def add_payload(self, payload):
if self.underlayer and isinstance(self.underlayer, TCP):
if isinstance(payload, (SOCKS5Request, SOCKS4Request)):
self.underlayer.dport = 1080
elif isinstance(payload, (SOCKS5Reply, SOCKS4Reply)):
self.underlayer.sport = 1080
Packet.add_payload(self, payload)
def __init__(self, *args, **fields):
try:
self.tls_ctx = fields["ctx"]
del(fields["ctx"])
except KeyError:
self.tls_ctx = None
Packet.__init__(self, *args, **fields)
def __process_packets(self, packets, out_writer, drop_writer, validation_file):
"""
:type packets: list[Packet]
:return A tuple with the number of packets anonymized and the number of packets dropped
:rtype (int, int)
"""
for index, packet in enumerate(packets):
if index and (index % 10000) == 0:
self.app.log.info("pcap:{}: Process packet id = '{}'".format(self.file, index))
packet_id = index + 1 # packet id start with 1
# packet_backup = Packet(str(packet))
packet_backup = packet.original
packet_backup_time = packet.time
try:
try:
if self.app.phase is Phase.phase_1:
self.app.packet.discover(packet)
elif self.app.phase is Phase.phase_3:
self.app.packet.anonymize(packet)
elif self.app.phase is Phase.phase_4:
validation = self.app.packet.validate(packet)
if validation is not None:
validation_file.write("\n\nPacket id {}:\n ".format(packet_id))
validation = validation.replace('\n', '\n ') # Indent
validation_file.write(validation)
except Exception as e:
if isinstance(e, ExplicitDropException):
self.app.log.debug("file:pcap:{}: Packet explicitly dropped: id = '{}', {}, {}".format(
self.file, packet_id, e.message, repr(packet.summary())))
elif isinstance(e, ImplicitDropException):
self.app.log.warning("file:pcap:{}: Packet implicitly dropped: id = '{}', {}, {}".format(
self.file, packet_id, e.message, repr(packet.summary())))
elif isinstance(e, ErrorDropException):
self.app.log.error("file:pcap:{}: Error packet dropped: id = '{}', {}, {}".format(
self.file, packet_id, e.message, repr(packet.summary())))
else:
self.app.log.critical("file:pcap:{}: Unexpected error packet dropped: id = '{}', {}, {}".format(
self.file, packet_id, e.message, repr(packet.summary())))
if self.app.phase is Phase.phase_3:
packet_backup = Packet(packet_backup)
packet_backup.time = packet_backup_time
drop_writer.write(packet_backup)
else:
if self.app.phase is Phase.phase_3:
out_writer.write(packet)
except Exception as e:
self.app.log.critical(
"sirano:file:pcap:{}: Unexpected error: id = '{}', exception = '{}', message = '{}', {}".format(
self.file, packet_id, type(e), e.message, repr(packet.summary())))
def __init__(self, *args, **fields):
try:
self.tls_ctx = fields["ctx"]
del(fields["ctx"])
self.above_tls10 = self.tls_ctx.params.negotiated.version > TLSVersion.TLS_1_0
if self.explicit_iv_field not in self.fields_desc and self.above_tls10:
self.fields_desc.append(self.explicit_iv_field)
for field in self.decryptable_fields:
if field not in self.fields_desc:
self.fields_desc.append(field)
except KeyError:
self.tls_ctx = None
Packet.__init__(self, *args, **fields)
def guess_payload_class(self, payload):
try:
dlpdu_type = payload[0]
return EtherCat.ETHERCAT_TYPE12_DLPDU_TYPES[dlpdu_type]
except KeyError:
log_runtime.error(
'{}.guess_payload_class() - unknown or invalid '
'DLPDU type'.format(self.__class__.__name__))
return Packet.guess_payload_class(self, payload)
return Packet.guess_payload_class(self, payload)
def do_build(self):
if not isinstance(self.payload, IPv6):
return Packet.do_build(self)
