def join_game(screen, host, port, team):
try:
sock = socket.socket()
sock.connect((host, port))
mapname = [None]
other_team = [None]
spawns = [None]
def handler(type, data):
if type == "MAP":
mapname[0] = data
if type == "TEAM":
other_team[0] = deserialize_team(data)
if type == "SPAWNS":
spawns[0] = deserialize_spawns(data)
conn = Messager(handler, sock)
conn.push_message("TEAM", serialize_team(team))
while mapname[0] is None or other_team[0] is None or spawns[0] is None:
asyncore.loop(count=1, timeout=0.1)
except:
sys.excepthook(*sys.exc_info())
return
teams = [("Player 1", conn, other_team[0]), ("Player 2", None, team)]
game = XadirMain(screen, mapname=mapname[0])
game.load_resources()
game.init_teams(teams, spawns[0])
game.main_loop()
def __init__(self, addr=('192.168.51.31', 8888)):
#创建客户端socket对象
self.socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
#服务端IP地址和端口号元组
self.server_address = addr
#客户端连接指定的IP地址和端口号
self.socket.connect(self.server_address)
self.count = 0
self.msg = Messager()
def __init__(self, data_directory, pull_port='5555', push_port='5556'):
self.data_directory = data_directory
self.messager = Messager(pull_port=pull_port, push_port=push_port)
self.build = Builder()
self.stone = Rosetta()
self.ipv4_marker = '[--> IPV4 <--]'
self.ipv6_marker = '[--> IPV6 <--]'
self.hm_len = len(self.ipv4_marker)
self.seperator = '-------------------------------'
def __init__(self, data_directory, pull_port='5555', push_port='5556'):
self.data_directory = data_directory
self.messager = Messager(pull_port=pull_port, push_port=push_port)
self.build = Builder()
self.dict = Rosetta()
self.header_marker = '[--> HEADER <--]'
self.hm_len = len(self.header_marker)
self.broken_header = 'fae'
def host_game(screen, port, mapname, team):
show_message(screen, 'Waiting for connection...')
try:
serv = socket.socket()
serv.bind(('0.0.0.0', port))
serv.listen(1)
sock, addr = serv.accept()
serv.close()
show_message(screen, 'Connection established')
show_message(screen, 'Synchronizing game data...')
proto = [False]
other_team = [None]
spawns = [None]
def handler(type, data):
if type == 'PROTOCOL':
if compatible_protocol(data):
proto[0] = True
assert proto[0], 'Incompatible protocol version'
if type == 'TEAM':
other_team[0] = deserialize_team(data)
conn = Messager(handler, sock)
conn.push_message('PROTOCOL', PROTOCOL_VERSION)
conn.push_message('MAP', mapname)
conn.push_message('TEAM', serialize_team(team))
while other_team[0] is None:
asyncore.loop(count=1, timeout=0.1)
assert asyncore.socket_map, 'Protocol error or disconnection'
except Exception, e:
sys.excepthook(*sys.exc_info())
show_message(screen, 'Link failed! (%s: %s)' % (e.__class__.__name__, e.message), True, (255, 0, 0))
return
def __init__(self, data_directory, pull_port='5555', push_port='5556'): self.data_directory = data_directory self.messager = Messager(pull_port=pull_port, push_port=push_port) self.build = Builder() self.dict = Rosetta() self.header_marker = '[--> HEADER <--]' self.hm_len = len(self.header_marker) self.broken_header = 'fae'
def __init__(self, data_directory, pull_port='5555', push_port='5556'): self.data_directory = data_directory self.messager = Messager(pull_port=pull_port, push_port=push_port) self.build = Builder() self.stone = Rosetta() self.ipv4_marker = '[--> IPV4 <--]' self.ipv6_marker = '[--> IPV6 <--]' self.hm_len = len(self.ipv4_marker) self.seperator = '-------------------------------'
def __init__(self, SERVICE_IP, SERVICE_PORT, name, MY_PORT, event):
Thread.__init__(self)
# Socket to send stuff
self.sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
# self identification
self.status = "Initializing"
self.host = socket.gethostname()
print("self.host: " + str(self.host))
self.name = name
print("name: " + str(self.name))
self.vmNumber = int(self.name[8:])
# Networking
self.ip = socket.gethostbyname(self.host)
print("self.ip:" + str(self.ip))
self.port = MY_PORT
self.service_ip = SERVICE_IP
self.service_port = SERVICE_PORT
# server
self.serv = None
self.event = event
logging.basicConfig(filename="log.txt",
format='%(message)s',
level=logging.DEBUG)
self.logger = Logger(logging, self.ip, self.port, self.vmNumber,
self.name, self.service_ip, self.service_port)
self.messager = Messager()
## CP2
self.blockManager = BlockManager(self.logger)
self.ipsToSendChain = []
# Should only ever be a string with a hash
self.hashesSentToService = []
def join_game(screen, host, port, team):
show_message(screen, 'Connecting...')
try:
sock = socket.socket()
sock.connect((host, port))
show_message(screen, 'Connection established')
show_message(screen, 'Synchronizing game data...')
proto = [False]
mapname = [None]
other_team = [None]
spawns = [None]
def handler(type, data):
if type == 'PROTOCOL':
if compatible_protocol(data):
proto[0] = True
assert proto[0], 'Incompatible protocol version'
if type == 'MAP':
mapname[0] = data
if type == 'TEAM':
other_team[0] = deserialize_team(data)
if type == 'SPAWNS':
spawns[0] = deserialize_spawns(data)
conn = Messager(handler, sock)
conn.push_message('PROTOCOL', PROTOCOL_VERSION)
conn.push_message('TEAM', serialize_team(team))
while mapname[0] is None or other_team[0] is None or spawns[0] is None:
asyncore.loop(count=1, timeout=0.1)
assert asyncore.socket_map, 'Protocol error or disconnection'
except Exception, e:
sys.excepthook(*sys.exc_info())
show_message(screen, 'Link failed! (%s: %s)' % (e.__class__.__name__, e.message), True, (255, 0, 0))
return
class RobotSocket(object):
def __init__(self, addr=('192.168.51.31', 8888)):
#创建客户端socket对象
self.socket = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
#服务端IP地址和端口号元组
self.server_address = addr
#客户端连接指定的IP地址和端口号
self.socket.connect(self.server_address)
self.count = 0
self.msg = Messager()
def sendall(self, data_type, data):
sdata = self.msg.pack(data_type, data)
self.socket.sendall(sdata)
def rev(self):
pass
def __del__(self):
self.socket.close()
def host_game(screen, port, mapname, team):
try:
serv = socket.socket()
serv.bind(("0.0.0.0", port))
serv.listen(1)
sock, addr = serv.accept()
serv.close()
other_team = [None]
spawns = [None]
def handler(type, data):
if type == "TEAM":
other_team[0] = deserialize_team(data)
conn = Messager(handler, sock)
conn.push_message("MAP", mapname)
conn.push_message("TEAM", serialize_team(team))
while other_team[0] is None:
asyncore.loop(count=1, timeout=0.1)
except:
sys.excepthook(*sys.exc_info())
return
teams = [("Player 1", None, team), ("Player 2", conn, other_team[0])]
game = XadirMain(screen, mapname=mapname)
game.load_resources()
spawns = game.get_spawnpoints(teams)
conn.push_message("SPAWNS", serialize_spawns(spawns))
game.init_teams(teams, spawns)
game.main_loop()
class Distiller:
def __init__(self, data_directory, pull_port='5555', push_port='5556'):
self.data_directory = data_directory
self.messager = Messager(pull_port=pull_port, push_port=push_port)
self.build = Builder()
self.dict = Rosetta()
self.header_marker = '[--> HEADER <--]'
self.hm_len = len(self.header_marker)
self.broken_header = 'fae'
def __on_receive_command(self, message):
print message
if message['payload']['command'] == 'parse_file_pcap':
file_name = message['payload']['filename']
file_path = os.path.join(self.data_directory, file_name)
self._read_file(file_path)
