def dict_from_object(cls, defined_object):
"""Parse and return a dictionary for a Network Connection Object object"""
defined_object_dict = {}
if defined_object.get_tls_used() is not None:
defined_object_dict["tls_used"] = {"value": defined_object.get_tls_used()}
if defined_object.get_Layer3_Protocol() is not None:
defined_object_dict["layer3_protocol"] = Base_Object_Attribute.dict_from_object(
defined_object.get_Layer3_Protocol()
)
if defined_object.get_Layer4_Protocol() is not None:
defined_object_dict["layer4_protocol"] = Base_Object_Attribute.dict_from_object(
defined_object.get_Layer4_Protocol()
)
if defined_object.get_Layer7_Protocol() is not None:
defined_object_dict["layer7_protocol"] = Base_Object_Attribute.dict_from_object(
defined_object.get_Layer7_Protocol()
)
if defined_object.get_Local_IP_Address() is not None:
defined_object_dict["local_ip_address"] = Address.dict_from_object(defined_object.get_Local_IP_Address())
if defined_object.get_Local_Port() is not None:
defined_object_dict["local_port"] = Port.dict_from_object(defined_object.get_Local_Port())
if defined_object.get_Remote_IP_Address() is not None:
defined_object_dict["remote_ip_address"] = Address.dict_from_object(defined_object.get_Remote_IP_Address())
if defined_object.get_Remote_Port() is not None:
defined_object_dict["remote_port"] = Port.dict_from_object(defined_object.get_Remote_Port())
if defined_object.get_Layer7_Connections() is not None:
layer7_conn = defined_object.get_Layer7_Connections()
layer7_conn_dict = {}
if layer7_conn.get_HTTP_Session() is not None:
layer7_conn_dict["http_session"] = HTTP_Session.dict_from_object(layer7_conn.get_HTTP_Session())
defined_object_dict["layer7_connections"] = layer7_conn_dict
return defined_object_dict
def test_roundtrip2(self):
addr_dict = {'address_value': "1.2.3.4",
'category': Address.CAT_IPV4,
'is_destination': True,
'is_source': False}
addr_obj = Address.object_from_dict(addr_dict)
addr_dict2 = Address.dict_from_object(addr_obj)
self.assertEqual(addr_dict, addr_dict2)
def dict_from_object(cls, socket_obj):
"""Parse and return a dictionary for a Socket Object object"""
socket_dict = {}
if socket_obj.get_is_blocking() is not None: socket_dict['is_blocking'] = {'value' : socket_obj.get_is_blocking()}
if socket_obj.get_is_listening() is not None: socket_dict['is_listening'] = {'value' : socket_obj.get_is_listening()}
if socket_obj.get_Address_Family() is not None: socket_dict['address_family'] = Base_Object_Attribute.dict_from_object(socket_obj.get_Address_Family())
if socket_obj.get_Domain() is not None: socket_dict['domain'] = Base_Object_Attribute.dict_from_object(socket_obj.get_Domain())
if socket_obj.get_Local_Address() is not None:
local_address_dict = {}
if socket_obj.get_Local_Address().get_IP_Address() is not None:
local_address_dict['ip_address'] = Address.dict_from_object(socket_obj.get_Local_Address().get_IP_Address())
if socket_obj.get_Local_Address().get_Port() is not None:
local_address_dict['port'] = Port.dict_from_object(socket_obj.get_Local_Address().get_Port())
if socket_obj.get_Options() is not None: socket_dict['options'] = cls.__socket_options_dict_from_object(socket_obj.get_Options())
if socket_obj.get_Protocol() is not None: Base_Object_Attribute.dict_from_object(socket_obj.get_Protocol())
if socket_obj.get_Remote_Address() is not None:
remote_address_dict = {}
if socket_obj.get_Remote_Address().get_IP_Address() is not None:
remote_address_dict['ip_address'] = Address.dict_from_object(socket_obj.get_Local_Address().get_IP_Address())
if socket_obj.get_Remote_Address().get_Port() is not None:
remote_address_dict['port'] = Port.dict_from_object(socket_obj.get_Local_Address().get_Port())
if socket_obj.get_Type() is not None: Base_Object_Attribute.dict_from_object(socket_obj.get_Type())
return socket_dict
def dict_from_object(cls, process_obj):
process_dict = {}