ipv6 = self.payload
self._reserved = 0x03
# NEW COMPRESSION TECHNIQUE!
# a ) Compression Techniques
# 1. Set Traffic Class
if self.tf == 0x0:
self.tc_ecn = ipv6.tc >> 6
self.tc_dscp = ipv6.tc & 0x3F
self.flowlabel = ipv6.fl
elif self.tf == 0x1:
self.tc_ecn = ipv6.tc >> 6
self.flowlabel = ipv6.fl
elif self.tf == 0x2:
self.tc_ecn = ipv6.tc >> 6
self.tc_dscp = ipv6.tc & 0x3F
else: # self.tf == 0x3:
pass # no field is set
# 2. Next Header
if self.nh == 0x0:
self.nh = 0 # ipv6.nh
elif self.nh == 0x1:
self.nh = 0 # disable compression
# The Next Header field is compressed and the next header is encoded using LOWPAN_NHC, which is discussed in Section 4.1. # noqa: E501
warning('Next header compression is not implemented yet ! Will be ignored') # noqa: E501
# 3. HLim
if self.hlim == 0x0:
self._hopLimit = ipv6.hlim
else: # if hlim is 1, 2 or 3, there are nothing to do!
pass
# 4. Context (which context to use...)
if self.cid == 0x0:
pass
else:
# TODO: Context Unimplemented yet in my class
self._contextIdentifierExtension = 0
# 5. Compress Source Addr
self.compressSourceAddr(ipv6)
self.compressDestinyAddr(ipv6)
return Packet.do_build(self)
def post_build(self, p, pay):
# patch the update of block_length, as requests field must not be
# included. block_length is always 60
if self.block_length is None:
p = p[:2] + struct.pack("!H", 60) + p[4:]
return Packet.post_build(self, p, pay)
def guess_payload_class(self, payload):
if self.type == 0x02 and (0x08 <= self.subtype <= 0xF and self.subtype != 0xD): # noqa: E501
return Dot11QoS
elif self.FCfield & 0x40:
return Dot11WEP
else:
return Packet.guess_payload_class(self, payload)
def post_build(self, p, pay):
# update the block_length if needed
if self.block_length is None:
# block_length and block_type are not part of the length count
length = len(p) - 4
p = p[:2] + struct.pack("!H", length) + p[4:]
return Packet.post_build(self, p, pay)
def build(self):
# update fields that depend on values in SCSI layer
if SCSICmd in self:
scsicmd = self[SCSICmd].payload
if scsicmd.default_fields.has_key("AllocationLength"):
self.overloaded_fields.update({"ExpectedDataSize": scsicmd.AllocationLength})
if scsicmd.default_fields.has_key("TransferLength"):
self.overloaded_fields.update({"ExpectedDataSize": scsicmd.TransferLength * self.BLOCK_SIZE})
return Packet.build(self)
def do_dissect(self,s):
"""
この関数はパケットの解析の中核を担います。オーバーライドしなければ
fields_descに沿った解析がいい感じに自動でなされます。
@param s str pre_dieectからたらい回されたバイト列。
@return s str post_dissectにたらい回すバイト列全文
"""
return Packet.do_dissect(self,s)
def guess_payload_class(self, payload):
if self.flags & 0x02:
return ZigbeeSecurityHeader
elif self.frametype == 0:
return ZigbeeAppDataPayload
elif self.frametype == 1:
return ZigbeeNWKCommandPayload
else:
return Packet.guess_payload_class(self, payload)
def self_build(self, field_post_list=[]):
"""
デフォルトで、パケットを構成するfields_descの各フィールドを順にi2mしていく。
その後、fuzzing用のtransform系関数が呼ばれ、晴れて一つのpktになる。
@param field_post_list list 知らん
@return pkt str 各フィールドをi2mした後のパケットのバイナリ文字列
"""
return Packet.self_build(self,field_post_list)
def guess_payload_class(self, payload):
if self.flags & 0x02:
return ZigbeeSecurityHeader
elif self.frametype == 0:
return ZigbeeAppDataPayload
elif self.frametype == 1:
return ZigbeeNWKCommandPayload
else:
return Packet.guess_payload_class(self, payload)
