def __init__(self, packet, count, inter, \
iface=None, strict=True, report_recv=False, \
report_sent=True, background=True):
"""
Construct a SendReceive Operation
@param packet the packet to send
@param count how many times the packet will be sent
@param inter the interval between emission
@param iface the iface to listen to
@param strict strict checking for reply
@param report_recv report received packets
@param report_sent report sent packets
@param background if the operation should have a session when starts
"""
capmethod = Prefs()['backend.system.sendreceive.capmethod'].value
if capmethod < 0 or capmethod > 2:
Prefs()['backend.system.sendreceive.capmethod'].value = 0
capmethod = 0
log.debug('Using %d as capmethod for SendReceiveContext' % capmethod)
Operation.__init__(self)
backend.SendReceiveContext.__init__(self, packet, count, inter, iface,
strict, report_recv, report_sent,
capmethod, self.__send_callback,
self.__receive_callback, None,
None)
if background:
self.session = None
else:
self.__create_session()
def create_ui(self):
self.use_colors = True
self.set_border_width(2)
self.__create_toolbar()
self.__create_view()
self.statusbar = HIGAnimatedBar('', gtk.STOCK_INFO)
self.pack_start(self.statusbar, False, False)
self.show_all()
Prefs()['gui.maintab.sniffview.font'].connect(self.__modify_font)
Prefs()['gui.maintab.sniffview.usecolors'].connect(self.__modify_colors)
self.tree.get_selection().set_mode(gtk.SELECTION_MULTIPLE)
self.tree.get_selection().connect('changed',
self.__on_selection_changed)
self.filter.get_entry().connect('activate',self.__on_apply_filter)
self.tree.connect('button-press-event', self.__on_popup)
self.connect('realize', self.__on_realize)
self.timeout_id = None
self.reload()
def create_ui(self):
self.hbox = gtk.HBox(False, 2)
# Create the toolbar for sending selected packet
self.toolbar = gtk.Toolbar()
self.toolbar.set_style(gtk.TOOLBAR_ICONS)
self.toolbar.set_orientation(gtk.ORIENTATION_VERTICAL)
stocks = (
gtk.STOCK_EDIT,
gtk.STOCK_DELETE,
gtk.STOCK_CLEAR,
gtk.STOCK_SELECT_COLOR
)
tooltips = (
_('Complete layers'),
_('Remove selected layer'),
_('Reset layer to default'),
_('Graph packet')
)
callbacks = (
self.__on_complete,
self.__on_remove,
self.__on_reset,
self.__on_graph
)
for tooltip, stock, callback in zip(tooltips, stocks, callbacks):
action = gtk.Action(None, None, tooltip, stock)
action.connect('activate', callback)
self.toolbar.insert(action.create_tool_item(), -1)
self.proto_hierarchy = ProtocolHierarchy(self.session)
self.hexview = HexView()
try:
# Only the read write hexview provide this
self.hexview.set_insert_mode(True)
self.hexview.set_read_only_mode(False)
self.hexview.changed_callback = self.__on_hexview_changed
self.hexview.connect('focus-out-event', self.__on_hexview_focus_out)
self._packet_changed = False
except:
pass
self.hbox.pack_start(self.proto_hierarchy, False, False, 0)
self.hbox.pack_start(self.toolbar, False, False)
self.hbox.pack_start(self.hexview)#, False, False)
Prefs()['gui.maintab.hexview.font'].connect(self.hexview.modify_font)
Prefs()['gui.maintab.hexview.bpl'].connect(self.hexview.set_bpl)
self.pack_start(self.hbox)
def __init__(self, args):
"""
PacketManipulator Application class
@param args pass sys.argv
"""
gobject.threads_init()
self._args = args
root = False
try:
# FIXME: add maemo
if sys.platform == 'win32':
import ctypes
root = bool(ctypes.windll.shell32.IsUserAnAdmin())
elif os.getuid() == 0:
root = True
except:
pass
if Prefs()['system.check_pyver'].value == True and \
sys.version_info[1] < 6:
dialog = gtk.MessageDialog(
None, gtk.DIALOG_MODAL, gtk.MESSAGE_WARNING,
gtk.BUTTONS_YES_NO,
_('Packet Manipulator requires at least '
'2.6 version of Python but you\'ve %s '
'installed. We not guarantee that all '
'functionalities works properly.\n\n'
'Do you want to continue?') %
".".join(map(str, sys.version_info[:3])))
ret = dialog.run()
dialog.hide()
dialog.destroy()
if ret == gtk.RESPONSE_NO:
sys.exit(-1)
if Prefs()['system.check_root'].value == True and not root:
dialog = gtk.MessageDialog(
None, gtk.DIALOG_MODAL, gtk.MESSAGE_WARNING,
gtk.BUTTONS_YES_NO,
_('You are running Packet Manipulator as'
' non-root user!\nSome functionalities'
' need root privileges to work\n\nDo '
'you want to continue?'))
