neale
/
netarch
mirror of https://github.com/dirtbags/netarch.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

pylint/pyflakes/pep8 cleanup

This commit is contained in:
pi-rho 2012-06-07 21:49:25 -05:00
parent 80695bac9e
commit f34cc4cdba
5 changed files with 106 additions and 96 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
netarch/__init__.py
View File

@ -3,6 +3,7 @@
## 2008 Massive Blowout ## 2008 Massive Blowout
import md5
import sys import sys
import struct import struct
@ -84,7 +85,7 @@ def unpack(fmt, buf):
return vals + (buf[size:],) return vals + (buf[size:],)
class HexDumper: class HexDumper(object):
def __init__(self, fd=sys.stdout): def __init__(self, fd=sys.stdout):
self.fd = fd self.fd = fd
self.offset = 0 self.offset = 0
@ -110,7 +111,7 @@ class HexDumper:
o.append(u'%02x' % ord(c)) o.append(u'%02x' % ord(c))
else: else:
o.append(u'--') o.append(u'--')
o += ([u' '] * (16 - len(self.buf))) o += ([u' '] * (16 - len(self.buf)))
p = [self._to_printable(c) for c in self.buf] p = [self._to_printable(c) for c in self.buf]
self.write(u'%08x ' % self.offset) self.write(u'%08x ' % self.offset)
@ -176,7 +177,7 @@ def assert_in(a, *b):
## Binary and other base conversions ## Binary and other base conversions
## ##
class BitVector: class BitVector(object):
def __init__(self, i=0, length=None): def __init__(self, i=0, length=None):
try: try:
self._val = 0 self._val = 0
@ -281,11 +282,13 @@ import string
b64alpha = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/' b64alpha = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/'
def from_b64(s, alphabet, codec='base64'): def from_b64(s, alphabet, codec='base64'):
tr = string.maketrans(alphabet, b64alpha) tr = string.maketrans(alphabet, b64alpha)
t = s.translate(tr) t = s.translate(tr)
return t.decode(codec) return t.decode(codec)
class Esab64Codec(codecs.Codec): class Esab64Codec(codecs.Codec):
"""Little-endian version of base64.""" """Little-endian version of base64."""
@ -296,11 +299,12 @@ class Esab64Codec(codecs.Codec):
## slow. ## slow.
b64_chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/' b64_chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/'
def decode(self, input, errors='strict'): def decode(self, input, errors='strict'):
r = [] r = []
for i in range(0, len(input), 4): for i in range(0, len(input), 4):
v = BitVector() v = BitVector()
for c in input[i:i+4]: for c in input[i:i + 4]:
if c in ('=', ' ', '\n'): if c in ('=', ' ', '\n'):
break break
v += BitVector(self.b64_chars.index(c), 6) v += BitVector(self.b64_chars.index(c), 6)
@ -320,9 +324,11 @@ class Esab64Codec(codecs.Codec):
class Esab64StreamWriter(Esab64Codec, codecs.StreamWriter): class Esab64StreamWriter(Esab64Codec, codecs.StreamWriter):
pass pass
class Esab64StreamReader(Esab64Codec, codecs.StreamReader): class Esab64StreamReader(Esab64Codec, codecs.StreamReader):
pass pass
def _registry(encoding): def _registry(encoding):
if encoding == 'esab64': if encoding == 'esab64':
c = Esab64Codec() c = Esab64Codec()

