diff --git a/__init__.py b/__init__.py index 155b55a..a291431 100755 --- a/__init__.py +++ b/__init__.py @@ -6,7 +6,7 @@ import sys import struct -printable = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890!@#$%^&*()[]{}`~/=-\\?+|\',."<>: ' +printable = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890!@#$%^&*()[]{}`~/=-\\?+|\',."<>: _' def unpack(fmt, buf): """Unpack buf based on fmt, return the rest as a string.""" diff --git a/gapstr.py b/gapstr.py index 612ea3b..00120f4 100755 --- a/gapstr.py +++ b/gapstr.py @@ -50,6 +50,11 @@ class GapString: for c in i: yield c + def hasgaps(self): + for i in self.contents: + if isinstance(i, int): + return True + return False def hexdump(self, fd=sys.stdout): offset = 0 diff --git a/ip.py b/ip.py index 66b1d8c..7e5036e 100755 --- a/ip.py +++ b/ip.py @@ -116,6 +116,7 @@ class Frame: ^ self.daddr ^ (self.dport or 0)) else: self.name = 'Ethernet type %d' % self.eth_type + self.protocol = None def get_src_addr(self): @@ -271,11 +272,11 @@ class TCP_Resequence: if pkt.flags == SYN: self.cli, self.srv = pkt.src, pkt.dst elif pkt.flags == (SYN | ACK): - assert (pkt.src == (self.srv or pkt.src)) + #assert (pkt.src == (self.srv or pkt.src)) self.cli, self.srv = pkt.dst, pkt.src self.seq = [pkt.ack, pkt.seq + 1] elif pkt.flags == ACK: - assert (pkt.src == (self.cli or pkt.src)) + #assert (pkt.src == (self.cli or pkt.src)) self.cli, self.srv = pkt.src, pkt.dst self.seq = [pkt.seq, pkt.ack] self.handle = self.handle_packet @@ -345,11 +346,11 @@ def resequence(pc): f = Frame(pkt) if f.protocol == TCP: # compute TCP session hash - s = sessions.get(f.hash) - if not s: - s = TCP_Resequence() - sessions[f.hash] = s - chunk = s.handle(f) + tcp_sess = sessions.get(f.hash) + if not tcp_sess: + tcp_sess = TCP_Resequence() + sessions[f.hash] = tcp_sess + chunk = tcp_sess.handle(f) if chunk: yield chunk @@ -481,6 +482,7 @@ class Packet(UserDict.DictMixin): """ self.parts = [data] + self.payload = data return None def handle(self, data): @@ -557,3 +559,42 @@ class Session: for chunk in resequence(collection): self.handle(chunk) self.done() + + +class HtmlSession(Session): + def __init__(self, frame): + Session.__init__(self) + self.uid = '%s:%d-%s:%d' % (frame.src_addr, frame.sport, + frame.dst_addr, frame.dport) + + self.sessionfile = 'transfers/session-%s.html' % self.uid + self.fn = '%s.html' % (self.infilename) + self.fd = file(self.fn, 'w') + self.fd.write(''' + + +
+') + self.srv = None + + def __del__(self): + self.fd.write('') + + def log(self, frame, payload): + if frame.saddr == self.srv: + cls = 'server' + else: + cls = 'client' + self.fd.write('' % (cls, time.ctime(frame.time), frame.time)) + self.fd.write(payload.replace('\r\n', '\n')) + self.fd.write('')