# x._read_file('../app/uploads/evidence01.pcap')
# x._read_file('../app/uploads/evidence-malware.pcap')
# x._read_file('../app/uploads/evidence01-talkers.pcap')
def _read(self, _hex):
read = self._format_lines(binascii.hexlify(_hex))
return read
def _read_file(self, afile, num_fails=0, max_fails=3):
try:
_file = open(afile, 'rb')
except:
if num_fails < max_fails:
num_fails += 1;
time.sleep(2*num_fails);
self._read_file(afile, num_fails, max_fails)
return
else:
return
file_to_list = []
for row in list(_file):
''
# get user-agent and host
plain_text = row
temp = self.dict.sifter(plain_text)
if temp is not None:
print(temp)
pcap_string = self.dict._format_lines(binascii.hexlify(row))
highlight_header = re.sub('[0-9][a-f]000000[0-9][a-f]000000', self.header_marker, pcap_string)
file_to_list.append(highlight_header)
try:
# catch complete packets
for line in file_to_list:
if self.header_marker in line and not self.broken_header in line:
#print(line) # test output is read
# setup 1st check
hdr_len_byte1 = line.index(self.header_marker) + 28 # find index
header_check1 = hdr_len_byte1 + self.hm_len # verify header w/length byte
# setup 2nd check
hdr_len_byte2 = line.index(self.header_marker) + 92 # find index
header_check2 = hdr_len_byte2 + self.hm_len # verify header w/2nd length byte
if line[header_check1] is '4': # initial confirmation of header
self.peruse_pcap(line)
try:
if line[header_check2] is '5': # catches only complete headers
self.peruse_pcap(line)
except:
pass
except:
for line in file_to_list:
if self.header_marker in line and not self.broken_header in line:
self.peruse_pcap(line)
def receive_command(self):
self.messager.receive_message(self.__on_receive_command)
def peruse_pcap(self, apcap):
get_header = apcap.index(self.header_marker) # find header starting index
header_offset = get_header + self.hm_len
''' beginning reference point '''
des_mac = header_offset # 1
des_ip = header_offset + 60 # 5
des_port = header_offset + 72 # 7
_src_mac = header_offset + 12 # 2
_src_ip = header_offset + 52 # 4
_src_port = header_offset + 68 # 6
prot = header_offset + 46 # 3
''' ending reference point'''
dest_mac_offset = des_mac + 12
dest_ip_offset = des_ip + 8
dest_port_offset = des_port + 4
_src_mac_offset = _src_mac + 12
_src_ip_offset = _src_ip + 8
_src_port_offset = _src_port + 4
protocol_offset = prot + 2
try:
#!works
destination_mac = self.build.rebuild_mac(str(apcap[des_mac:dest_mac_offset]))
_source_mac = self.build.rebuild_mac(str(apcap[_src_mac:_src_mac_offset]))
protocol_type = self.build.define_prot(str(apcap[prot:protocol_offset]))
_source_ip = self.build.rebuild_ip(str(apcap[_src_ip:_src_ip_offset]))
destination_ip = self.build.rebuild_ip(str(apcap[des_ip:dest_ip_offset]))
_source_port = self.build.rebuild_port(str(apcap[_src_port:_src_port_offset]))
destination_port = self.build.rebuild_port(str(apcap[des_port:dest_port_offset]))
print('Protocol: ' + protocol_type)
print('')
print('\t\tSource:') # print('\tSource:')
print('Mac:\t' + _source_mac)
print('IP:\t\t' + _source_ip) # print('IP:\t' + _source_ip)
print('Port:\t' + str(_source_port))
print('')
print('\t\tDestination:') # print('\tSource:')
print('Mac:\t' + destination_mac)
print('IP:\t\t' + destination_ip) # print('IP:\t' + destination_ip)
print('Port:\t' + str(destination_port))
print('\n------------------------------------------\n')
#+ Send Message
now = datetime.now().isoformat(' ')
message = {
'timestamp': now,
'source': 'Distiller',
'destination': 'SneakPeek',
'payload': {
'command': 'show',
'protocol_type': protocol_type,
'shost': {
'source_mac': _source_mac,
'source_ip': _source_ip,
'source_port': _source_port
},
'dhost': {
'destination_mac': destination_mac,
'destination_ip': destination_ip,
'destination_port': destination_port
}
}
}
self.messager.send_message(message);
#- Send Message
except:
pass
class Distiller:
def __init__(self, data_directory, pull_port='5555', push_port='5556'):
self.data_directory = data_directory
self.messager = Messager(pull_port=pull_port, push_port=push_port)
self.build = Builder()
self.stone = Rosetta()
self.ipv4_marker = '[--> IPV4 <--]'
self.ipv6_marker = '[--> IPV6 <--]'
self.hm_len = len(self.ipv4_marker)
self.seperator = '-------------------------------'
def __on_receive_command(self, message):
print message
if message['payload']['command'] == 'parse_file_pcap':
file_name = message['payload']['filename']
file_path = os.path.join(self.data_directory, file_name)
self.read_file(file_path)
def receive_command(self):
self.messager.receive_message(self.__on_receive_command)
def read(self, _hex):
'''
This function reads and parses pcap hex strings.
'''
# get user-agent and host and date
message = {};
hex_string = _hex
recovered_text = self.stone.sifter(hex_string)
if recovered_text is not None:
print(recovered_text)
#send to json directly from sifter
else:
# converts string to true hex
pcap_string = binascii.hexlify(hex_string)
ipv4 = self._ipv4(pcap_string)
ipv6 = self._ipv6(ipv4)
filtered = ipv6
message = self._parse_ipv4(filtered)
# self._parse_ipv6(filtered)
return message;
def read_file(self, afile):
'''
This function opens a pcap file and passes
it through the read function line by
line for parsing.
'''
_file = open(afile, 'rb')
for row in list(_file):
message = self.read(row);
if message != None and type(message) == dict:
message['payload']['filename'] = afile;
self.messager.send_message(message);
def _ipv4(self, astring):
'''
This function filters for ipv4 header tags.
'''
filter1 = re.sub('[1-9][a-f]000000[1-9][a-f]000000', self.ipv4_marker, astring)
filter2 = re.sub('[a-f][a-f]0[1-9]0000[a-f][a-f]0[1-9]0000', self.ipv4_marker, filter1)
return filter2
def _parse_ipv4(self, astring):
'''
This function parses ipv4 strings.
Specific slices for specific data.
'''
if self.ipv4_marker in astring:
header_frame = astring.index(self.ipv4_marker) + self.hm_len
try:
dmac = str(astring[header_frame:header_frame+12])
smac = str(astring[header_frame+12:header_frame+24])
types = str(astring[header_frame+24:header_frame+28])
prot = str(astring[header_frame+46:header_frame+48])
sip = str(astring[header_frame+52:header_frame+60])
dip = str(astring[header_frame+60:header_frame+68])
sprt = str(astring[header_frame+68:header_frame+72])
dprt = str(astring[header_frame+72:header_frame+76])
except:
pass
try:
type_ = str(self.build.define_type(types))
protocol = str(self.build.define_prot(prot))
dest_mac = str(self.build._mac(dmac))
dest_ip = str(self.build._ip(dip))
dest_port = str(self.build._port(dprt))
src_mac = str(self.build._mac(smac))
src_ip = str(self.build._ip(sip))
src_port = str(self.build._port(sprt))
# quality check
qc = str(type_+'\n'+protocol+'\n'+src_mac+'\n'+src_ip+
'\n'+src_port+'\n'+dest_mac+'\n'+dest_ip+'\n'+
dest_port+'\n'+self.seperator)
print(qc)
#+ Send Message
now = datetime.now().isoformat(' ')
message = {
'timestamp': now,
'source': 'Distiller',
'destination': 'SneakPeek',
'payload': {
'command': 'show',
'header_type': type_,
'protocol_type': protocol,
'shost': {
'source_mac': src_mac,
'source_ip': src_ip,
'source_port': src_port
},
'dhost': {
'destination_mac': dest_mac,
'destination_ip': dest_ip,
'destination_port': dest_port
}
}
}
return message;
#- Send Message
except:
pass
else:
pass
def _ipv6(self, astring):
'''
This function filters for ipv6 header tags.