23
netarch/crypto.py
View File

@ -2,7 +2,6 @@
## Codebreaking tools ## Codebreaking tools
## 2007 Massive Blowout ## 2007 Massive Blowout
## I should get an LAUR for this so we can share it.
from sets import Set from sets import Set
from pprint import pprint from pprint import pprint
@ -62,11 +61,13 @@ def isPrime(number):
if number - 1 == x: if number - 1 == x:
return False return False
def smallestFactor(number): def smallestFactor(number):
for x in range(2, number): for x in range(2, number):
if number % x == 0: if number % x == 0:
return x return x
def factor(number): def factor(number):
"""Return prime factors for number""" """Return prime factors for number"""
@ -106,7 +107,7 @@ def ngrams(n, haystack, min=2, repeats=False):
break break
if d != c: if d != c:
continue continue
if not acc.has_key(needle): if needle not in acc:
found = where(rtxt, needle) found = where(rtxt, needle)
if len(found) >= min: if len(found) >= min:
acc[needle] = found acc[needle] = found
@ -116,9 +117,11 @@ def ngrams(n, haystack, min=2, repeats=False):
def freq(txt): def freq(txt):
return ngrams(1, txt, min=0) return ngrams(1, txt, min=0)
def bigrams(txt): def bigrams(txt):
return ngrams(2, txt) return ngrams(2, txt)
def trigrams(txt): def trigrams(txt):
return ngrams(3, txt) return ngrams(3, txt)
@ -134,20 +137,19 @@ def freqgraph(f):
else: else:
return 0 return 0
items = [] items = []
for c,n in f.iteritems(): for c, n in f.iteritems():
if type(n) != type(0): if type(n) != type(0):
n = len(n) n = len(n)
items.append((c,n)) items.append((c, n))
items.sort(cmp2) items.sort(cmp2)
for c,n in items: for c, n in items:
print '%s: %s' % (c, '#' * n) print '%s: %s' % (c, '#' * n)
def neighbors(txt): def neighbors(txt):
out = {} out = {}
for dg, w in bigrams(txt).iteritems(): for dg, w in bigrams(txt).iteritems():
count = len(w)
n = out.get(dg[0], Set()) n = out.get(dg[0], Set())
n.add(dg[1]) n.add(dg[1])
out[dg[0]] = n out[dg[0]] = n
@ -181,6 +183,7 @@ def rot(n, txt):
def caesar(n, txt): def caesar(n, txt):
return [chr((ord(c) + n) % 256) for c in txt] return [chr((ord(c) + n) % 256) for c in txt]
def caesars(txt): def caesars(txt):
return [caesar(i, txt) for i in range(256)] return [caesar(i, txt) for i in range(256)]
@ -194,6 +197,7 @@ def xor(n, txt):
out = [(chr(ord(c) ^ n)) for c in txt] out = [(chr(ord(c) ^ n)) for c in txt]
return ''.join(out) return ''.join(out)
def xors(txt): def xors(txt):
ret = [] ret = []
for n in range(256): for n in range(256):
@ -208,6 +212,7 @@ def add(n, txt):
out += chr(o) out += chr(o)
return out return out
def adds(txt): def adds(txt):
ret = [] ret = []
for n in range(256): for n in range(256):
@ -215,7 +220,7 @@ def adds(txt):
return ret return ret
class XorMask: class XorMask(object):
def __init__(self, mask, stick=False): def __init__(self, mask, stick=False):
self.offset = 0 self.offset = 0
if type(mask) == type(''): if type(mask) == type(''):
@ -259,6 +264,7 @@ def matches(str, tgt):
return True return True
def guess(pattern): def guess(pattern):
ret = [] ret = []
@ -275,6 +281,7 @@ def guess(pattern):
## Overview tools ## Overview tools
## ##
def summary(txt): def summary(txt):
print "Length", len(txt) print "Length", len(txt)
print "Factors", factor(len(txt)) print "Factors", factor(len(txt))