ret = dialog.run()
dialog.hide()
dialog.destroy()
if ret == gtk.RESPONSE_NO:
sys.exit(-1)
self.phase = 0
self.splash = SplashScreen()
def timeout_update(self):
if Prefs()['gui.operationstab.uniqueupdate'].value == True and \
not self.timeout_id and self.is_someone_running():
# We're not empty so we can set a timeout callback to update all
# actives iters at the same time reducing the CPU usage.
self.timeout_id = gobject.timeout_add(
Prefs()['gui.operationstab.updatetimeout'].value or 500,
self.__timeout_cb)
log.debug('Adding a timeout function to update the OperationsTab')
def __init__(self, dev1, dev2, bpf_filter, skipfwd, unoffensive):
capmethod = Prefs()['backend.system.audit.capmethod'].value
if capmethod < 0 or capmethod > 2:
Prefs()['backend.system.sendreceive.capmethod'].value = 0
capmethod = 0
Operation.__init__(self)
backend.AuditContext.__init__(self, dev1, dev2, bpf_filter, capmethod)
self.session = ServiceBus().call('pm.sessions', 'create_audit_session',
self)
def save(self):
s = ''
for lbl, size, eval_str in self.store:
s += "%s|%d|%s," % (lbl, size, eval_str)
Prefs()['gui.maintab.sniffview.columns'].value = s[:-1]
def __on_quit(self, *args):
self.hide()
# We need to stop the pending sniff threads
lst = []
for page in ServiceBus().call('pm.sessions', 'get_sessions'):
if isinstance(page, Session) and \
isinstance(page.context, backend.TimedContext):
lst.append(page.context)
for ctx in lst:
ctx.stop()
# Avoids joining all threads are daemon
#for ctx in lst:
# ctx.join()
errs = []
try:
log.debug('Saving options before exiting')
Prefs().write_options()
except IOError, err:
errs.append(err)
def add_perspective(self, klass, show_pers=True, resize=False, page=0):
"""
Add the perspective to the current session
@param klass a Perspective base class of the perspective to add
@param show_pers choose to show the perspective
@param resize if True child should resize when the paned is resized
@param page page index where the perspective will be inserted
@return the perspective instance
"""
pers = klass(self)
self.perspectives.append(pers)
if Prefs()['gui.expander.standard'].value:
widget = gtk.Expander(pers.title)
widget.add(pers)
widget.set_expanded(True)
else:
widget = AnimatedExpander(pers.title, pers.icon,
self.session_orientation[page])
widget.add_widget(pers, show_pers)
self.paneds[page].add_child(widget, resize)
widget.show()
return pers
def do_start_editing(self, event, widget, path, \
background_area, cell_area, flags):
if self.editor != None and self.field != None:
entry = HackEntry()
font_desc = Prefs()['gui.views.property_tab.font'].value \
or 'Monospace 8'
editor = self.editor(self.field)
for wid in editor:
wid.modify_font(pango.FontDescription(font_desc))
entry.box.add(editor)
entry.box.show_all()
entry.connect('finish-edit', self.tree.finish_callback)
entry.size_allocate(background_area)
self.editor = None
self.field = None
return entry
