#!/usr/bin/env perl
use warnings;
use strict;
#####################
# By: Ventz Petkov  #
# Date: 12=12=05    #
#####################

my $tcpdump = "/usr/sbin/tcpdump";
my $interface = "en0";
my $filesize = "1,000";    # 500 MB each
my $logname = "tcpdump_log";
my $tcpdump_options = "-i $interface -C $filesize -s 65535 -n -e -tttt -w $logname";
print "=> Initializing TCPDumper (made for CTF)\n";
print "=> Looking for tcpdump...\n";
if(-e "/usr/sbin/tcpdump") {
    print "\t=> Found tcpdump at: /usr/sbin/tcpdump\n";
    $tcpdump = "/usr/sbin/tcpdump";
}
elsif(-e "/sbin/tcpdump") {
    print "\t=> Found tcpdump at: /sbin/tcpdump\n";
    $tcpdump = "/sbin/tcpdump";
}
elsif(-e "/usr/local/sbin/tcpdump") {
    print "\t=> Found tcpdump at: /usr/local/sbin/tcpdump\n";
    $tcpdump = "/usr/local/sbin/tcpdump";
}
else {
    print "\t=> Could not locate tcpdump Please specify location to binary: ";
    $tcpdump = <STDIN>; chomp $tcpdump;
    if(-e $tcpdump) {
        print "\t\t=> Binary Loaded\n";
    }
    else {
        print "\t\t=> Binary Could not be Located\n"; exit;
    }
}
print "=> Using tcpdump from: $tcpdump\n";
if(-r $tcpdump) {
    print "\t=> Binary is readable\n";
}
else {
    print "\t=> Sorry, you don't have permission to read tcpdump\n";
    print "\t=> Try sudo'ing this script";
    exit;
}
print "=> Assuming Interface: $interface. Is this correct (y/n): ";
my $correct_if = <STDIN>; chomp $correct_if;
if($correct_if =~ /y/) {
    print "\t=> Using: $interface\n";
}
else {
    print "\t=> Please specify an interface: ";
    $interface = <STDIN>; chomp $interface;
    print "\t=> Assuming Interface: $interface\n";
}
print "=> Assuming File Size: $filesize Mbytes. Is this correct (y/n): ";
my $correct_fz = <STDIN>; chomp $correct_fz;
if($correct_fz =~ /y/) {
    print "\t=> Using: $filesize\n";
}
else {
    print "\t=> Please specify a file size in format (X,XXX): ";
    $filesize = <STDIN>; chomp $filesize;
    print "\t=> Assuming File Size: $filesize Mbytes\n";
}
print "=> Assuming Log Name: $logname. Is this correct (y/n): ";
my $correct_ln = <STDIN>; chomp $correct_ln;
if($correct_ln =~ /y/) {
    print "\t=> Using: $logname\n";
}
else {
    print "\t=> Please specify a log name: ";
    $logname = <STDIN>; chomp $logname;
    print "\t=> Assuming Log Name: $logname\n";
}
print "=> Running tcpdump by pre-calling it with sudo\n";
print "=> You might be asked for a password...\n";
print "=> Running:\n";
print "\t=> Command: $tcpdump\n";
print "\t=> Options: $tcpdump_options\n";
system("sudo $tcpdump $tcpdump_options");