if process_obj.get_is_hidden() is not None: process_dict['is_hidden'] = {'value' : process_obj.get_is_hidden()}
if process_obj.get_PID() is not None: process_dict['pid'] = Base_Object_Attribute.dict_from_object(process_obj.get_PID())
if process_obj.get_Creation_Time() is not None: process_dict['creation_time'] = Base_Object_Attribute.dict_from_object(process_obj.get_Creation_Time())
if process_obj.get_Parent_PID() is not None: process_dict['parent_pid'] = Base_Object_Attribute.dict_from_object(process_obj.get_Parent_PID())
if process_obj.get_Child_PID_List() is not None:
child_pid_list = []
for child_pid in process_obj.get_Child_PID_List().get_Child_PID():
child_pid_list.append(Base_Object_Attribute.dict_from_object(child_pid))
process_dict['child_pid_list'] = child_pid_list
if process_obj.get_Image_Info() is not None:
image_info = process_obj.get_Image_Info()
image_info_dict = {}
if image_info.get_File_Name() is not None: image_info_dict['file_name'] = Base_Object_Attribute.dict_from_object(image_info.get_File_Name())
if image_info.get_Command_Line() is not None: image_info_dict['command_line'] = Base_Object_Attribute.dict_from_object(image_info.get_Command_Line())
if image_info.get_Current_Directory() is not None: image_info_dict['current_directory'] = Base_Object_Attribute.dict_from_object(image_info.get_Current_Directory())
if image_info.get_Path() is not None: image_info_dict['path'] = Base_Object_Attribute.dict_from_object(image_info.get_Path())
process_dict['image_info'] = image_info_dict
if process_obj.get_Argument_List() is not None:
argument_list = []
for argument in process_obj.get_Argument_List().get_Argument():
argument_list.append(Base_Object_Attribute.dict_from_object(argument))
process_dict['argument_list'] = argument_list
if process_obj.get_Environment_Variable_List() is not None: process_dict['Environment_Variable_List'] = Environment_Variable_List.dict_from_object(process_obj.get_Environment_Variable_List())
if process_obj.get_Kernel_Time() is not None: process_dict['kernel_time'] = Base_Object_Attribute.dict_from_object(image_info.get_Kernel_Time())
if process_obj.get_Port_List() is not None:
port_list = []
for port in process_obj.get_Port_List().get_Port():
port_list.append(port.dict_from_object(port))
process_dict['port_list'] = port_list
if process_obj.get_Network_Connection_List() is not None:
network_connection_list = []
for network_connection in process_obj.get_Network_Connection_List().get_Network_Connection():
network_connection_dict = {}
if network_connection.get_Creation_Time() is not None: network_connection_dict['creation_time'] = Base_Object_Attribute.dict_from_object(network_connection.get_Creation_Time())
if network_connection.get_Destination_IP_Address() is not None: network_connection_dict['destination_ip_Address'] = Address.dict_from_object(network_connection.get_Destination_IP_Address())
if network_connection.get_Destination_Port() is not None: network_connection_dict['destination_port'] = port.dict_from_object(network_connection.get_Destination_Port())
if network_connection.get_Source_IP_Address() is not None: network_connection_dict['source_ip_Address'] = Address.dict_from_object(network_connection.get_Source_IP_Address())
if network_connection.get_Destination_Port() is not None: network_connection_dict['source_port'] = port.dict_from_object(network_connection.get_Source_Port())
if network_connection.get_TCP_State() is not None: network_connection_dict['tcp_state'] = Base_Object_Attribute.dict_from_object(network_connection.get_TCP_State())
network_connection_list.append(network_connection_dict)
process_dict['network_connection_list'] = network_connection_list
if process_obj.get_Start_Time() is not None: process_dict['start_time'] = Base_Object_Attribute.dict_from_object(process_obj.get_Start_Time())
if process_obj.get_Status() is not None: process_dict['status'] = Base_Object_Attribute.dict_from_object(process_obj.get_Status())
