From 916e810873d904d62effb42f8e746bf89a40b946 Mon Sep 17 00:00:00 2001
From: StampeRnator <stampernator@gmail.com>
Date: Tue, 21 Nov 2017 11:11:11 +0100
Subject: [PATCH] Updated ngrep payload. (#25)

---
 payloads/library/sniffing/ngrep/payload.sh | 15 +++++++++------
 payloads/library/sniffing/ngrep/readme.md  |  5 ++++-
 2 files changed, 13 insertions(+), 7 deletions(-)

diff --git a/payloads/library/sniffing/ngrep/payload.sh b/payloads/library/sniffing/ngrep/payload.sh
index 9de8280..ed90c40 100644
--- a/payloads/library/sniffing/ngrep/payload.sh
+++ b/payloads/library/sniffing/ngrep/payload.sh
@@ -4,6 +4,7 @@
 NGREP_OPTIONS=("-wiql" "user|pass" "port" "21")
 CONDITION=""
 WCNUM=3
+BUTTON_WAIT="5s"
 
 LOOT_DIR="/mnt/loot/ngrep"
 LOG_FILE="${LOOT_DIR}/ngrep-${RANDOM}.log"
@@ -45,13 +46,15 @@ function run() {
 	do
 		NO_LED=true BUTTON && {
 			checkLog && {
-				LED FINISH
-				kill $npid
+				BUTTON $BUTTON_WAIT && {
+					LED FINISH
+					kill $npid
 
-				sleep 3
-				
-				LED OFF
-				halt
+					sleep 3
+					
+					LED OFF
+					halt
+				}
 			} || {
 				LED FAIL
 				sleep 3
diff --git a/payloads/library/sniffing/ngrep/readme.md b/payloads/library/sniffing/ngrep/readme.md
index 29816df..fadd37c 100644
--- a/payloads/library/sniffing/ngrep/readme.md
+++ b/payloads/library/sniffing/ngrep/readme.md
@@ -1,9 +1,12 @@
 # ngrep payload
+Credits: Hak5Darren, Sebkinne
+Small Edit: SebSeifert
 
 # Description
 
 Does packet sniffing stuff
+If the Button is pressed you have x seconds to push the button one more time. If pressed the payload ends and cleans up. Else it keeps running.
 
 ## Options
-
+BUTTON_WAIT = The seconds you can wait until the button must be pressed to end the payload.