'''
filter3 = re.sub('0[1-9]00[1-9]0000000[1-9]0000000', self.ipv6_marker, astring)
filter4 = re.sub('00[1-9][1-9]000000[1-9][1-9]000000', self.ipv6_marker, filter3)
filter5 = re.sub('00[1-9][a-f]0[1-9]0000[1-9][a-f]0[1-9]0000', self.ipv6_marker, filter4)
filter6 = re.sub('00[a-f][1-9]000000[a-f][1-9]000000', self.ipv6_marker, filter5)
filter7 = re.sub('010000[a-f][1-9]010000', self.ipv6_marker, filter6)
return filter7
def _parse_ipv6(self, astring):
'''
This function parses ipv6 strings.
Specific slices for specific data.
'''
if self.ipv6_marker in astring:
header_frame = astring.index(self.ipv6_marker) + self.hm_len
try:
dmac = str(astring[header_frame:header_frame+12])
smac = str(astring[header_frame+12:header_frame+24])
types = str(astring[header_frame+24:header_frame+28])
prot = str(astring[header_frame+40:header_frame+42])
sip = str(astring[header_frame+44:header_frame+77])
dip = str(astring[header_frame+76:header_frame+109])
sprt = str(astring[header_frame+108:header_frame+112])
dprt = str(astring[header_frame+112:header_frame+116])
except:
pass
try:
type_ = str(self.build.define_type(types))
protocol = str(self.build.define_prot(prot))
dest_mac = str(self.build._mac(dmac))
dest_ip = str(self.build._ipv6_ip(dip))
dest_port = str(self.build._port(dprt))
src_mac = str(self.build._mac(smac))
src_ip = str(self.build._ipv6_ip(sip))
src_port = str(self.build._port(sprt))
# quality check
qc = str(type_+'\n'+protocol+'\n'+src_mac+'\n'+src_ip+
'\n'+src_port+'\n'+dest_mac+'\n'+dest_ip+'\n'+
dest_port+'\n'+self.seperator)
print(qc)
#+ Send Message
now = datetime.now().isoformat(' ')
message = {
'timestamp': now,
'source': 'Distiller',
'destination': 'SneakPeek',
'payload': {
'command': 'show',
'header_type': type_,
'protocol_type': protocol,
'shost': {
'source_mac': src_mac,
'source_ip': src_ip,
'source_port': src_port
},
'dhost': {
'destination_mac': dest_mac,
'destination_ip': dest_ip,
'destination_port': dest_port
}
}
}
# self.messager.send_message(message);
#- Send Message
# return message;
except:
pass
else:
pass
class Node(Thread):
#global run_event
file = None
messager = None
# []
transactionMessages = []
introductionMessages = []
introductionMessages_Handled = []
serviceIntroductionMessages = []
serviceTransactionMessages = []
replyMessages = []
nameIPPortList = []
ipAndport2Name = dict()
# (ip,(int) port) IMPORTANT
liveAddresses = []
# (ip, port) -> (name, status)
pendingAddresses = dict()
deadAddresses = []
unknownAddresses = []
sentMessagesByAddress = dict()
receivedMessagesByAddress = dict()
sentAddressesByBlock = dict()
receivedAddressesByBlock = dict()
def __init__(self, SERVICE_IP, SERVICE_PORT, name, MY_PORT, event):
Thread.__init__(self)
# Socket to send stuff
self.sock = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
# self identification
self.status = "Initializing"
self.host = socket.gethostname()
print("self.host: " + str(self.host))
self.name = name
print("name: " + str(self.name))
self.vmNumber = int(self.name[8:])
# Networking
self.ip = socket.gethostbyname(self.host)
print("self.ip:" + str(self.ip))
self.port = MY_PORT
self.service_ip = SERVICE_IP
self.service_port = SERVICE_PORT
# server
self.serv = None
self.event = event
logging.basicConfig(filename="log.txt",
format='%(message)s',
level=logging.DEBUG)
self.logger = Logger(logging, self.ip, self.port, self.vmNumber,
self.name, self.service_ip, self.service_port)
self.messager = Messager()
## CP2
self.blockManager = BlockManager(self.logger)
self.ipsToSendChain = []
# Should only ever be a string with a hash
self.hashesSentToService = []
# TODO:
# Initialize server
# Params: port
def initServer(self):
self.serv = mp2Server(self.service_ip, self.service_port, self.name,
self.port, self.event)
def startServer(self):
self.serv.start()
def closeServiceConnection(self):
self.serv.shutdown()
def shutdown(self):
print(str(self.name) + " shutting down")
#self.file.close()
print(str(self.name) + " Exiting")
self.status = "shutdown"
############
def replyAndUpdateAddresses(self, ip, port):
# REPLY
self.sendReply(ip, port)
# KEEP THIS ADDRESS AS ALIVE
self.liveAddresses.append((ip, int(port)))
def sendReply(self, ip, port):
replyMessage = str(self.ip) + ":" + str(self.port) + " REPLY"
#print("~~ sending REPLY ~~")
#print("\t" + str(replyMessage))
self.sock.sendto(replyMessage.encode('utf-8'), (ip, int(port)))
def requestChain(self, ip, port):
requestChainMessage = str(self.ip) + ":" + str(
self.port) + " REQUESTCHAIN" + "\n"
self.sock.sendto(requestChainMessage.encode('utf-8'), (ip, int(port)))
##############
def clearIPPortFromAddresses(self, address):
ip, port = address
for introMessage in self.introductionMessages_Handled:
if (ip in introMessage and port in introMessage):
self.introductionMessages_Handled.remove(introMessage)
def getAddressesToSend(self):
# Shuffle the live addresses
random.shuffle(self.liveAddresses)
readyToSend = None
readyToSendLive = None
readyToSendUnknown = None
# from live addresses
if (len(self.liveAddresses) < 5):
readyToSendLive = self.liveAddresses
else:
readyToSendLive = self.liveAddresses[:5]
# from unknown addresses
if (len(self.unknownAddresses) < 3):
readyToSendUnknown = self.unknownAddresses
else:
readyToSendUnknown = self.unknownAddresses[:3]
readyToSend = readyToSendLive + readyToSendUnknown
return readyToSend
def okToSend(self, ip, port, message):
# Haven't sent them anything yet
if ((ip, port) not in self.sentMessagesByAddress.keys()):
self.sentMessagesByAddress[(ip, port)] = []
if ((ip, port) not in self.receivedMessagesByAddress.keys()):
self.receivedMessagesByAddress[(ip, port)] = []
# Haven't sent or received this message from this ip, port
if (message not in self.sentMessagesByAddress[(ip, port)]):
if (message not in self.receivedMessagesByAddress[(ip, port)]):
return True
return False
def addMessagetoSentMessages(self, ip, port, message):
# Haven't sent them anything yet
if ((ip, port) not in self.sentMessagesByAddress.keys()):
self.sentMessagesByAddress[(ip, port)] = [message]
else:
self.sentMessagesByAddress[(ip, port)] += [message]
def addMessagetoReceivedMessages(self, ip, port, message):
if ((ip, port) not in self.receivedMessagesByAddress.keys()):
self.receivedMessagesByAddress[(ip, port)] = [message]
else:
self.receivedMessagesByAddress[(ip, port)] += [message]
def okToSendBlock(self, blockString, ip, port):
if (blockString not in self.sentAddressesByBlock.keys()):
self.sentAddressesByBlock[blockString] = [(ip, port)]
if (blockString not in self.receivedAddressesByBlock.keys()):
self.receivedAddressesByBlock[blockString] = [(ip, port)]
if ((ip, int(port)) not in self.sentAddressesByBlock[blockString]):
if ((ip, int(port))
not in self.receivedAddressesByBlock[blockString]):
return True
return False
def addAddresstoSentBlocks(self, block, ip, port):
if (block not in self.sentAddressesByBlock.keys()):
self.sentAddressesByBlock[block] = [(ip, int(port))]
else:
self.sentAddressesByBlock[block] += [(ip, int(port))]
def addAddresstoReceivedBlocks(self, block, ip, port):
if (block not in self.receivedAddressesByBlock.keys()):
self.receivedAddressesByBlock[block] = [(ip, int(port))]
else:
self.receivedAddressesByBlock[block] += [(ip, int(port))]
#### List manipulation
def getNameAndPortFromIP(self):
pass
###### READING FUNCTIONS
def read(self):
message, addr = self.serv.read()
#print("read() -> got message, addr")
if (message is not None):
#print("Got message in read() call!")