def guess_payload_class(self, payload):
try:
dlpdu_type = payload[0]
return EtherCat.ETHERCAT_TYPE12_DLPDU_TYPES[dlpdu_type]
except KeyError:
log_runtime.error(
'{}.guess_payload_class() - unknown or invalid '
'DLPDU type'.format(self.__class__.__name__))
return Packet.guess_payload_class(self, payload)
def guess_payload_class(self, payload):
if self.frame_control & 0x02: # we have a security header
return ZigbeeSecurityHeader
elif self.aps_frametype == 0: # data
return ZigbeeClusterLibrary # TODO might also be another frame
elif self.aps_frametype == 1: # command
return ZigbeeAppCommandPayload
else:
return Packet.guess_payload_class(self, payload)
def __init__(self,
pkt=b"",
mtype=None,
method=None,
seqid=None,
args=None,
header=None):
Packet.__init__(self, pkt)
self.setfieldval('type', mtype)
self.setfieldval('method', method)
self.setfieldval('seqid', seqid)
self.setfieldval('header', header)
self.setfieldval('args', args)
self.setfieldval('load', pkt)
if args and not isinstance(args, ThriftStruct):
raise ValueError('args must be a ThriftStruct instance')
if header and not isinstance(header, ThriftStruct):
raise ValueError('header must be a ThriftStruct instance')
def guess_payload_class(self, payload):
if len(payload) < self._min_ieo_len:
return Packet.guess_payload_class(self, payload)
# Look at fields of the generic ICMPExtensionObject to determine which
# bound extension type to use.
ieo = ICMPExtensionObject(payload)
if ieo.len < self._min_ieo_len:
return Packet.guess_payload_class(self, payload)
for fval, cls in self.payload_guess:
ok = 1
for k, v in six.iteritems(fval):
if not hasattr(ieo, k) or v != ieo.getfieldval(k):
ok = 0
break
if ok:
return cls
return ICMPExtensionObject
def __init__(self, _pkt="", post_transform=None, _internal=0,
_underlayer=None, tls_session=None, **fields):
try:
setme = self.tls_session is None
except:
setme = True
if setme:
if tls_session is None:
self.tls_session = tlsSession()
else:
self.tls_session = tls_session
self.rcs_snap_init = self.tls_session.rcs.snapshot()
self.wcs_snap_init = self.tls_session.wcs.snapshot()
Packet.__init__(self, _pkt=_pkt, post_transform=post_transform,
_internal=_internal, _underlayer=_underlayer,
**fields)
def getlayer(self, cls, nb=1, _track=None):
layer = None
if cls == EAP:
for eap_class in EAP.registered_methods.values():
if isinstance(self, eap_class):
layer = self
break
else:
layer = Packet.getlayer(self, cls, nb, _track)
return layer
def __init__(self, *args, **kwargs):
self.src = None
self.dst = None
self.exsrc = None
self.exdst = None
if "src" in kwargs:
self.src = kwargs["src"]
del kwargs["src"]
if "dst" in kwargs:
self.dst = kwargs["dst"]
del kwargs["dst"]
if "exsrc" in kwargs:
self.exsrc = kwargs["exsrc"]
del kwargs["exsrc"]
if "exdst" in kwargs:
self.exdst = kwargs["exdst"]
del kwargs["exdst"]
Packet.__init__(self, *args, **kwargs)
self.validate_fields()
def getlayer(self, cls, nb=1, _track=None):
layer = None
if cls == RadiusAttribute:
for attr_class in RadiusAttribute.registered_attributes.values():
if isinstance(self, attr_class):
layer = self
break
else:
layer = Packet.getlayer(self, cls, nb, _track)
return layer
def guess_payload_class(self, payload):
if len(payload) < self._min_ieo_len:
return Packet.guess_payload_class(self, payload)
