added packet.text, packet.html into ip.Packet

added processing for packet.text, packet.html into ip.HtmlSession added debug mode into ip.HtmlSession::__init__ updated start-here.py to document the above changes
2013-01-25 20:03:33 -06:00 · 2013-01-25 20:03:33 -06:00 · e8af996b2e
parent cd02beecff
commit e8af996b2e
2 changed files with 46 additions and 13 deletions
--- a/extra/start-here.py
+++ b/extra/start-here.py
@ -24,16 +24,19 @@ class StinkyPinkyPacket(ip.Packet):
        is deemed to not be part of the packet's data, it should be returned.
        Likewise, if the Packet needs more data, raise ip.NeedsMoreData

-        self.parts - a magic bag of values. self.parts[:-1] is highlighted when
-          printed iff the value == length(self.payload)
-
+        self.parts   - a magic bag of values; (!) when the value matches len(self.payload)
        self.payload - non-header packet data
+        self.opcode  - an integer that triggers additional parsing
+        self.text    - text to be displayed without prep (i.e. shell output)
+        self.html    - html information for logging

-        self.opcode - an integer that triggers additional parsing, or special
-          display
+        return:
+
+            If you need more data, raise ip.NeedMoreData()
+            If you have excess data, return it from this function

        '''
-        self.parts = unpack("<BBBB", data)
+        self.parts = unpack("<BBBB", data)  # example 4-byte header
        self.payload = self.parts[-1]

        return None
@ -59,8 +62,8 @@ class StinkyPinkyPacket(ip.Packet):
 class StinkyPinkySession(ip.HtmlSession):
    ''' A StinkyPinky Session '''

-    def __init__(self, frame, packetClass=StinkyPinkyPacket):
-        ip.HtmlSession.__init__(self, frame, packetClass)
+    def __init__(self, frame, packetClass=StinkyPinkyPacket, debug=True):
+        ip.HtmlSession.__init__(self, frame, packetClass, debug)

    def process(self, packet):
        '''Process packet data
@ -68,8 +71,18 @@ class StinkyPinkySession(ip.HtmlSession):
        This method might be a good spot for special data handling at a session
        level. One example would be carving embedded data to a separate file.

+        This default action, copied from ip.HtmlSession, writes any packet.html
+        and packet.text (URL escaped) to the session log
+
        '''
+        if self.debug:
            packet.show()
+        if hasattr(packet, "html") and packet.html is not None:
+            self.log(packet.firstframe, packet.html, False)
+        if hasattr(packet, "text") and packet.text is not None:
+            if self.debug:
+                sys.stdout.write(self.text)
+            self.log(packet.firstframe, packet.text, True)


 # execution harness
--- a/netarch/ip.py
+++ b/netarch/ip.py
@ -3,16 +3,17 @@
 ## IP resequencing + protocol reversing skeleton
 ## 2008 Massive Blowout

+import StringIO
+import UserDict
 import cgi
 import heapq
 import os
 import rfc822
 import socket
 import struct
-import StringIO
+import sys
 import time
 import urllib
-import UserDict
 import warnings

 try:
@ -519,6 +520,8 @@ class Packet(UserDict.DictMixin):
        self.params = {}
        self.payload = None
        self.subpackets = []
+        self.html = None
+        self.text = None

    def __repr__(self):
        r = '<%s packet opcode=%s' % (self.__class__.__name__, self.opcode)
@ -628,6 +631,12 @@ class Packet(UserDict.DictMixin):

        raise AttributeError('Opcode %s unknown' % self.opcode)

+    def opcode_drop(self):
+        """Drop"""
+        if self.payload is not None:
+            self['droplen'] = len(self.payload)
+            self.payload = self.payload[:1024]
+

 class HttpPacket(Packet):
    def parse(self, data):
@ -764,8 +773,9 @@ class Session(object):


 class HtmlSession(Session):
-    def __init__(self, frame, packetClass=Packet):
+    def __init__(self, frame, packetClass=Packet, debug=True):
        Session.__init__(self, frame, packetClass)
+        self.debug = debug
        self.sessfd = self.open_out('session.html')
        self.sessfd.write('''<?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE html
@ -777,7 +787,7 @@ class HtmlSession(Session):
  <style type="text/css">
    .time { float: right; margin-left: 1em; font-size: 75%%; }
    .server { background-color: white; color: black; }
-    .client { background-color: #884; color: white; }
+    .client { background-color: #a8a8a8; color: black; }
  </style>
 </head>
 <body>
@ -806,3 +816,13 @@ class HtmlSession(Session):
            self.sessfd.write('<span class="time %s">%s</span><span class="%s">' % (cls, ts, cls))
        self.sessfd.write(p.replace('\r\n', '\n'))
        self.sessfd.write('</span>')
+
+    def process(self, packet):
+        if self.debug:
+            packet.show()
+        if hasattr(packet, "html") and packet.html is not None:
+            self.log(packet.firstframe, packet.html, False)
+        if hasattr(packet, "text") and packet.text is not None:
+            if self.debug:
+                sys.stdout.write(packet.text)
+            self.log(packet.firstframe, packet.text, True)