stripped = message.strip()
#print(str(self.name) + ": " + str(stripped))
# RETURNS MESSAGE AS A STRING, ADDR AS (IP, PORT), DOESN'T MATTER THO BECAUSE THE IP AND PORT ARE IN THE MESSAGE
return message, addr
# TRANSACTION 1551208414.204385 f78480653bf33e3fd700ee8fae89d53064c8dfa6 183 99 10
# INTRODUCE node12 172.22.156.12 4444
def handleMessage(self, message, addr):
#print("\thandleMessage: " + str(message))
# message = IP:Port messageContents[]
message = message.split()
ip, port = message[0].split(":")
ip = str(ip)
port = int(port)
message2send = message[1:]
## CP 1
if ("TRANSACTION" in message2send):
#print("~~got transaction from " +str(addr) + " ~~")
#print("NODE\t" + str(message2send))
self.logger.logReceivedTransaction(' '.join(message))
# IF YOU HAVEN'T SEEN THIS TRANSACTION, SAVE IT!
if (message2send not in self.transactionMessages):
#print("hM\t" + str(message2send))
self.transactionMessages.append(message2send)
## ADD IT TO THE BLOCK MANAGER
self.blockManager.appendTransactionToCurrentBlock(message2send)
self.addMessagetoReceivedMessages(ip, port, message2send)
self.replyAndUpdateAddresses(ip, port)
elif ("INTRODUCE" in message2send):
self.logger.logReceivedIntroduction(' '.join(message))
if (message2send not in self.introductionMessages):
self.introductionMessages.append(message2send)
self.addMessagetoReceivedMessages(ip, port, message2send)
self.replyAndUpdateAddresses(ip, port)
elif ("REPLY" in message2send):
#print("~~ got reply from " + str(addr) + "~~")
if ((ip, port) in self.pendingAddresses.keys()):
del self.pendingAddresses[(ip, port)]
self.liveAddresses.append((ip, port))
# CP 2
elif ("BLOCK" in message2send):
#print("Received block from " + str(ip) + " " +str(port))
#print(message2send)
block = self.blockManager.singleBlockFromMessage(
' '.join(message2send))
self.logger.logReceivedBlock(block.selfHash, ' '.join(message))
blockKey = ' '.join(message2send)
self.addAddresstoReceivedBlocks(blockKey, ip, port)
#print("Received block")
#print(self.blockManager.singleBlockFromMessage(message2send[1]).printSelf())
#print("\n")
# if level is greater, you have to ask for the whole blockchain
if (self.blockManager.betterBlock(ip, port, message2send)):
#print("!! BETTER BLOCK == TRUE. GET READY FOR NEW CHAIN !! ")
self.requestChain(ip, port)
#print("\nRequested chain from: " + str(self.blockManager.waitingForBlockChainFrom))
#self.blockManager.updateBlock()
#self.currentBlockString = message2send
# if level is the same, do nothing
else:
pass
elif ("BLOCKCHAIN" in message2send):
# Pass on individual block to build chain
#print("Building new chain with block")
#print(message)
if (self.blockManager.waitingForBlockChainFrom == (ip, port)):
print("[RECEIVED PIECE OF CHAIN]")
self.blockManager.buildChain(message2send)
pass
elif ("REQUESTCHAIN" in message2send):
print("Full CHAIN requested from " + str(ip) + "," + str(port))
self.ipsToSendChain += [(ip, port)]
##################################
# READ FROM THE SERVICE
def serviceRead(self):
messageFromService = self.serv.readFromService()
if (messageFromService is not None):
messagesFromService = messageFromService.split("\n")
for mess in messagesFromService:
stripped = messageFromService.strip()
#print(str(self.name) + ":" + str(stripped))
#self.file.write(mess)
return messagesFromService
return None
# HANDLE THE SERVICE MESSAGE, MESSAGE COMES IN AS A STRING
def handleServiceMessage(self, message):
# Print the message to console
#print("handleServiceMessage: " +str(message))
bytes = len(message)
# MESSAGE IS NOW AN ARRAY
message = message.split(" ")
if ("TRANSACTION" in message):
#print("~~got transaction from service~~")
# print("SERVICE\t" + str(message))
# Assume it hasn't been seen
self.logger.logServiceTransaction(self.service_ip,
self.service_port, message)
if (message not in self.transactionMessages):
self.transactionMessages.append(message)
## ADD IT TO THE BLOCK MANAGER
self.blockManager.appendTransactionToCurrentBlock(message)
elif ("INTRODUCE" in message):
#print("~~got introduction~~")
#print("\t" + str(message))
self.logger.logServiceIntroduction(self.service_ip,
self.service_port, message)
self.serviceIntroductionMessages.append(message)
self.introductionMessages.append(message)
elif ("SOLVED" in message):
self.logger.logReceivedPuzzle(message)
print("\n~~ got Solved ~~")
print(message)
#print(str(message[1]))
#print(str(message[2]))
#print(self.blockManager.blockchainBySelfHash[message[1]].printSelf())
if (self.blockManager.successfulBlock(message)):
#self.currentBlockString = self.blockManager.currentBlockAsString()
pass
## make all of the pending transactions go into new block
else:
print("Ignoring SOLVED Message")
#print("\n\t\t\t\t\t\t\t\t\t\t\t\t\t[RECEIVING]")
elif ("VERIFY OK" in message):
print("~~ got Good Verify ~~")
print("\t" + str(message))
pass
elif ("VERIFY FAIL" in message):
print("~~ got Bad Verify ~~")
print("\t" + str(message))
pass
elif ("QUIT" in message):
#print("## Got Quit command ##")
ttype = "QUIT"
elif ("DIE" in message):
self.status = "shutdown"
time.sleep(0.05)
exit(1)
#print("@@ Got DIE command @@")
if (type == "QUIT"):
self.shutdown()
#######################################
def run(self):
timer = 0
self.initServer()
self.startServer()
self.status = "running"
print(
"\n\n##################################################################################"
)
print(
"##################################################################################\n\n"
)
# Check if ctrl + C was pressed
while (1):
#print(time.time())
if (self.event.isSet()):
self.closeServiceConnection()
break
############### STEP 1: READ ALL MESSAGES ###################
## 1.B -- READ ALL MESSAGES FROM NODES
## Read until no messages
readCount = 0
while (1):
# print("read()")
# addr = ipANDport = (ip, port)
if (readCount == 10):
readCount = 0
break
message, addr = self.read()
# print("post read()")
messageType = self.messager.getMessageType(message)
if (messageType is not None):
self.handleMessage(message, addr)
readCount += 1
else:
break
readCount = 0
######## Update list of IPs from node messages
for introMessage in self.introductionMessages:
vmname = introMessage[1]
vmIP = introMessage[2]
vmPort = int(introMessage[3])
if ((vmIP, vmPort) not in self.ipAndport2Name.keys()):
# Put it in the dictionary with the name
self.ipAndport2Name[(vmIP, vmPort)] = (vmname, "unknown")
self.unknownAddresses.append((vmIP, vmPort))
# Move the message to a "HANDLED" array
self.introductionMessages_Handled.append(introMessage)
self.introductionMessages = []
## 1.A -- READ ALL MESSAGES FROM SERVICE
## Read until no messages
while (1):
#print("serviceRead()")
serviceMessages = self.serviceRead()
if (serviceMessages is None):
# NOTHING TO READ MOVE ON
break
for serviceMessage in serviceMessages:
serviceMessageType = self.messager.getMessageType(
serviceMessage)
# FOR EVERY GOOD MESSAGE, HANDLE IT
if (serviceMessageType is not None):
self.handleServiceMessage(serviceMessage)
######## Update list of IPs from node messages
# serviceIntroMessage = ['INTRODUCE', 'node2', '172.22.156.3', '4567']
for serviceIntroMessage in self.serviceIntroductionMessages:
#print("Converting message to dictionary entry and adding to liveAddresses")
vmname = serviceIntroMessage[1]
vmIP = serviceIntroMessage[2]
vmPort = int(serviceIntroMessage[3])
if ((vmIP, vmPort) not in self.ipAndport2Name.keys()):
# Put it in the dictionary with the name
self.ipAndport2Name[(vmIP, vmPort)] = (vmname, "alive")
# put it in the list of live addresses
self.liveAddresses.append((vmIP, vmPort))
# EMPTY THE QUEUE
self.serviceIntroductionMessages = []
## END OF READING ##########
## 2.A -- ADDRESS CLEAN UP
## Delete addresses that are stale
for address, sent_time in self.pendingAddresses.items():
curr_time = time.time()
diff = curr_time - sent_time
# change this to be the timeout factor
if (diff > 100):
print(str(address) + " is dead!")