# Look at fields of the generic ICMPExtensionObject to determine which
# bound extension type to use.
ieo = ICMPExtensionObject(payload)
if ieo.len < self._min_ieo_len:
return Packet.guess_payload_class(self, payload)
for fval, cls in self.payload_guess:
ok = 1
for k, v in fval.iteritems():
if not hasattr(ieo, k) or v != ieo.getfieldval(k):
ok = 0
break
if ok:
return cls
return ICMPExtensionObject
def guess_payload_class(self, payload):
start_line = payload.splitlines(True)[0]
if self.re_request_line.match(start_line) is not None:
return SIPRequest
elif self.re_status_line.match(start_line) is not None:
return SIPResponse
return Packet.guess_payload_class(self, payload)
def guess_payload_class(self, payload):
if self.type == 0x02 and (0x08 <= self.subtype <= 0xF and self.subtype != 0xD): # noqa: E501
return Dot11QoS
elif self.FCfield.protected:
# When a frame is handled by encryption, the Protected Frame bit
# (previously called WEP bit) is set to 1, and the Frame Body
# begins with the appropriate cryptographic header.
return Dot11Encrypted
else:
return Packet.guess_payload_class(self, payload)
def getlayer(self, cls, nb=1, _track=None):
layer = None
if cls == EAP:
for eap_class in EAP.registered_methods.values():
if isinstance(self, eap_class):
layer = self
break
else:
layer = Packet.getlayer(self, cls, nb, _track)
return layer
def pre_dissect(self, s):
if self.firstlayer().name == TLSRecord.name:
# Go get the underlaying records context
# Will allow us to differentiate Ephemeral RSA (Freak)
# From DHE (Logjam) and ECDHE
try:
self.tls_ctx = self.firstlayer().tls_ctx
except AttributeError:
self.tls_ctx = None
return Packet.pre_dissect(self, s)
def __init__(self, _pkt="", post_transform=None, _internal=0,
_underlayer=None, tls_session=None, **fields):
try:
setme = self.tls_session is None
except:
setme = True
if setme:
if tls_session is None:
self.tls_session = tlsSession()
else:
self.tls_session = tls_session
self.rcs_snap_init = self.tls_session.rcs.snapshot()
self.wcs_snap_init = self.tls_session.wcs.snapshot()
Packet.__init__(self, _pkt=_pkt, post_transform=post_transform,
_internal=_internal, _underlayer=_underlayer,
**fields)
def post_dissect(self,s):
"""
この関数はパケットの解析の後始末を担います。オーバーライドしなければ何もしません。
この関数ではデータ解析後の完全性のチェックや内包圧縮データの展開を行います。
@param s str do_dieectからたらい回されたバイト列。
@return s str extract_paddingにたらい回すバイト列全文
"""
return Packet.post_dissect(self,s)
def pre_dissect(self, s):
if self.firstlayer().name == TLSRecord.name:
# Go get the underlaying records context
# Will allow us to differentiate Ephemeral RSA (Freak)
# From DHE (Logjam) and ECDHE
try:
self.tls_ctx = self.firstlayer().tls_ctx
except AttributeError:
self.tls_ctx = None
return Packet.pre_dissect(self, s)
def pre_dissect(self, s):
"""
この関数はパケットの解析の準備を担います。オーバーライドしなければ何もしません。
この関数ではFCSのチェックとか、パケットの長さのチェック、
その他、パケットの解析の前にすべきことを行います。
@param s str 受信したバイト列全文。
@return s str do_dissectにたらい回すバイト列全文
"""
return Packet.pre_dissect(self,s)
def guess_payload_class(self, payload):
if self.fcf_frametype == 0x00:
return Dot15d4Beacon
elif self.fcf_frametype == 0x01:
return Dot15d4Data
elif self.fcf_frametype == 0x02:
return Dot15d4Ack
elif self.fcf_frametype == 0x03:
return Dot15d4Cmd
else:
return Packet.guess_payload_class(self, payload)
def store_ip(self, pkt: Packet):
if pkt.haslayer(IP):
