neale
/
netarch
mirror of https://github.com/dirtbags/netarch.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

added packet.text, packet.html into ip.Packet 

added processing for packet.text, packet.html into ip.HtmlSession
added debug mode into ip.HtmlSession::__init__
updated start-here.py to document the above changes
This commit is contained in:
pi-rho 2013-01-25 20:03:33 -06:00
parent cd02beecff
commit e8af996b2e
2 changed files with 46 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
extra/start-here.py
View File

@ -24,16 +24,19 @@ class StinkyPinkyPacket(ip.Packet):
is deemed to not be part of the packet's data, it should be returned. is deemed to not be part of the packet's data, it should be returned.
Likewise, if the Packet needs more data, raise ip.NeedsMoreData Likewise, if the Packet needs more data, raise ip.NeedsMoreData
self.parts - a magic bag of values. self.parts[:-1] is highlighted when self.parts - a magic bag of values; (!) when the value matches len(self.payload)
printed iff the value == length(self.payload)
self.payload - non-header packet data self.payload - non-header packet data
self.opcode - an integer that triggers additional parsing
self.text - text to be displayed without prep (i.e. shell output)
self.html - html information for logging
self.opcode - an integer that triggers additional parsing, or special return:
display
If you need more data, raise ip.NeedMoreData()
If you have excess data, return it from this function
''' '''
self.parts = unpack("<BBBB", data) self.parts = unpack("<BBBB", data) # example 4-byte header
self.payload = self.parts[-1] self.payload = self.parts[-1]
return None return None
@ -59,8 +62,8 @@ class StinkyPinkyPacket(ip.Packet):
class StinkyPinkySession(ip.HtmlSession): class StinkyPinkySession(ip.HtmlSession):
''' A StinkyPinky Session ''' ''' A StinkyPinky Session '''
def __init__(self, frame, packetClass=StinkyPinkyPacket): def __init__(self, frame, packetClass=StinkyPinkyPacket, debug=True):
ip.HtmlSession.__init__(self, frame, packetClass) ip.HtmlSession.__init__(self, frame, packetClass, debug)
def process(self, packet): def process(self, packet):
'''Process packet data '''Process packet data
@ -68,8 +71,18 @@ class StinkyPinkySession(ip.HtmlSession):
This method might be a good spot for special data handling at a session This method might be a good spot for special data handling at a session
level. One example would be carving embedded data to a separate file. level. One example would be carving embedded data to a separate file.
This default action, copied from ip.HtmlSession, writes any packet.html
and packet.text (URL escaped) to the session log
''' '''
packet.show() if self.debug:
packet.show()
if hasattr(packet, "html") and packet.html is not None:
self.log(packet.firstframe, packet.html, False)
if hasattr(packet, "text") and packet.text is not None:
if self.debug:
sys.stdout.write(self.text)
self.log(packet.firstframe, packet.text, True)
# execution harness # execution harness

28
netarch/ip.py
View File

@ -3,16 +3,17 @@
## IP resequencing + protocol reversing skeleton ## IP resequencing + protocol reversing skeleton
## 2008 Massive Blowout ## 2008 Massive Blowout
import StringIO
import UserDict
import cgi import cgi
import heapq import heapq
import os import os
import rfc822 import rfc822
import socket import socket
import struct import struct
import StringIO import sys
import time import time
import urllib import urllib
import UserDict
import warnings import warnings
try: try:
@ -519,6 +520,8 @@ class Packet(UserDict.DictMixin):
self.params = {} self.params = {}
self.payload = None self.payload = None
self.subpackets = [] self.subpackets = []
self.html = None
self.text = None
def __repr__(self): def __repr__(self):
r = '<%s packet opcode=%s' % (self.__class__.__name__, self.opcode) r = '<%s packet opcode=%s' % (self.__class__.__name__, self.opcode)
@ -628,6 +631,12 @@ class Packet(UserDict.DictMixin):
raise AttributeError('Opcode %s unknown' % self.opcode) raise AttributeError('Opcode %s unknown' % self.opcode)
def opcode_drop(self):
"""Drop"""
if self.payload is not None:
self['droplen'] = len(self.payload)
self.payload = self.payload[:1024]
class HttpPacket(Packet): class HttpPacket(Packet):
def parse(self, data): def parse(self, data):
@ -764,8 +773,9 @@ class Session(object):
class HtmlSession(Session): class HtmlSession(Session):
def __init__(self, frame, packetClass=Packet): def __init__(self, frame, packetClass=Packet, debug=True):
Session.__init__(self, frame, packetClass) Session.__init__(self, frame, packetClass)
self.debug = debug
self.sessfd = self.open_out('session.html') self.sessfd = self.open_out('session.html')
self.sessfd.write('''<?xml version="1.0" encoding="UTF-8"?> self.sessfd.write('''<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html <!DOCTYPE html
@ -777,7 +787,7 @@ class HtmlSession(Session):
<style type="text/css"> <style type="text/css">
.time { float: right; margin-left: 1em; font-size: 75%%; } .time { float: right; margin-left: 1em; font-size: 75%%; }
.server { background-color: white; color: black; } .server { background-color: white; color: black; }
.client { background-color: #884; color: white; } .client { background-color: #a8a8a8; color: black; }
</style> </style>
</head> </head>
<body> <body>
@ -806,3 +816,13 @@ class HtmlSession(Session):
self.sessfd.write('<span class="time %s">%s</span><span class="%s">' % (cls, ts, cls)) self.sessfd.write('<span class="time %s">%s</span><span class="%s">' % (cls, ts, cls))
self.sessfd.write(p.replace('\r\n', '\n')) self.sessfd.write(p.replace('\r\n', '\n'))
self.sessfd.write('</span>') self.sessfd.write('</span>')
def process(self, packet):
if self.debug:
packet.show()
if hasattr(packet, "html") and packet.html is not None:
self.log(packet.firstframe, packet.html, False)
if hasattr(packet, "text") and packet.text is not None:
if self.debug:
sys.stdout.write(packet.text)
self.log(packet.firstframe, packet.text, True)