16
netarch/gapstr.py
View File

@ -8,10 +8,12 @@ Lists should have only byte and numeric items.
""" """
import __init__ from . import HexDumper
import sys import sys
import string
class GapString:
class GapString(object):
def __init__(self, init=None, drop='?'): def __init__(self, init=None, drop='?'):
self.contents = [] self.contents = []
self.length = 0 self.length = 0
@ -50,7 +52,6 @@ class GapString:
except TypeError: except TypeError:
self.length -= len(item) self.length -= len(item)
return GapString(item) return GapString(item)
def __str__(self): def __str__(self):
ret = [] ret = []
@ -82,9 +83,7 @@ class GapString:
return False return False
def hexdump(self, fd=sys.stdout): def hexdump(self, fd=sys.stdout):
offset = 0 d = HexDumper(fd)
d = __init__.HexDumper(fd)
for i in self.contents: for i in self.contents:
try: try:
for j in xrange(i): for j in xrange(i):
@ -139,7 +138,7 @@ class GapString:
def __getitem__(self, idx): def __getitem__(self, idx):
if False: if False:
c = self[idx:idx+1] c = self[idx:idx + 1]
if c.hasgaps(): if c.hasgaps():
return self.drop[0] return self.drop[0]
else: else:
@ -213,7 +212,7 @@ class GapString:
except ValueError: except ValueError:
break break
ret.append(cur[:pos]) ret.append(cur[:pos])
cur = cur[pos+len(pivot):] cur = cur[pos + len(pivot):]
ret.append(cur) ret.append(cur)
return ret return ret
@ -243,4 +242,3 @@ if __name__ == '__main__':
assert len(gs[:4]) == 4 assert len(gs[:4]) == 4
assert len(gs[6:]) == 4 assert len(gs[6:]) == 4
assert str(gs[:0]) == '' assert str(gs[:0]) == ''