src, dst = pkt[IP].src, pkt[IP].dst
elif pkt.haslayer(IPv6):
src, dst = pkt[IPv6].src, pkt[IPv6].dst
else:
return
if not ipaddress.ip_address(src).is_global:
return
self.sniffed += 1
self.total_bytes += len(pkt.__bytes__())
if src not in self.seen_sources:
self.seen_sources[src] = (1, len(pkt.__bytes__()))
logging.info(f'Sniffed source: {src} -> {dst}')
else:
count, byte_count = self.seen_sources[src]
self.seen_sources[src] = count + 1, byte_count + len(
pkt.__bytes__())
def cb(i,payload):
data = payload.get_data()
# Add padding before packet
# src mac + dst mac + 0x0800 (type: IP)
pad = "\0" * 12 + "\x08\0" + data
pkt = Packet(_pkt=pad)
writer.write(pkt)
return 1
def guess_payload_class(self, payload):
if self.fcf_frametype == 0x00:
return Dot15d4Beacon
elif self.fcf_frametype == 0x01:
return Dot15d4Data
elif self.fcf_frametype == 0x02:
return Dot15d4Ack
elif self.fcf_frametype == 0x03:
return Dot15d4Cmd
else:
return Packet.guess_payload_class(self, payload)
def do_build(self):
if not isinstance(self.payload, IPv6):
return Packet.do_build(self)
pay = self.payload.payload
while pay and isinstance(pay.payload, _IPv6ExtHdr):
# XXX todo: populate a LoWPAN_NHC_IPv6Ext
pay = pay.payload
if isinstance(pay, UDP):
try:
udp_hdr = next(
x for x in self.exts if isinstance(x, LoWPAN_NHC_UDP)
)
except StopIteration:
udp_hdr = LoWPAN_NHC_UDP()
# Guess best compression
if pay.sport >> 4 == 0xf0b and pay.dport >> 4 == 0xf0b:
udp_hdr.P = 3
elif pay.sport >> 8 == 0xf0:
udp_hdr.P = 2
elif pay.dport >> 8 == 0xf0:
udp_hdr.P = 1
self.exts.insert(0, udp_hdr)
# https://tools.ietf.org/html/rfc6282#section-4.3.3
if udp_hdr.P == 0:
udp_hdr.udpSourcePort = pay.sport
udp_hdr.udpDestPort = pay.dport
elif udp_hdr.P == 1:
udp_hdr.udpSourcePort = pay.sport
udp_hdr.udpDestPort = pay.dport & 255
elif udp_hdr.P == 2:
udp_hdr.udpSourcePort = pay.sport & 255
udp_hdr.udpDestPort = pay.dport
elif udp_hdr.P == 3:
udp_hdr.udpSourcePort = pay.sport & 15
udp_hdr.udpDestPort = pay.dport & 15
if udp_hdr.C == 0:
if pay.chksum:
udp_hdr.udpChecksum = pay.chksum
else:
udp_hdr.udpChecksum = UDP(raw(pay)).chksum
return Packet.do_build(self)
def check_pck(self, packet: Packet) -> bool:
if not packet:
return False
if not packet.haslayer(NTP):
return False
if (packet[IP].src != self.client_addr) and (packet[IP].src !=
self.server_addr):
self.log.debug('The source IP addr was: ' + str(packet[IP].src))
return False
return True
def post_build(self, pkt, pay):
"""Override of post_build to handle length fields"""
if self.aflavor == 0 and self.vflavor == 0:
# No work required if there are no auth fields,
# default will be correct
return Packet.post_build(self, pkt, pay)
if self.aflavor != 0 and self.alength is None:
if self.aflavor == 6:
pack_len = len(self.a_rpcsec_gss)
else:
pack_len = len(self.a_unix)
pkt = pkt[:20] \
+ struct.pack('!I', pack_len) \
+ pkt[24:]
return Packet.post_build(self, pkt, pay)
if self.vflavor != 0 and self.vlength is None:
pkt = pkt[:28] \
+ struct.pack('!I', len(self.v_unix)) \
+ pkt[32:]
return Packet.post_build(self, pkt, pay)
def do_build(self):
if not isinstance(self.payload, IPv6):
return Packet.do_build(self)
# IPv6
ipv6 = self.payload
self.src = ipv6.src
self.dst = ipv6.dst
self.flow_label = ipv6.fl
self.traffic_class = ipv6.tc
self.hopLimit = ipv6.hlim
