---------

Source Code Repository:
https://github.com/bindle/pipedump/

Issue Tracking:
https://github.com/bindle/pipedump/issues

Source Code
-----------

The source code for this project is maintained using git (http://git-scm.com).
The following contains information to checkout the source code from the git
repository.

Download URLs:
http://sourceforge.net/projects/pipedump/files/

Git URLs:
git://github.com/bindle/pipedump.git
git://git.code.sf.net/p/pipedump/code

Downloading Source with Git:
$ git clone --recursive git://github.com/bindle/pipedump.git pipedump

Preparing Source from Git:
$ cd piepdump
$ autoreconf -I ./m4/ -I ./contrib/bindletools/m4/ -i

Git Branches:
master - Current release of packages.
next - changes staged for next release
pu - proposed updates for next release
xx/yy+ - branch for testing new changes before merging to 'pu' branch