140
netarch/ip.py
View File

@ -3,41 +3,49 @@
## IP resequencing + protocol reversing skeleton ## IP resequencing + protocol reversing skeleton
## 2008 Massive Blowout ## 2008 Massive Blowout
import StringIO
import struct
import socket
import warnings
import heapq
import gapstr
import time
try:
import pcap
except ImportError:
import py_pcap as pcap
import os
import cgi import cgi
import heapq
import os
import rfc822
import socket
import struct
import StringIO
import time
import urllib import urllib
import UserDict import UserDict
from __init__ import * import warnings
try:
import pcap
if "open" not in dir(pcap):
raise ImportError()
except ImportError:
import py_pcap as pcap
from . import unpack, hexdump
import gapstr
def unpack_nybbles(byte): def unpack_nybbles(byte):
return (byte >> 4, byte & 0x0F) return (byte >> 4, byte & 0x0F)
# constants
transfers = os.environ.get('TRANSFERS', 'transfers') transfers = os.environ.get('TRANSFERS', 'transfers')
IP = 0x0800 IP = 0x0800
ARP = 0x0806 ARP = 0x0806
VLAN = 0x8100 VLAN = 0x8100
ICMP = 1 ICMP = 1
TCP = 6 TCP = 6
UDP = 17 UDP = 17
def str_of_eth(d): def str_of_eth(d):
return ':'.join([('%02x' % ord(x)) for x in d]) return ':'.join([('%02x' % ord(x)) for x in d])
class Frame:
class Frame(object):
"""Turn an ethernet frame into relevant parts""" """Turn an ethernet frame into relevant parts"""
def __init__(self, pkt): def __init__(self, pkt):
@ -71,7 +79,7 @@ class Frame:
(self.ihlvers, (self.ihlvers,
self.tos, self.tos,
self.tot_len, self.tot_len,
self.id, self.ipid,
self.frag_off, self.frag_off,
self.ttl, self.ttl,
self.protocol, self.protocol,
@ -110,7 +118,7 @@ class Frame:
(self.type, (self.type,
self.code, self.code,
self.cheksum, self.cheksum,
self.id, self.ipid,
self.seq, self.seq,
p) = unpack('!BBHHH', p) p) = unpack('!BBHHH', p)
self.payload = p[:self.tot_len - 8] self.payload = p[:self.tot_len - 8]
@ -124,13 +132,13 @@ class Frame:
self.dst = (self.daddr, self.dport) self.dst = (self.daddr, self.dport)
# This hash is the same for both sides of the transaction # This hash is the same for both sides of the transaction
self.iphash = self.saddr ^ self.daddr
self.hash = (self.saddr ^ (self.sport or 0) self.hash = (self.saddr ^ (self.sport or 0)
^ self.daddr ^ (self.dport or 0)) ^ self.daddr ^ (self.dport or 0))
else: else:
self.name = 'Ethernet type %d' % self.eth_type self.name = 'Ethernet type %d' % self.eth_type
self.protocol = None self.protocol = None
def get_src_addr(self): def get_src_addr(self):
saddr = struct.pack('!i', self.saddr) saddr = struct.pack('!i', self.saddr)
self.src_addr = socket.inet_ntoa(saddr) self.src_addr = socket.inet_ntoa(saddr)
@ -152,16 +160,15 @@ class Frame:
def __arp_repr__(self): def __arp_repr__(self):
return '<Frame %s %s(%s) -> %s(%s)>' % (self.name, return '<Frame %s %s(%s) -> %s(%s)>' % (self.name,
str_of_eth(self.ar_sha), str_of_eth(self.ar_sha), self.src_addr,
self.src_addr, str_of_eth(self.ar_tha), self.dst_addr)
str_of_eth(self.ar_tha),
self.dst_addr)
class TCP_Recreate:
class TCP_Recreate(object):
closed = True closed = True
def __init__(self, pcap, src, dst, timestamp): def __init__(self, pcapobj, src, dst, timestamp):
self.pcap = pcap self.pcap = pcapobj
self.src = (socket.inet_aton(src[0]), src[1]) self.src = (socket.inet_aton(src[0]), src[1])
self.dst = (socket.inet_aton(dst[0]), dst[1]) self.dst = (socket.inet_aton(dst[0]), dst[1])
self.sid = self.did = 0 self.sid = self.did = 0
@ -172,27 +179,27 @@ class TCP_Recreate:
def write_header(self): def write_header(self):
p = '\0\0\0\0\0\0\0\0\0\0\0\0\xfe\xed' p = '\0\0\0\0\0\0\0\0\0\0\0\0\xfe\xed'
self.pcap.write(((0,0,len(p)), p)) self.pcap.write(((0, 0, len(p)), p))
def packet(self, cli, payload, flags=0): def packet(self, cli, payload, flags=0):
if cli: if cli:
sip, sport = self.src sip, sport = self.src
dip, dport = self.dst dip, dport = self.dst
id = self.sid ipid = self.sid
self.sid += 1 self.sid += 1
seq = self.sseq seq = self.sseq
self.sseq += len(payload) self.sseq += len(payload)
if flags & (SYN|FIN): if flags & (SYN | FIN):
self.sseq += 1 self.sseq += 1
ack = self.dseq ack = self.dseq
else: else:
sip, sport = self.dst sip, sport = self.dst
dip, dport = self.src dip, dport = self.src
id = self.did ipid = self.did
self.did += 1 self.did += 1
seq = self.dseq seq = self.dseq
self.dseq += len(payload) self.dseq += len(payload)
if flags & (SYN|FIN): if flags & (SYN | FIN):
self.dseq += 1 self.dseq += 1
ack = self.sseq ack = self.sseq
if not (flags & ACK): if not (flags & ACK):
@ -203,33 +210,31 @@ class TCP_Recreate:
IP) IP)
iphdr = struct.pack('!BBHHHBBH4s4s', iphdr = struct.pack('!BBHHHBBH4s4s',
0x45, # Version, Header length/32 0x45, # Version, Header length/32
0, # Differentiated services / ECN 0, # Differentiated services / ECN
40+len(payload), # total size 40 + len(payload), # total size
id, ipid,
0x4000, # Don't fragment, no fragment offset 0x4000, # Don't fragment, no fragment offset
6, # TTL 6, # TTL
TCP, # Protocol TCP, # Protocol
0, # Header checksum 0, # Header checksum
sip, sip,
dip) dip)
shorts = struct.unpack('!hhhhhhhhhh', iphdr) shorts = struct.unpack('!hhhhhhhhhh', iphdr)
shsum = sum(shorts) shsum = sum(shorts)
ipsum = struct.pack('!h', (~shsum & 0xffff) - 2) # -2? WTF? ipsum = struct.pack('!h', (~shsum & 0xffff) - 2) # -2? WTF?
iphdr = iphdr[:10] + ipsum + iphdr[12:] iphdr = iphdr[:10] + ipsum + iphdr[12:]
tcphdr = struct.pack('!HHLLBBHHH', tcphdr = struct.pack('!HHLLBBHHH',
sport, sport,
dport, dport,
seq, # Sequence number seq, # Sequence number