if isinstance(ipv6.payload, UDP):
self.nh = 1
self.hc2 = 1
udp = ipv6.payload
self.udpSourcePort = udp.sport
self.udpDestPort = udp.dport
if not udp.len or not udp.chksum:
udp = UDP(raw(udp))
self.udpLength = udp.len
self.udpChecksum = udp.chksum
return Packet.do_build(self)
def default_payload_class(self,pay):
"""
guess_payload_classでペイロードのプロトコルが推測できない場合に呼び出されます。
ただし、同関数をあなたがオーバーライドしていた場合、関数の中でこの関数を
処理の最後にreturnとして明示的に呼び出す必要があります。
本来Rawクラスがデフォルトのプロトコルですが、この関数をオーバーロードすることで
異なるデフォルトのプロトコルを指定できます。あまり使いません。
@param pay str extract_paddingで渡されたペイロード。
@return pktClass class 推測判定したペイロードプロトコルクラス。Packetクラスを継承していること。
"""
return Packet.default_payload_class(self,pay)
def extract_padding(self,s):
"""
この関数ではパケット解析の後発生した
ペイロード(next layer)とパディング(Padding)を2つに分断します。
パディングが無ければpay,Noneをreturnすること。
@param s str pre_dissectで返されたバイト列。(分割前のデータ)
@return pay str ペイロード部。guess_payload_classに渡される
@return pad str パディング部。Paddingクラスに渡される
"""
return Packet.extract_padding(self,s)# return pay,pad
def guess_payload_class(self, payload):
if self.frame_control & 0x02: # we have a security header
return ZigbeeSecurityHeader
elif self.aps_frametype == 0: # data
if self.profile == 0x0000:
return ZigbeeDeviceProfile
else:
return ZigbeeClusterLibrary
elif self.aps_frametype == 1: # command
return ZigbeeAppCommandPayload
else:
return Packet.guess_payload_class(self, payload)
def guess_payload_class(self, payload):
if self.cmd_id == 1:
return Dot15d4CmdAssocReq
elif self.cmd_id == 2:
return Dot15d4CmdAssocResp
elif self.cmd_id == 3:
return Dot15d4CmdDisassociation
elif self.cmd_id == 8:
return Dot15d4CmdCoordRealign
elif self.cmd_id == 9:
return Dot15d4CmdGTSReq
else:
return Packet.guess_payload_class(self, payload)
def guess_payload_class(self, payload):
# Profile-wide commands
if self.zcl_frametype == 0x00 and self.command_identifier == 0x00:
# done in bind_layers
pass
# Cluster-specific commands
elif self.zcl_frametype == 0x01 and self.command_identifier == 0x00 and self.direction == 0 and self.underlayer.cluster == 0x0700: # "price" # noqa: E501
return ZCLPriceGetCurrentPrice
elif self.zcl_frametype == 0x01 and self.command_identifier == 0x01 and self.direction == 0 and self.underlayer.cluster == 0x0700: # "price" # noqa: E501
return ZCLPriceGetScheduledPrices
elif self.zcl_frametype == 0x01 and self.command_identifier == 0x00 and self.direction == 1 and self.underlayer.cluster == 0x0700: # "price" # noqa: E501
return ZCLPricePublishPrice
return Packet.guess_payload_class(self, payload)
def build(self):
# update fields that depend on values in SCSI layer
if SCSICmd in self:
scsicmd = self[SCSICmd].payload
if scsicmd.default_fields.has_key("AllocationLength"):
self.overloaded_fields.update(
{"ExpectedDataSize": scsicmd.AllocationLength})
if scsicmd.default_fields.has_key("TransferLength"):
self.overloaded_fields.update({
"ExpectedDataSize":
scsicmd.TransferLength * self.BLOCK_SIZE
})
return Packet.build(self)
def guess_payload_class(self, payload):
if self.cmd_id == 1:
return Dot15d4CmdAssocReq
elif self.cmd_id == 2:
return Dot15d4CmdAssocResp
elif self.cmd_id == 3:
return Dot15d4CmdDisassociation
elif self.cmd_id == 8:
return Dot15d4CmdCoordRealign
elif self.cmd_id == 9:
return Dot15d4CmdGTSReq
else:
return Packet.guess_payload_class(self, payload)
def run_hook():
"""Test hook class."""