del self.pendingAddresses[address]
vmname, status = self.ipAndport2Name[address]
self.ipAndport2Name[address] = (vmname, "dead")
self.deadAddresses.append(address)
self.clearIPPortFromAddresses(address)
## 3.A -- Figure out which addresses to send to
addresses = self.getAddressesToSend()
## 3.B -- Figure out transactions to send
## Sort the transactions
sortedTranscations = sorted(self.transactionMessages,
key=sortFunction)
transactionsToSend = None
if (len(sortedTranscations) < 20):
transactionsToSend = sortedTranscations
else:
transactionsToSend = sortedTranscations[-20:]
## 3.C -- Figure out which random introductions to send
random.shuffle(self.introductionMessages_Handled)
introductionsToSend = None
if (len(self.introductionMessages_Handled) < 3):
introductionsToSend = self.introductionMessages_Handled
else:
introductionsToSend = self.introductionMessages_Handled[-3:]
######## WRITE TO OTHER NODES ######
ipsToPending = set()
if (len(transactionsToSend) > 0 and len(addresses) > 0):
for address in addresses:
ip, port = address
ip = str(ip)
port = int(port)
## 4.A
# TRANSACTIONS
for transMessage in transactionsToSend:
message2send = str(self.ip) + ":" + str(
self.port) + " " + str(" ".join(transMessage))
if (self.okToSend(ip, port, transMessage)):
#print("!! " + str(message2send) + " > " + str(address) + " !!")
######### SENDING SECTION #######
self.sock.sendto(message2send.encode('utf-8'),
(ip, port))
self.logger.logSentTransaction(
ip, port, message2send)
self.addMessagetoSentMessages(
ip, port, transMessage)
ipsToPending.add((ip, port))
## 4.B
## INTRODUCTIONS
if (introductionsToSend is not None):
for intro in introductionsToSend:
message2send = str(self.ip) + ":" + str(
self.port) + " " + str(" ".join(intro))
if (self.okToSend(ip, port, intro)):
#print("!! " + str(message2send) + " > " + str(address) + " !!")
######### SENDING SECTION #######
self.logger.logSentIntroduction(
ip, port, message2send)
self.sock.sendto(message2send.encode('utf-8'),
(ip, port))
self.addMessagetoSentMessages(ip, port, intro)
ipsToPending.add((ip, port))
# only remove stuff if it was sent
for ipPort in ipsToPending:
if (ipPort in self.liveAddresses):
self.liveAddresses.remove(ipPort)
self.pendingAddresses[ipPort] = time.time()
if (ipPort in self.unknownAddresses):
self.unknownAddresses.remove(ipPort)
self.pendingAddresses[ipPort] = time.time()
readyToSend = []
transactionsToSend = []
## CP2 #########################
## SENDING NEWEST HASH FOR SOLVING
if (self.blockManager.currentBlock is not None):
if (self.blockManager.currentBlock.selfHash is not None):
if (self.blockManager.currentBlock.selfHash
not in self.hashesSentToService):
self.hashesSentToService.append(
self.blockManager.currentBlock.selfHash)
#print("SOLVE:")
#self.blockManager.printCurrentBlock()
string = "SOLVE "
string += self.blockManager.currentBlock.selfHash
string += "\n"
#print("\n\t\t\t\t\t\t\t\t\t\t\t\t\t[RECEIVING]")
self.logger.logSentPuzzle(string)
self.serv.serviceSocket.send(string.encode('utf-8'))
## SENDING BLOCK TO OTHER NODES
if (not self.blockManager.waitingForBlockChain and
(self.blockManager.lastSuccessfulHash is not "None"
and self.blockManager.lastSuccessfulHash is not None)):
blockString = self.blockManager.lastSuccessfulBlock.toMessageWithHash(
)
blockMessage2send = str(self.ip) + ":" + str(
self.port) + " " + str(blockString)
hash = self.blockManager.lastSuccessfulBlock.selfHash
for address in addresses:
ip, port = address
ip = str(ip)
port = int(port)
if (self.okToSendBlock(blockString, ip, port)):
self.logger.logSentBlock(hash, blockMessage2send, ip,
port)
#print("\nblock about to send")
#self.blockManager.lastSuccessfulBlock.printSelf()
#print("GONNA SEND MY BLOCK TO NODE: " + str(ip) + "," + str(port))
#print(blockString)
#self.blockManager.lastSuccessfulBlock.printSelf()
print("")
self.sock.sendto(blockMessage2send.encode('utf-8'),
(ip, port))
self.addAddresstoSentBlocks(blockString, ip, port)
for ip, port in self.ipsToSendChain:
for blockHash, block in self.blockManager.blockchain.values(
):
self.logger.logSentBlock(blockHash, blockMessage2send,
ip, port)
#print("GONNA SEND CHAIN NODE TO: " + str(ip) + "," + str(port))
blockString = block.toMessageWithHash()
blockChainString = block.toChainMessage()
blockChainMessage2send = str(self.ip) + ":" + str(
self.port) + " " + str(blockChainString)
self.logger.logSentBlock(blockHash, blockMessage2send,
ip, port)
self.sock.sendto(blockChainMessage2send, (ip, port))
self.addAddresstoSentBlocks(blockString, ip, port)
self.ipsToSendChain = []
################################
## IDK WHY THIS IS NECESSARY
## RUN EVENT IS NOT PROPERLY CHECKED OTHERWISE
#time.sleep(1)
time.sleep(0.00000001)
print("Run event unset!")
print(str(self.vmNumber) + ": Final List")
time.sleep(self.vmNumber)
# for tm in self.transactionMessages:
# print(tm)
# print("")
# accounts = sorted(self.blockManager.committedBank.keys())
# for account in accounts:
# print(str(account) + " " + str(self.blockManager.committedBank[account]))
#
#print(self.blockManager.blockchain)
totalTransactions = len(self.transactionMessages)
storedTransactions = 0
for i in range(self.blockManager.blockLevel):
if ((i + 1) in self.blockManager.blockchain.keys()):
blockHash, block = self.blockManager.blockchain[i + 1]
#block.printSelf()
block.printNumberHash()
storedTransactions += len(block.getTransactions())
logString = "BLOCK-TX "
logString += str(block.selfHash)
logString += " "
txIDs = block.gettxIDs()
logString += " ".join(txIDs)
#print(logString)
self.logger.plainLog(logString)
storedTransactions += len(self.blockManager.pendingTransactions)
# print("\n[PENDING TRANSACTIONS]")
# for pt in self.blockManager.pendingTransactions:
# print(pt)
#
# print("\nTRANSACTIONS IN CURRENT BLOCK")
# if(self.blockManager.currentBlock is not None):
# for t in self.blockManager.currentBlock.getTransactions():
# print(t)
# storedTransactions += 1
print("Total Transactions: " + str(totalTransactions))
print("Stored Transactions: " + str(storedTransactions))
if (totalTransactions == storedTransactions):
print("GREAT SUCCESS")
self.shutdown()
def __init__(self):
self.running = True
self.app_start_time = time.time()
self.timer = threading.Timer(1.0, self.run)
self.messager = Messager()
self.inputter = Inputter()
class Distiller:
def __init__(self, data_directory, pull_port='5555', push_port='5556'):
self.data_directory = data_directory
self.messager = Messager(pull_port=pull_port, push_port=push_port)
self.build = Builder()
self.stone = Rosetta()
self.ipv4_marker = '[--> IPV4 <--]'
self.ipv6_marker = '[--> IPV6 <--]'
self.hm_len = len(self.ipv4_marker)
self.seperator = '-------------------------------'
def __on_receive_command(self, message):
print message
if message['payload']['command'] == 'parse_file_pcap':
file_name = message['payload']['filename']
file_path = os.path.join(self.data_directory, file_name)
self.read_file(file_path)
def receive_command(self):
self.messager.receive_message(self.__on_receive_command)
def read(self, _hex):
'''
This function reads and parses pcap hex strings.
