matrixdump

copyright (c) 2004 jose nazario , 3-clause BSD license


        :                       0           .1                P  T             :
               1                .           00     U          :  C
        1      0                0           ..     D             P
        0      .                .           10     P       U  1  :             U
        .      0               U1           ..     :       D  0   U            D
        0      .       U  U    D.           71             P  .  6D            P
        .    U 1       D  D    P7        U  1.             :  0  5P            :
        1    D .    U  P  P    :1        D  .7                .  .:
   U    .    P 7       :                 P                 1    T2             1
   D    1    : 1                         :                 0    C31 U          0
   P                   1                    U              .    P.0 D          .
   :    0    1 5       0       .         1  D              0    :8. P          0
        .                                                        1             .
   1    1    . 6       0        2        .  :7             1    6..            1
   0    0    0         .                 0                 .    511 1          .
   .    8    .         1                 .  0|..           1    .4.            7
                                                                 0
             .         7                 .                 0     .1            .
                                                           .     5.            3
                                                           4     23             
                                                           4     1
                                                                 6

Cypher: All I see now is blonde, brunette, redhead.

matrixdump is just a little PoC (and PoS) program i wrote in an evening to toy with ncurses and demo how you can drive a "matrix" like view using network data. i'm surprised no one's done this before, but it's been on my mind since the original movie came out.

matrixdump isn't as feature rich as tcpdump or tethereal, and the decodes are minimal. just the protocol, IPs, ports ... nothing else. the decodes could definitely be more interesting if you wanted to make them more usable.

amusingly, i'm not a huge fan of the movies, they were ok but the sequels don't get me as turned on as the original.

anyhow, why not drive some fun with a tool like this? part of this is me thinking about how to visualize CTF competitions, and part of it was me delving into the world of ncurses.

what's very funny is that this shows how lousy this interface is for actually looking at data. then again, you can say things like "porn, porn, SYN flood, porn ..."

matrixdump contains code from dugsong's dsniff (the pcaputil routines).

BUGS

matrixdump is just a toy, and isn't very feature filled or stable.

the colorstuff works well if your TERM is "ansi", not so well for some stuff.
the scrolling is a bit wonky at times, but generally works.

INSTALLATION

i built this and tested on openbsd 3.4-3.5. it uses pcap, libdnet, and ncurses. you'll have to tweak a few things for other platforms probably.

USE

i freely give this to the world, please keep my name on it as the license stipulates. other than that, make it work better, have some fun, and see if you can't visualize networks in new and interesting ways. that's why i am giving this out now.

DOWNLOAD

source: matrixdump-0.5.tar.gz

TODO

add threading to have multiple printline()s going at once.

MENTIONS

sometimes little hacks like this (which don't even showcase any skill as a programmer) get noticed by people. a few people have noticed matrixdump, and i'm flattered:

We're all in the Matrix now, Network World Fusion 10/18/04
MatrixDump: More fun for Matrix fans, by Burak DAYIOGLU on 13 October, 2004
MatrixDump, joat: 12:00:00 17 Oct 2004