test_hook = hook.TestHook("dummy", "description", True)
# Check that there is a hook to be ran
curr_dir = os.path.dirname(os.path.abspath(__file__)) # Whitebox
curr_file = os.path.dirname(curr_dir) # Tests
curr_file = os.path.dirname(curr_file) # ntps
sample_hook_path = "{}{}".format(curr_file, "/Hooks/DNSsport.py")
assert check_file_exists(sample_hook_path) is True
orig_pkt = 'E\x00\x00\x14\x00\x01\x00\x00@\x00|\xe7\x7f\x00\x00\x01\x7f\x00\x00\x01'
pkt = load_packet(orig_pkt)
print("Original packet: {}".format(pkt))
output = test_hook.run(sample_hook_path, pkt)
print("Raw output: {}".format(output))
print()
# print("decoded output 1: {}".format(output.decode("utf-8").strip()))
# print()
# Translate
no_escapes = output.decode('unicode_escape').strip()
# pkt_decoded = pkt_decoded.translate()
# no_escapes = no_escapes[3:]
# no_escapes = no_escapes[:-1]
print("decoded output 1.5: {}".format(no_escapes))
assert orig_pkt == orig_pkt
assert orig_pkt == str(no_escapes)
# pkt_decoded = output.decode("utf-8").strip()
# pkt_decoded = str(pkt_decoded)
# pkt_decoded = pkt_decoded.decode("utf-8")
# pkt_decoded = pkt_decoded[3:]
# pkt_decoded = pkt_decoded[:-1]
# print("decoded output 2: {}".format(pkt_decoded))
# print()
# pkt_decoded = Packet(pkt_decoded)
# print("Retreived packet: {}".format(str(pkt_decoded.payload)))
print(type(no_escapes))
no_escapes = Packet(no_escapes)
print("Retreived packet: {}".format(str(no_escapes.payload)))
assert output is not None
assert True is False
"""Ignore the following as it is to remember to never give up."""