'''
# get user-agent and host and date
message = {}
hex_string = _hex
recovered_text = self.stone.sifter(hex_string)
if recovered_text is not None:
print(recovered_text)
#send to json directly from sifter
else:
# converts string to true hex
pcap_string = binascii.hexlify(hex_string)
ipv4 = self._ipv4(pcap_string)
ipv6 = self._ipv6(ipv4)
filtered = ipv6
message = self._parse_ipv4(filtered)
# self._parse_ipv6(filtered)
return message
def read_file(self, afile):
'''
This function opens a pcap file and passes
it through the read function line by
line for parsing.
'''
_file = open(afile, 'rb')
for row in list(_file):
message = self.read(row)
if message != None and type(message) == dict:
message['payload']['filename'] = afile
self.messager.send_message(message)
def _ipv4(self, astring):
'''
This function filters for ipv4 header tags.
'''
filter1 = re.sub('[1-9][a-f]000000[1-9][a-f]000000', self.ipv4_marker,
astring)
filter2 = re.sub('[a-f][a-f]0[1-9]0000[a-f][a-f]0[1-9]0000',
self.ipv4_marker, filter1)
return filter2
def _parse_ipv4(self, astring):
'''
This function parses ipv4 strings.
Specific slices for specific data.
'''
if self.ipv4_marker in astring:
header_frame = astring.index(self.ipv4_marker) + self.hm_len
try:
dmac = str(astring[header_frame:header_frame + 12])
smac = str(astring[header_frame + 12:header_frame + 24])
types = str(astring[header_frame + 24:header_frame + 28])
prot = str(astring[header_frame + 46:header_frame + 48])
sip = str(astring[header_frame + 52:header_frame + 60])
dip = str(astring[header_frame + 60:header_frame + 68])
sprt = str(astring[header_frame + 68:header_frame + 72])
dprt = str(astring[header_frame + 72:header_frame + 76])
except:
pass
try:
type_ = str(self.build.define_type(types))
protocol = str(self.build.define_prot(prot))
dest_mac = str(self.build._mac(dmac))
dest_ip = str(self.build._ip(dip))
dest_port = str(self.build._port(dprt))
src_mac = str(self.build._mac(smac))
src_ip = str(self.build._ip(sip))
src_port = str(self.build._port(sprt))
# quality check
qc = str(type_ + '\n' + protocol + '\n' + src_mac + '\n' +
src_ip + '\n' + src_port + '\n' + dest_mac + '\n' +
dest_ip + '\n' + dest_port + '\n' + self.seperator)
print(qc)
#+ Send Message
now = datetime.now().isoformat(' ')
message = {
'timestamp': now,
'source': 'Distiller',
'destination': 'SneakPeek',
'payload': {
'command': 'show',
'header_type': type_,
'protocol_type': protocol,
'shost': {
'source_mac': src_mac,
'source_ip': src_ip,
'source_port': src_port
},
'dhost': {
'destination_mac': dest_mac,
'destination_ip': dest_ip,
'destination_port': dest_port
}
}
}
return message
#- Send Message
except:
pass
else:
pass
def _ipv6(self, astring):
'''
This function filters for ipv6 header tags.
'''
filter3 = re.sub('0[1-9]00[1-9]0000000[1-9]0000000', self.ipv6_marker,
astring)
filter4 = re.sub('00[1-9][1-9]000000[1-9][1-9]000000',
self.ipv6_marker, filter3)
filter5 = re.sub('00[1-9][a-f]0[1-9]0000[1-9][a-f]0[1-9]0000',
self.ipv6_marker, filter4)
filter6 = re.sub('00[a-f][1-9]000000[a-f][1-9]000000',
self.ipv6_marker, filter5)
filter7 = re.sub('010000[a-f][1-9]010000', self.ipv6_marker, filter6)
return filter7
def _parse_ipv6(self, astring):
'''
This function parses ipv6 strings.
Specific slices for specific data.
'''
if self.ipv6_marker in astring:
header_frame = astring.index(self.ipv6_marker) + self.hm_len
try:
dmac = str(astring[header_frame:header_frame + 12])
smac = str(astring[header_frame + 12:header_frame + 24])
types = str(astring[header_frame + 24:header_frame + 28])
prot = str(astring[header_frame + 40:header_frame + 42])
sip = str(astring[header_frame + 44:header_frame + 77])
dip = str(astring[header_frame + 76:header_frame + 109])
sprt = str(astring[header_frame + 108:header_frame + 112])
dprt = str(astring[header_frame + 112:header_frame + 116])
except:
pass
try:
type_ = str(self.build.define_type(types))
protocol = str(self.build.define_prot(prot))
dest_mac = str(self.build._mac(dmac))
dest_ip = str(self.build._ipv6_ip(dip))
dest_port = str(self.build._port(dprt))
src_mac = str(self.build._mac(smac))
src_ip = str(self.build._ipv6_ip(sip))
src_port = str(self.build._port(sprt))
# quality check
qc = str(type_ + '\n' + protocol + '\n' + src_mac + '\n' +
src_ip + '\n' + src_port + '\n' + dest_mac + '\n' +
dest_ip + '\n' + dest_port + '\n' + self.seperator)
print(qc)
#+ Send Message
now = datetime.now().isoformat(' ')
message = {
'timestamp': now,
'source': 'Distiller',
'destination': 'SneakPeek',
'payload': {
'command': 'show',
'header_type': type_,
'protocol_type': protocol,
'shost': {
'source_mac': src_mac,
'source_ip': src_ip,
'source_port': src_port
},
'dhost': {
'destination_mac': dest_mac,
'destination_ip': dest_ip,
'destination_port': dest_port
}
}
}
# self.messager.send_message(message);
#- Send Message
# return message;
except:
pass
else:
pass
class Distiller:
def __init__(self, data_directory, pull_port='5555', push_port='5556'):
self.data_directory = data_directory
self.messager = Messager(pull_port=pull_port, push_port=push_port)
self.build = Builder()
self.dict = Rosetta()
self.header_marker = '[--> HEADER <--]'
self.hm_len = len(self.header_marker)
self.broken_header = 'fae'
def __on_receive_command(self, message):
print message
if message['payload']['command'] == 'parse_file_pcap':
file_name = message['payload']['filename']
file_path = os.path.join(self.data_directory, file_name)
self._read_file(file_path)
# x._read_file('../app/uploads/evidence01.pcap')
# x._read_file('../app/uploads/evidence-malware.pcap')
# x._read_file('../app/uploads/evidence01-talkers.pcap')
def _read(self, _hex):
read = self._format_lines(binascii.hexlify(_hex))
return read
def _read_file(self, afile, num_fails=0, max_fails=3):
try:
_file = open(afile, 'rb')
except:
if num_fails < max_fails:
num_fails += 1
time.sleep(2 * num_fails)
self._read_file(afile, num_fails, max_fails)
return
else:
return
file_to_list = []
for row in list(_file):
''
# get user-agent and host
plain_text = row
temp = self.dict.sifter(plain_text)
if temp is not None:
print(temp)
pcap_string = self.dict._format_lines(binascii.hexlify(row))
highlight_header = re.sub('[0-9][a-f]000000[0-9][a-f]000000',
self.header_marker, pcap_string)
file_to_list.append(highlight_header)
try:
# catch complete packets
for line in file_to_list:
if self.header_marker in line and not self.broken_header in line:
#print(line) # test output is read
# setup 1st check
hdr_len_byte1 = line.index(
self.header_marker) + 28 # find index
header_check1 = hdr_len_byte1 + self.hm_len # verify header w/length byte
# setup 2nd check
hdr_len_byte2 = line.index(
self.header_marker) + 92 # find index
header_check2 = hdr_len_byte2 + self.hm_len # verify header w/2nd length byte
if line[header_check1] is '4': # initial confirmation of header
self.peruse_pcap(line)
try:
if line[header_check2] is '5': # catches only complete headers
self.peruse_pcap(line)
except:
pass
except:
for line in file_to_list:
if self.header_marker in line and not self.broken_header in line:
self.peruse_pcap(line)
def receive_command(self):
self.messager.receive_message(self.__on_receive_command)
def peruse_pcap(self, apcap):
get_header = apcap.index(
self.header_marker) # find header starting index
header_offset = get_header + self.hm_len
''' beginning reference point '''
des_mac = header_offset # 1
des_ip = header_offset + 60 # 5