if process_obj.get_String_List() is not None: process_dict['Extracted_String_List'] = Extracted_String_List.dict_from_object(process_obj.get_String_List())
if process_obj.get_Username() is not None: process_dict['username'] = Base_Object_Attribute.dict_from_object(process_obj.get_Username())
if process_obj.get_User_Time() is not None: process_dict['user_time'] = Base_Object_Attribute.dict_from_object(process_obj.get_User_Time())
return process_dict
def __parse_http_client_request(cls, http_client_request):
http_client_request_dict = {}
if http_client_request.get_HTTP_Request_Line() is not None:
client_request_line = http_client_request.get_HTTP_Request_Line()
client_request_line_dict = {}
if client_request_line.get_HTTP_Method() is not None:
client_request_line_dict['http_method'] = Base_Object_Attribute.dict_from_object(client_request_line.get_HTTP_Method())
if client_request_line.get_Value() is not None:
client_request_line_dict['value'] = Base_Object_Attribute.dict_from_object(client_request_line.get_HTTP_Value())
if client_request_line.get_Version() is not None:
client_request_line_dict['version'] = Base_Object_Attribute.dict_from_object(client_request_line.get_Version())
http_client_request_dict['http_request_line'] = client_request_line_dict
if http_client_request.get_HTTP_Request_Header() is not None:
request_header = http_client_request.get_HTTP_Request_Header()
request_header_dict = {}
if request_header.get_Raw_Header() is not None:
request_header_dict['raw_header'] = request_header.get_Raw_Header()
if request_header.get_Parsed_Header() is not None:
parsed_header = request_header.get_Parsed_Header()
parsed_header_dict = {}
if parsed_header.get_Accept() is not None: parsed_header_dict['accept'] = Base_Object_Attribute.dict_from_object(parsed_header.get_Accept())
if parsed_header.get_Accept_Charset() is not None: parsed_header_dict['accept-charset'] = Base_Object_Attribute.dict_from_object(parsed_header.get_Accept_Charset())
if parsed_header.get_Accept_Language() is not None: parsed_header_dict['accept-language'] = Base_Object_Attribute.dict_from_object(parsed_header.get_Accept_Language())
if parsed_header.get_Accept_Datetime() is not None: parsed_header_dict['accept-datetime'] = Base_Object_Attribute.dict_from_object(parsed_header.get_Accept_Datetime())
if parsed_header.get_Accept_Encoding() is not None: parsed_header_dict['accept'] = Base_Object_Attribute.dict_from_object(parsed_header.get_Accept_Encoding())
if parsed_header.get_Authorization() is not None: parsed_header_dict['authorization'] = Base_Object_Attribute.dict_from_object(parsed_header.get_Authorization())
if parsed_header.get_Cache_Control() is not None: parsed_header_dict['cache-control'] = Base_Object_Attribute.dict_from_object(parsed_header.get_Cache_Control())
if parsed_header.get_Connection() is not None: parsed_header_dict['connection'] = Base_Object_Attribute.dict_from_object(parsed_header.get_Connection())
if parsed_header.get_Cookie() is not None: parsed_header_dict['cookie'] = Base_Object_Attribute.dict_from_object(parsed_header.get_Cookie())
if parsed_header.get_Content_Length() is not None: parsed_header_dict['content-length'] = Base_Object_Attribute.dict_from_object(parsed_header.get_Content_Length())
if parsed_header.get_Content_MD5() is not None: parsed_header_dict['content-md5'] = Base_Object_Attribute.dict_from_object(parsed_header.get_Content_MD5())
if parsed_header.get_Content_Type() is not None: parsed_header_dict['content-type'] = Base_Object_Attribute.dict_from_object(parsed_header.get_Content_Type())
if parsed_header.get_Date() is not None: parsed_header_dict['date'] = Base_Object_Attribute.dict_from_object(parsed_header.get_Date())
if parsed_header.get_Expect() is not None: parsed_header_dict['expect'] = Base_Object_Attribute.dict_from_object(parsed_header.get_Expect())
if parsed_header.get_From() is not None: parsed_header_dict['from'] = Address.dict_from_object(parsed_header.get_From())