ack, # Acknowledgement number ack, # Acknowledgement number
0x50, # Data offset 0x50, # Data offset
flags, # Flags flags, # Flags
0xff00, # Window size 0xff00, # Window size
0, # Checksum 0, # Checksum
0) # Urgent pointer 0) # Urgent pointer
return ethhdr + iphdr + tcphdr + str(payload) return ethhdr + iphdr + tcphdr + str(payload)
@ -245,14 +250,14 @@ class TCP_Recreate:
self.write_pkt(timestamp, cli, d, ACK) self.write_pkt(timestamp, cli, d, ACK)
def handshake(self, timestamp): def handshake(self, timestamp):
self.write_pkt(timestamp, True, '', SYN) self.write_pkt(timestamp, True, '', SYN)
self.write_pkt(timestamp, False, '', SYN|ACK) self.write_pkt(timestamp, False, '', SYN | ACK)
#self.write_pkt(timestamp, True, '', ACK) #self.write_pkt(timestamp, True, '', ACK)
def close(self): def close(self):
self.write_pkt(self.lastts, True, '', FIN|ACK) self.write_pkt(self.lastts, True, '', FIN | ACK)
self.write_pkt(self.lastts, False, '', FIN|ACK) self.write_pkt(self.lastts, False, '', FIN | ACK)
self.write_pkt(self.lastts, True, '', ACK) self.write_pkt(self.lastts, True, '', ACK)
def __del__(self): def __del__(self):
if not self.closed: if not self.closed:
@ -264,7 +269,8 @@ RST = 4
PSH = 8 PSH = 8
ACK = 16 ACK = 16
class TCP_Resequence:
class TCP_Resequence(object):
"""TCP session resequencer. """TCP session resequencer.
>>> p = pcap.open('whatever.pcap') >>> p = pcap.open('whatever.pcap')
@ -298,7 +304,6 @@ class TCP_Resequence:
self.handle = self.handle_handshake self.handle = self.handle_handshake
def bundle_pending(self, xdi, pkt, seq): def bundle_pending(self, xdi, pkt, seq):
"""Bundle up any pending packets. """Bundle up any pending packets.
@ -357,7 +362,6 @@ class TCP_Resequence:
return ret return ret
def handle(self, pkt): def handle(self, pkt):
"""Stub. """Stub.
@ -367,7 +371,6 @@ class TCP_Resequence:
raise NotImplementedError() raise NotImplementedError()
def handle_handshake(self, pkt): def handle_handshake(self, pkt):
if not self.first: if not self.first:
self.first = pkt self.first = pkt
@ -395,7 +398,6 @@ class TCP_Resequence:
self.handle = self.handle_packet self.handle = self.handle_packet
self.handle(pkt) self.handle(pkt)
def handle_packet(self, pkt): def handle_packet(self, pkt):
# Which way is this going? 0 == from client # Which way is this going? 0 == from client
idx = int(pkt.src == self.srv) idx = int(pkt.src == self.srv)
@ -417,7 +419,6 @@ class TCP_Resequence:
if pkt.ack > seq: if pkt.ack > seq:
return self.bundle_pending(xdi, pkt, seq) return self.bundle_pending(xdi, pkt, seq)
def handle_drop(self, pkt): def handle_drop(self, pkt):
"""Warn about any unhandled packets""" """Warn about any unhandled packets"""
@ -431,7 +432,7 @@ class TCP_Resequence:
hexdump(pkt.payload) hexdump(pkt.payload)
class Dispatch: class Dispatch(object):
def __init__(self, *filenames): def __init__(self, *filenames):
self.pcs = {} self.pcs = {}
@ -490,6 +491,7 @@ class Dispatch:
class NeedMoreData(Exception): class NeedMoreData(Exception):
pass pass
class Packet(UserDict.DictMixin): class Packet(UserDict.DictMixin):
"""Base class for a packet from a binary protocol. """Base class for a packet from a binary protocol.
@ -520,7 +522,6 @@ class Packet(UserDict.DictMixin):
r += '>' r += '>'
return r return r
## Dict methods ## Dict methods
def __setitem__(self, k, v): def __setitem__(self, k, v):
self.params[k] = v self.params[k] = v
@ -535,7 +536,7 @@ class Packet(UserDict.DictMixin):
return self.params.__iter__() return self.params.__iter__()
def has_key(self, k): def has_key(self, k):
return self.params.has_key(k) return k in self.params
def keys(self): def keys(self):
return self.params.keys() return self.params.keys()
@ -600,7 +601,7 @@ class Packet(UserDict.DictMixin):
"""Handle data from a Session class.""" """Handle data from a Session class."""
data = self.parse(data) data = self.parse(data)
if self.opcode <> None: if self.opcode != None:
try: try:
f = getattr(self, 'opcode_%s' % self.opcode) f = getattr(self, 'opcode_%s' % self.opcode)
except AttributeError: except AttributeError:
@ -713,7 +714,7 @@ class Session:
def handle_packets(self, collection): def handle_packets(self, collection):
"""Handle a collection of packets""" """Handle a collection of packets"""
for chunk in resequence(collection): for chunk in TCP_Resequence(collection):
self.handle(chunk) self.handle(chunk)
self.done() self.done()
@ -739,18 +740,16 @@ class HtmlSession(Session):
''' % self.__class__.__name__) ''' % self.__class__.__name__)
self.sessfd.write('<h1>%s</h1>\n' % self.__class__.__name__) self.sessfd.write('<h1>%s</h1>\n' % self.__class__.__name__)
self.sessfd.write('<pre>') self.sessfd.write('<pre>')
self.srv = None
def __del__(self): def __del__(self):
self.sessfd.write('</pre></body></html>') self.sessfd.write('</pre></body></html>')
self.sessfd.close()
def log(self, frame, payload, escape=True): def log(self, frame, payload, escape=True):
if escape: if escape:
p = cgi.escape(str(payload)) p = cgi.escape(unicode(payload))
else: else:
p = payload p = payload
if not self.srv:
self.srv = frame.saddr
if frame.saddr == self.srv: if frame.saddr == self.srv:
cls = 'server' cls = 'server'
else: else:
@ -763,4 +762,3 @@ class HtmlSession(Session):
self.sessfd.write('<span class="time %s">%s</span><span class="%s">' % (cls, ts, cls)) self.sessfd.write('<span class="time %s">%s</span><span class="%s">' % (cls, ts, cls))
self.sessfd.write(p.replace('\r\n', '\n')) self.sessfd.write(p.replace('\r\n', '\n'))
self.sessfd.write('</span>') self.sessfd.write('</span>')