des_port = header_offset + 72 # 7
_src_mac = header_offset + 12 # 2
_src_ip = header_offset + 52 # 4
_src_port = header_offset + 68 # 6
prot = header_offset + 46 # 3
''' ending reference point'''
dest_mac_offset = des_mac + 12
dest_ip_offset = des_ip + 8
dest_port_offset = des_port + 4
_src_mac_offset = _src_mac + 12
_src_ip_offset = _src_ip + 8
_src_port_offset = _src_port + 4
protocol_offset = prot + 2
try:
#!works
destination_mac = self.build.rebuild_mac(
str(apcap[des_mac:dest_mac_offset]))
_source_mac = self.build.rebuild_mac(
str(apcap[_src_mac:_src_mac_offset]))
protocol_type = self.build.define_prot(
str(apcap[prot:protocol_offset]))
_source_ip = self.build.rebuild_ip(
str(apcap[_src_ip:_src_ip_offset]))
destination_ip = self.build.rebuild_ip(
str(apcap[des_ip:dest_ip_offset]))
_source_port = self.build.rebuild_port(
str(apcap[_src_port:_src_port_offset]))
destination_port = self.build.rebuild_port(
str(apcap[des_port:dest_port_offset]))
print('Protocol: ' + protocol_type)
print('')
print('\t\tSource:') # print('\tSource:')
print('Mac:\t' + _source_mac)
print('IP:\t\t' + _source_ip) # print('IP:\t' + _source_ip)
print('Port:\t' + str(_source_port))
print('')
print('\t\tDestination:') # print('\tSource:')
print('Mac:\t' + destination_mac)
print('IP:\t\t' + destination_ip
) # print('IP:\t' + destination_ip)
print('Port:\t' + str(destination_port))
print('\n------------------------------------------\n')
#+ Send Message
now = datetime.now().isoformat(' ')
message = {
'timestamp': now,
'source': 'Distiller',
'destination': 'SneakPeek',
'payload': {
'command': 'show',
'protocol_type': protocol_type,
'shost': {
'source_mac': _source_mac,
'source_ip': _source_ip,
'source_port': _source_port
},
'dhost': {
'destination_mac': destination_mac,
'destination_ip': destination_ip,
'destination_port': destination_port
}
}
}
self.messager.send_message(message)
#- Send Message
except:
pass
MSG_USAGE = "usage: python %prog [options]"
optParser = OptionParser(MSG_USAGE)
optParser.add_option("-g",
"--get",
action = "store",
type = "string",
dest = "key_get")
optParser.add_option("-s",
"--set",
action = "store",
type = "string",
dest = "key_set")
options, args = optParser.parse_args(sys.argv)
if options.key_get:
m = Messager()
m.get_info_by_key(options.key_get)
if options.key_set:
key = options.key_set
value = args[0]
m = Messager()
m.set_info(key, value)
class Main():
'''Run the game. Facilitate interaction with pet.'''
def __init__(self):
self.running = True
self.app_start_time = time.time()
self.timer = threading.Timer(1.0, self.run)
self.messager = Messager()
self.inputter = Inputter()
def begin(self):
try:
self.welcome()
self.await_command()
except KeyboardInterrupt:
self.hide_activity()
sys.exit(Fore.YELLOW + "\n Goodbye, thanks for playing!" +
Style.RESET_ALL)
def welcome(self):
self.messager.print_garbage(20)
self.messager.print_header(" Welcome to the Virtual Pet Creator!\n" +
" (Press CTRL+C to exit)")
def run(self):
if self.running:
self.timer = threading.Timer(1.0, self.run)
self.timer.start()
self.print_pet_update()
def hide_activity(self):
self.running = False
self.timer.cancel()
def show_activity(self):
self.running = True
self.run()
def await_menu(self):
if input() == '':
self.await_command()
else:
self.await_menu()
def await_command(self):
'''Accept user input.'''
self.hide_activity()
question = Back.BLACK + Fore.WHITE + '\n' + \
'Enter a letter and press [ENTER]:' + Fore.GREEN + '\n' + \
' [C]reate pet \n' + \
' [W]alk pet \n' + \
' [F]eed pet \n' + \
' [P]lay with pet \n' + \
' [D]octor visit for your pet \n' + \
' [V]iew condition \n' + \
' [ENTER] let pet do what it wants \n' + Style.RESET_ALL + \
'What will it be? '
choice = input(question)
if choice == "c":
self.pet = Pet()
self.pet.name = input('What do you want to name this pet? ')
self.messager.print_subheader("Your pet, " + self.pet.name +
" has been created!")
elif choice == "w":
self.pet.walk()
elif choice == "f":
amount = self.inputter.await_integer('How much food? ')
self.pet.eat(amount)
elif choice == "p":
self.pet.play()
elif choice == "d":
self.pet.doctor()
elif choice == "v":
self.print_pet_state()
elif choice == "": # ENTER was pressed.
self.show_activity()
self.await_menu()
return
else:
print("Please use one of the available options...")
self.await_command()
def print_pet_state(self):
self.messager.print_subheader(
'====== ' + self.pet.name + ' ======' + '\n' + \
'State: ' + str(self.pet.state) + '\n'
'Age: ' + self.printable_pet_age + '\n' + \
'Health: ' + str(self.pet.health) + '\n' + \
'Calories: ' + str(self.pet.calories) + '\n' + \
'Energy: ' + str(self.pet.energy) + '\n' + \
'Happiness: ' + str(self.pet.happiness)
)
def print_pet_update(self):
self.messager.print_random_colored(self.pet.name + " age: " +
self.printable_pet_age)
@property
def printable_pet_age(self):
seconds = self.pet.age
seconds_in_day = 86400
seconds_in_hour = 3600
seconds_in_minute = 60
days = seconds // seconds_in_day
seconds = seconds - (days * seconds_in_day)
hours = seconds // seconds_in_hour
seconds = seconds - (hours * seconds_in_hour)
minutes = seconds // seconds_in_minute
seconds = seconds - (minutes * seconds_in_minute)
return '%s days, %s hrs, %s mins, %s sec' % (days, hours, minutes,
seconds)
class Distiller:
def __init__(self, data_directory, pull_port='5555', push_port='5556'):
self.data_directory = data_directory
self.messager = Messager(pull_port=pull_port, push_port=push_port)
self.metadata_ext = '.sp'
self.build = Builder()
self.stone = Rosetta()
self.ipv4_marker = '[--> IPV4 <--]'
self.ipv6_marker = '[--> IPV6 <--]'
self.hm_len = len(self.ipv4_marker)
self.seperator = '-------------------------------'
def __on_receive_command(self, message):
print message
if message['payload']['command'] == 'parse_file_pcap':
#+ EXAMPLE MESSAGE
# message = {
# timestamp: now,
# source: "SneakPeek",
# destination: "Distiller",
# payload: {
# command: "parse_file_pcap",
# filename: file['name'],
# _modified_datetime: file['lastModified'],
# modified_datetime: file['lastModifiedDate'],
# size: file['size'],
# type: file['type']
# }
# };
#- EXAMPLE MESSAGE
payload = message['payload']
file_metadata = {
'filename': payload['filename'],
'_modified_datetime': payload['_modified_datetime'],
'modified_datetime': payload['modified_datetime'],
'size': payload['size'],
'type': payload['type']
}
file_metadata_path = os.path.join(
self.data_directory,
os.path.splitext(file_metadata['filename'])[0] +
self.metadata_ext)
if not os.path.exists(file_metadata_path):
print 'Writing metadata to file:', file_metadata_path
with open(file_metadata_path, 'w+') as outfile:
json.dump(file_metadata, outfile)
outfile.flush()
print 'Wrote metadata to file.'
filename = payload['filename']
file_path = os.path.join(self.data_directory, filename)
self.read_file(file_path, file_metadata_path)
elif message['payload']['command'] == 'request_metadata_update':
#+ Apply the update.
payload = message['payload']
filename = payload['filename']
file_path = os.path.join(self.data_directory, filename)
file_metadata_path = payload['file_metadata_path']
with open(file_metadata_path, 'r+') as metadata_file:
#+ Apply the update.
metadata = json.load(metadata_file)
for k in payload['update']:
metadata[k] = payload['update'][k]
metadata_file.seek(0)
json.dump(metadata, metadata_file)
metadata_file.flush()
metadata_file.truncate()
#- Apply the update.