if parsed_header.get_Host() is not None:
host = parsed_header.get_Host()
host_dict = {}
if host.get_Domain_Name() is not None: host_dict['domain_name'] = URI.dict_from_object(host.get_Domain_Name())
if host.get_Port() is not None: host_dict['port'] = Port.dict_from_object(host.get_Port())
parsed_header_dict['host'] = host_dict
if parsed_header.get_If_Match() is not None: parsed_header_dict['if-match'] = Base_Object_Attribute.dict_from_object(parsed_header.get_If_Match())
if parsed_header.get_If_Modified_Since() is not None: parsed_header_dict['if-modified-since'] = Base_Object_Attribute.dict_from_object(parsed_header.get_If_Modified_Since())
if parsed_header.get_If_None_Match() is not None: parsed_header_dict['if-none-match'] = Base_Object_Attribute.dict_from_object(parsed_header.get_If_None_Match())
if parsed_header.get_If_Range() is not None: parsed_header_dict['if-range'] =Base_Object_Attribute.dict_from_object( parsed_header.get_If_Range())
if parsed_header.get_If_Unmodified_Since() is not None: parsed_header_dict['if-unmodified-since'] = Base_Object_Attribute.dict_from_object(parsed_header.get_If_Unmodified_Since())
if parsed_header.get_Max_Forwards() is not None: parsed_header_dict['max-forwards'] = Base_Object_Attribute.dict_from_object(parsed_header.get_Max_Forwards())
if parsed_header.get_Pragma() is not None: parsed_header_dict['pragma'] = Base_Object_Attribute.dict_from_object(parsed_header.get_Pragma())
if parsed_header.get_Proxy_Authorization() is not None: parsed_header_dict['proxy-authorization'] = Base_Object_Attribute.dict_from_object(parsed_header.get_Proxy_Authorization())
if parsed_header.get_Range() is not None: parsed_header_dict['range'] = Base_Object_Attribute.dict_from_object(parsed_header.get_Range())
if parsed_header.get_Referer() is not None: parsed_header_dict['referer'] = URI.dict_from_object(parsed_header.get_Referer())
if parsed_header.get_TE() is not None: parsed_header_dict['te'] = Base_Object_Attribute.dict_from_object(parsed_header.get_TE())
if parsed_header.get_User_Agent() is not None: parsed_header_dict['user-agent'] = Base_Object_Attribute.dict_from_object(parsed_header.get_User_Agent())
if parsed_header.get_Via() is not None: parsed_header_dict['via'] = Base_Object_Attribute.dict_from_object(parsed_header.get_Via())
if parsed_header.get_Warning() is not None: parsed_header_dict['warning'] = Base_Object_Attribute.dict_from_object(parsed_header.get_Warning())
if parsed_header.get_DNT() is not None: parsed_header_dict['DNT'] = URI.dict_from_object(parsed_header.get_DNT())
if parsed_header.get_X_Requested_With() is not None: parsed_header_dict['x-requested-with'] = Base_Object_Attribute.dict_from_object(parsed_header.get_X_Requested_With())
if parsed_header.get_X_Requested_For() is not None: parsed_header_dict['x-requested-for'] = Base_Object_Attribute.dict_from_object(parsed_header.get_X_Requested_For())
if parsed_header.get_X_ATT_DeviceId() is not None: parsed_header_dict['x-att-deviceid'] = Base_Object_Attribute.dict_from_object(parsed_header.get_X_ATT_DeviceId())
if parsed_header.get_X_Wap_Profile() is not None: parsed_header_dict['x-wap-profile'] = URI.dict_from_object(parsed_header.get_X_Wap_Profile())
request_header_dict['parsed_header'] = parsed_header_dict
http_client_request_dict['http_request_header'] = request_header_dict
if http_client_request.get_HTTP_Message_Body() is not None:
message_body = http_client_request.get_HTTP_Message_Body()
message_body_dict = {}
if message_body.get_Length() is not None: message_body_dict['length'] = Base_Object_Attribute.dict_from_object(message_body.get_Length())
if message_body.get_Message_Body() is not None: message_body_dict['message_body'] = Base_Object_Attribute.dict_from_object(message_body.get_Message_Body())
http_client_request_dict['http_message_body'] = message_body_dict
return http_client_request_dict