9
netarch/py_pcap.py Executable file → Normal file
View File

@ -4,7 +4,8 @@ import struct
_MAGIC = 0xA1B2C3D4 _MAGIC = 0xA1B2C3D4
class pcap:
class pcap(object):
def __init__(self, stream, mode='rb', snaplen=65535, linktype=1): def __init__(self, stream, mode='rb', snaplen=65535, linktype=1):
try: try:
self.stream = file(stream, mode) self.stream = file(stream, mode)
@ -77,11 +78,11 @@ open_offline = pcap
if __name__ == '__main__': if __name__ == '__main__':
p = open('test.pcap', 'w') # Create a new file p = open('test.pcap', 'w') # Create a new file
p.write(((0, 0, 3), 'foo')) # Add a packet p.write(((0, 0, 3), 'foo')) # Add a packet
p.write(((0, 0, 3), 'bar')) p.write(((0, 0, 3), 'bar'))
del p del p
p = open(file('test.pcap')) # Also takes file objects p = open(file('test.pcap')) # Also takes file objects
assert ((p.version, p.thiszone, p.sigfigs, p.snaplen, p.linktype) == assert ((p.version, p.thiszone, p.sigfigs, p.snaplen, p.linktype) ==
((2, 4), 0, 0, 65535, 1)) ((2, 4), 0, 0, 65535, 1))
assert ([i for i in p] == [((0, 0, 3), 'foo'), ((0, 0, 3), 'bar')]) assert ([i for i in p] == [((0, 0, 3), 'foo'), ((0, 0, 3), 'bar')])