# Yes type error - PyGTK bug #542583
return None
def __init__(self):
super(StatusView, self).__init__()
self.set_policy(gtk.POLICY_AUTOMATIC, gtk.POLICY_AUTOMATIC)
self.set_shadow_type(gtk.SHADOW_ETCHED_IN)
self.tag_table = gtk.TextTagTable()
self.buffer = gtk.TextBuffer(self.tag_table)
self.view = gtk.TextView(self.buffer)
self.view.set_wrap_mode(gtk.WRAP_WORD_CHAR)
self.view.set_indent(4)
Prefs()['gui.statustab.font'].connect(self.__modify_font)
self.view.set_border_window_size(gtk.TEXT_WINDOW_LEFT, 16)
self.view.set_editable(False)
# Create various tags
self.view.connect('expose-event', self.__redraw_left_window)
self.view.connect('style-set', self.__on_style)
self.view.connect('realize', self.__on_realize)
self.add(self.view)
self.icons = (get_pixbuf('info_small'), get_pixbuf('warning_small'),
get_pixbuf('error_small'))
self.lines = []
def __apply(self, widget, option):
for typo, func in TYPES:
if isinstance(widget, typo):
# We should call the functions
new_value = func(widget)
Prefs()[option].value = new_value
break
def __init__(self, parent):
super(InterfaceDialog,
self).__init__(_('Interfaces - PacketManipulator'), parent,
gtk.DIALOG_DESTROY_WITH_PARENT,
(gtk.STOCK_CLOSE, gtk.RESPONSE_REJECT,
gtk.STOCK_OPEN, gtk.RESPONSE_ACCEPT))
self.if_list = InterfaceList()
self.options = CaptureOptions()
self.vbox.pack_start(self.if_list)
self.vbox.pack_start(self.options, False, False)
for widget in self.action_area:
if self.get_response_for_widget(widget) == gtk.RESPONSE_ACCEPT:
widget.set_sensitive(False)
self.if_list.tree.get_selection().connect(
'changed', self.__on_selection_changed, widget)
self.options.method.connect('changed',
self.__on_method_changed, widget)
break
self.if_list.tree.connect(
'row-activated',
lambda tree, path, view, diag: diag.response(gtk.RESPONSE_ACCEPT),
self)
method = Prefs()['backend.system.sniff.capmethod'].value
if method < 0 and method > 3:
Prefs()['backend.system.sniff.capmethod'] = 0
method = 0
self.options.method.set_active(method)
self.connect('response', self.__on_response)
self.__populate()
self.show_all()
self.if_list.set_size_request(600, 200)
def __init__(self, seq, count, inter, iface=None, strict=True, \
report_recv=False, report_sent=True):
capmethod = Prefs()['backend.system.sequence.capmethod'].value
if capmethod < 0 or capmethod > 2:
Prefs()['backend.system.sendreceive.capmethod'].value = 0
capmethod = 0
log.debug('Using %d as capmethod for SendReceiveContext' % capmethod)
Operation.__init__(self)
backend.SequenceContext.__init__(self, seq, count, inter, iface, \
strict, report_recv, report_sent, \
capmethod, \
self.__send_callback, \
self.__receive_callback)
self.session = ServiceBus().call('pm.sessions', 'create_sniff_session',
self)
def _idle(self):
if self.phase == 0:
self.splash.text = _("Registering icons ...")
from icons import register_icons
register_icons()
elif self.phase == 1:
self.splash.text = _("Loading preferences ...")