def guess_payload_class(self, payload):
# General Cluster ID Range 0x0000 - 0x00FF
if self.command_identifier == 0x00 and 0x0000 <= self.cluster <= 0x00FF:
return ZCLGeneralReadAttributes
elif self.command_identifier == 0x01 and 0x0000 <= self.cluster <= 0x00FF:
return ZCLGeneralReadAttributesResponse
elif self.command_identifier == 0x00 and self.direction == 0 and self.cluster == "price":
return ZCLPriceGetCurrentPrice
elif self.command_identifier == 0x01 and self.direction == 0 and self.cluster == "price":
return ZCLPriceGetScheduledPrices
elif self.command_identifier == 0x00 and self.direction == 1 and self.cluster == "price":
return ZCLPricePublishPrice
else:
return Packet.guess_payload_class(self, payload)
def guess_payload_class(self, payload):
# General Cluster ID Range 0x0000 - 0x00FF
if self.command_identifier == 0x00 and 0x0000 <= self.cluster <= 0x00FF:
return ZCLGeneralReadAttributes
elif self.command_identifier == 0x01 and 0x0000 <= self.cluster <= 0x00FF:
return ZCLGeneralReadAttributesResponse
elif self.command_identifier == 0x00 and self.direction == 0 and self.cluster == "price":
return ZCLPriceGetCurrentPrice
elif self.command_identifier == 0x01 and self.direction == 0 and self.cluster == "price":
return ZCLPriceGetScheduledPrices
elif self.command_identifier == 0x00 and self.direction == 1 and self.cluster == "price":
return ZCLPricePublishPrice
else:
return Packet.guess_payload_class(self, payload)
def guess_payload_class(self, payload):
# Profile-wide commands
if self.zcl_frametype == 0x00 and self.command_identifier == 0x00:
return ZCLGeneralReadAttributes
elif self.zcl_frametype == 0x00 and self.command_identifier == 0x01:
return ZCLGeneralReadAttributesResponse
# Cluster-specific commands
elif self.zcl_frametype == 0x01 and self.command_identifier == 0x00 and self.direction == 0 and self.underlayer.cluster == 0x0700: # "price" # noqa: E501
return ZCLPriceGetCurrentPrice
elif self.zcl_frametype == 0x01 and self.command_identifier == 0x01 and self.direction == 0 and self.underlayer.cluster == 0x0700: # "price" # noqa: E501
return ZCLPriceGetScheduledPrices
elif self.zcl_frametype == 0x01 and self.command_identifier == 0x00 and self.direction == 1 and self.underlayer.cluster == 0x0700: # "price" # noqa: E501
return ZCLPricePublishPrice
else:
return Packet.guess_payload_class(self, payload)
def guess_payload_class(self, payload):
""" Decides if the payload is an HTTP Request or Response, or
something else """
try:
prog = re.compile(r"^(?:OPTIONS|GET|HEAD|POST|PUT|DELETE|TRACE|CONNECT) " r"(?:.+?) " r"HTTP/\d\.\d$")
req = payload[: payload.index("\r\n")]
result = prog.match(req)
if result:
return HTTPRequest
else:
prog = re.compile(r"^HTTP/\d\.\d \d\d\d .*$")
result = prog.match(req)
if result:
return HTTPResponse
except:
pass
return Packet.guess_payload_class(self, payload)
def post_build(self, p, pay):
# patch the update of block_length, as requests field must not be
# included. block_length is always 60
if self.block_length is None:
p = p[:2] + struct.pack("!H", 60) + p[4:]
# Remove the final padding added in requests
fld, val = self.getfield_and_val("blocks")
if fld.i2count(self, val) > 0:
length = len(val[-1])
pad = fld.field.padlen(length)
if pad > 0:
p = p[:-pad]
# also reduce the recordDataLength accordingly
if self.recordDataLength is None:
val = struct.unpack("!I", p[36:40])[0]
val -= pad
p = p[:36] + struct.pack("!I", val) + p[40:]
return Packet.post_build(self, p, pay)
def extract_padding(self, s):
if not hasattr(self, 'length'):
return Packet.extract_padding(self, s)
pay = s[:self.length]
pad = s[self.length:]
return pay, pad
def guess_payload_class(self, payload):
if self.frametype == 0b11:
return ZigbeeAppDataPayloadStub
else:
return Packet.guess_payload_class(self, payload)
def guess_payload_class(self, payload):
if self.flags > 31:
return TLSv1RecordLayer
else:
return Packet.guess_payload_class(self, payload)
def __init__(self, _pkt=None, _orig_s=None, _orig_p=None, *args, **kwargs):
self._orig_s = _orig_s
self._orig_p = _orig_p
Packet.__init__(self, _pkt=_pkt, *args, **kwargs)
def guess_payload_class(self, payload):
if self.options[:len(dhcpmagic)] == dhcpmagic:
return DHCP
else:
return Packet.guess_payload_class(self, payload)
def guess_payload_class(self, payload):
return conf.l2types.get(self.dlt, Packet.guess_payload_class(self, payload)) # noqa: E501