#+ Notify Sneak Peek
now = datetime.now().isoformat(' ')
message = {
'timestamp': now,
'source': 'Distiller',
'destination': 'SneakPeek',
'payload': {
'command': 'display_metadata',
'filename': filename,
'file_path': file_path,
'file_metadata_path': file_metadata_path,
'metadata': metadata
}
}
self.messager.send_message(message)
#- Notify Sneak Peek
def receive_command(self):
self.messager.receive_message(self.__on_receive_command)
def read(self, _hex):
'''
This function reads and parses pcap hex strings.
'''
# get user-agent and host and date
message = {}
hex_string = _hex
recovered_text = self.stone.sifter(hex_string)
if recovered_text is not None:
print(recovered_text)
#send to json directly from sifter
else:
# converts string to true hex
pcap_string = binascii.hexlify(hex_string)
ipv4 = self._ipv4(pcap_string)
ipv6 = self._ipv6(ipv4)
filtered = ipv6
message = self._parse_ipv4(filtered)
self._parse_ipv6(filtered)
return message
def read_file(self, file_path, file_metadata_path=None):
'''
This function opens a pcap file and passes
it through the read function line by
line for parsing.
'''
filename = os.path.basename(file_path)
with open(file_path, 'rb') as _file:
for row in list(_file):
message = self.read(row)
if message != None and type(message) == dict:
message['payload']['filename'] = filename
message['payload']['file_path'] = file_path
message['payload'][
'file_metadata_path'] = file_metadata_path
self.messager.send_message(message)
if file_metadata_path != None:
#+ UPDATE Metadata
#~ Tells Sneak Peek to initiate an update to this file's metadata file.
now = datetime.now().isoformat(' ')
message = {
'timestamp': now,
'source': 'Distiller',
'destination': 'SneakPeek',
'payload': {
'command': 'request_metadata_update',
'filename': filename,
'file_path': file_path,
'file_metadata_path': file_metadata_path
}
}
self.messager.send_message(message)
#~ Tells Sneak Peek to initiate an update to this file's metadata file.
#- UPDATE Metadata
def _ipv4(self, astring):
'''
This function filters for ipv4 header tags.
'''
filter1 = re.sub('[1-9][a-f]000000[1-9][a-f]000000', self.ipv4_marker,
astring)
filter2 = re.sub('[a-f][a-f]0[1-9]0000[a-f][a-f]0[1-9]0000',
self.ipv4_marker, filter1)
return filter2
def _parse_ipv4(self, astring):
'''
This function parses ipv4 strings.
Specific slices for specific data.
'''
if self.ipv4_marker in astring:
header_frame = astring.index(self.ipv4_marker) + self.hm_len
try:
dmac = str(astring[header_frame:header_frame + 12])
smac = str(astring[header_frame + 12:header_frame + 24])
types = str(astring[header_frame + 24:header_frame + 28])
prot = str(astring[header_frame + 46:header_frame + 48])
sip = str(astring[header_frame + 52:header_frame + 60])
dip = str(astring[header_frame + 60:header_frame + 68])
sprt = str(astring[header_frame + 68:header_frame + 72])
dprt = str(astring[header_frame + 72:header_frame + 76])
except:
pass
try:
type_ = str(self.build.define_type(types))
protocol = str(self.build.define_prot(prot))
dest_mac = str(self.build._mac(dmac))
dest_ip = str(self.build._ip(dip))
dest_port = str(self.build._port(dprt))
src_mac = str(self.build._mac(smac))
src_ip = str(self.build._ip(sip))
src_port = str(self.build._port(sprt))
# quality check
qc = str(type_ + '\n' + protocol + '\n' + src_mac + '\n' +
src_ip + '\n' + src_port + '\n' + dest_mac + '\n' +
dest_ip + '\n' + dest_port + '\n' + self.seperator)
print(qc)
#+ Send Message
now = datetime.now().isoformat(' ')
message = {
'timestamp': now,
'source': 'Distiller',
'destination': 'SneakPeek',
'payload': {
'command': 'show',
'header_type': type_,
'protocol_type': protocol,
'shost': {
'source_mac': src_mac,
'source_ip': src_ip,
'source_port': src_port
},
'dhost': {
'destination_mac': dest_mac,
'destination_ip': dest_ip,
'destination_port': dest_port
}
}
}
return message
#- Send Message
except:
pass
else:
pass
def _ipv6(self, astring):
'''
This function filters for ipv6 header tags.
'''
filter3 = re.sub('0[1-9]00[1-9]0000000[1-9]0000000', self.ipv6_marker,
astring)
filter4 = re.sub('00[1-9][1-9]000000[1-9][1-9]000000',
self.ipv6_marker, filter3)
filter5 = re.sub('00[1-9][a-f]0[1-9]0000[1-9][a-f]0[1-9]0000',
self.ipv6_marker, filter4)
filter6 = re.sub('00[a-f][1-9]000000[a-f][1-9]000000',
self.ipv6_marker, filter5)
filter7 = re.sub('010000[a-f][1-9]010000', self.ipv6_marker, filter6)
return filter7
def _parse_ipv6(self, astring):
'''
This function parses ipv6 strings.
Specific slices for specific data.
'''
if self.ipv6_marker in astring:
header_frame = astring.index(self.ipv6_marker) + self.hm_len
try:
dmac = str(astring[header_frame:header_frame + 12])
smac = str(astring[header_frame + 12:header_frame + 24])
types = str(astring[header_frame + 24:header_frame + 28])
prot = str(astring[header_frame + 40:header_frame + 42])
sip = str(astring[header_frame + 44:header_frame + 77])
dip = str(astring[header_frame + 76:header_frame + 109])
sprt = str(astring[header_frame + 108:header_frame + 112])
dprt = str(astring[header_frame + 112:header_frame + 116])
except:
pass
try:
type_ = str(self.build.define_type(types))
protocol = str(self.build.define_prot(prot))
dest_mac = str(self.build._mac(dmac))
dest_ip = str(self.build._ipv6_ip(dip))
dest_port = str(self.build._port(dprt))
src_mac = str(self.build._mac(smac))
src_ip = str(self.build._ipv6_ip(sip))
src_port = str(self.build._port(sprt))
# quality check
qc = str(type_ + '\n' + protocol + '\n' + src_mac + '\n' +
src_ip + '\n' + src_port + '\n' + dest_mac + '\n' +
dest_ip + '\n' + dest_port + '\n' + self.seperator)
print(qc)
#+ Send Message
now = datetime.now().isoformat(' ')
message = {
'timestamp': now,
'source': 'Distiller',
'destination': 'SneakPeek',
'payload': {
'command': 'show',
'header_type': type_,
'protocol_type': protocol,
'shost': {
'source_mac': src_mac,
'source_ip': src_ip,
'source_port': src_port
},
'dhost': {
'destination_mac': dest_mac,
'destination_ip': dest_ip,
'destination_port': dest_port
}
}
}
# self.messager.send_message(message);
#- Send Message
return message
except:
pass
else:
pass