from umit.pm.manager.preferencemanager import Prefs
self.prefs = Prefs()
elif self.phase == 2:
services_boot()
self.splash.text = _("Creating main window ...")
from mainwindow import MainWindow
self.bus = ServiceBus()
self.main_window = MainWindow()
self.main_window.connect_tabs_signals()
self.plugin_engine = PluginEngine()
self.plugin_engine.load_selected_plugins()
# Destroy the splash screen
self.splash.hide()
self.splash.destroy()
self.splash.finished = True
del self.splash
# Now let's parse the args passed in the constructor
parser = self._create_parser()
options, args = parser.parse_args(self._args)
if options.fread:
self.main_window.open_generic_file_async(options.fread)
if options.audit:
dev1, dev2, bpf_filter = options.audit, '', ''
try:
dev1, dev2 = options.audit.split(',', 1)
dev2, bpf_filter = other.split(':', 1)
except:
pass
self.main_window.start_new_audit(dev1, dev2, bpf_filter, False,
False)
return False
self.phase += 1
return True
def create_ui(self):
self.status = StatusView()
self.status.info(
_("PacketManipulator %s started on %s") % (PM_VERSION, os.name))
self.status.info(_("Using %s as backend") % \
Prefs()['backend.system'].value)
self.status.info(_("What do you wanna pwn today?"))
self._main_widget.add(self.status)
self._main_widget.show_all()
def find_all_devs(capmethod=0):
"""
@param capmethod 0 for standard method, 1 for virtual interface,
2 for tcpdump/windump, 3 for dumpcap helper.
@return a list containing VirtualIFace objects
"""
if capmethod == 1:
# This is virtual interface so the list will contain a dummy
# VirtualIFace entry
return [
VirtualIFace('dummy', 'Virtual interface for reading file',
'0.0.0.0')
]
if WINDOWS and (capmethod == 2 or capmethod == 3):
# Ok here we have to get the stdout of %helper% -D
if capmethod == 2:
helper = Prefs()['backend.tcpdump'].value
else:
helper = Prefs()['backend.dumpcap'].value
try:
ret = []
helper = subprocess.Popen(helper + " -D", stdout=subprocess.PIPE)
output, _ = helper.communicate()
for line in output.splitlines():
name, desc = line.rsplit("(", 1)
name = name.replace(" ", "")
desc = desc[:-1]
ret.append(VirtualIFace(name, desc, 'N/A'))
return ret
except Exception, err:
log.error("Error in running the helper: %s" % str(err))
return []
def find_all_devs(capmethod=0):
"""
@param capmethod 0 for standard method, 1 for virtual interface,
2 for tcpdump/windump, 3 for dumpcap helper.
@return a list containing VirtualIFace objects
"""
if capmethod == 1:
# This is virtual interface so the list will contain a dummy
# VirtualIFace entry
return [VirtualIFace('dummy',
'Virtual interface for reading file',
'0.0.0.0')]
if WINDOWS and (capmethod == 2 or capmethod == 3):
# Ok here we have to get the stdout of %helper% -D
if capmethod == 2:
helper = Prefs()['backend.tcpdump'].value
else:
helper = Prefs()['backend.dumpcap'].value
try:
ret = []
helper = subprocess.Popen(helper + " -D", stdout=subprocess.PIPE)
output, _ = helper.communicate()
for line in output.splitlines():
name, desc = line.rsplit("(", 1)
name = name.replace(" ", "")
desc = desc[:-1]
ret.append(VirtualIFace(name, desc, 'N/A'))
return ret
except Exception, err:
log.error("Error in running the helper: %s" % str(err))
return []
def __update_store(self):
l = len(self.midvalues)
while l != 0:
iter = self.store.append(self.midvalues.pop(0))
l -= 1
if Prefs()['gui.maintab.auditoutputview.autoscroll'].value:
self.tree.scroll_to_cell(self.store.get_path(iter))
if self.midvalues:
return True
self.timeout_id = None
return False
def create_widgets(self):
self.store = gtk.ListStore(gtk.gdk.Pixbuf, str, int)
self.combo = gtk.ComboBox(self.store)
self.icon = None
pix = gtk.CellRendererPixbuf()
txt = gtk.CellRendererText()
txt.set_property('font',
Prefs()['gui.views.property_tab.font'].value \
or 'Monospace 8')
self.combo.pack_start(pix, False)
self.combo.pack_start(txt)
self.combo.set_attributes(pix, pixbuf=0)
self.combo.set_attributes(txt, text=1)
self.odict = backend.get_field_enumeration_i2s(self.field)
self.odict.sort()
idx = 0
set = False
for value, key in self.odict:
self.store.append([self.icon, key, value])
if not set:
if self.value == value:
set = True
continue
idx += 1
if set:
self.combo.set_active(idx)
self.store.append([self.icon, _("Set manually"), -1])
self.int_editor = IntEditor((self.protocol, self.field))
self.undo_btn = MiniButton(stock=gtk.STOCK_UNDO)
self.undo_btn.set_size_request(24, 24)
self.int_editor.pack_start(self.undo_btn, False, False)
self.int_editor.show()
def __create_option_widgets(self, name, lbl, widget):
label = None
if lbl:
label = gtk.Label(lbl)
label.set_use_markup(True)
label.set_alignment(0, 0.5)
for typo, func in CONSTRUCTORS:
if isinstance(widget, typo):
value = Prefs()[name].value
func(widget, value)
break
return label, widget
def __pack_widgets(self):
"Pack widgets"
self.menubar = self.ui_manager.get_widget("/menubar")
self.vbox.pack_start(self.menubar, False, False, 0)
self.toolbar = self.ui_manager.get_widget("/toolbar")
self.toolbar.set_style(gtk.TOOLBAR_ICONS)
self.vbox.pack_start(self.toolbar, False, False, 0)
item = self.ui_manager.get_widget('/menubar/Views')
item.remove_submenu()
item = self.ui_manager.get_widget('/menubar/Audits')
item.remove_submenu()
item = self.ui_manager.get_widget('/menubar/Mitm')
item.remove_submenu()
self.vbox.pack_start(self.main_paned)
self.vbox.pack_start(self.statusbar, False, False)
# Tabs
self.register_tab(MainTab())
self.register_tab(ProtocolSelectorTab(),
Prefs()['gui.views.protocol_selector_tab'].value)
self.register_tab(PropertyTab(),
Prefs()['gui.views.property_tab'].value)
self.register_tab(StatusTab(), Prefs()['gui.views.status_tab'].value)
self.register_tab(OperationsTab(),
Prefs()['gui.views.operations_tab'].value)
self.register_tab(VteTab(), Prefs()['gui.views.vte_tab'].value)
self.register_tab(HackTab(), Prefs()['gui.views.hack_tab'].value)
self.register_tab(ConsoleTab(), Prefs()['gui.views.console_tab'].value)
self.register_tab(HostListTab(),
Prefs()['gui.views.hostlist_tab'].value)
self.add(self.vbox)
def __init__(self, tree):
super(CellRendererGroup, self).__init__()
self.tree = tree
self.set_property('xalign', 0)
self.set_property('xpad', 3)
# We use two fields (to avoid creating instances)
# - editor : containing the class for editor
# - field : is the object to edit
self.editor = None
self.field = None
dummy_entry = gtk.Entry()
dummy_entry.set_has_frame(False)
font_desc = Prefs()['gui.views.property_tab.font'].value \
or 'Monospace 8'
dummy_entry.modify_font(pango.FontDescription(font_desc))
self.row_height = dummy_entry.size_request()[1] + 2
class Operation(object):
"""
This is an abstract class representing a network operation
like sending packets or receiving packets and should be ovverriden
"""
RUNNING, NOT_RUNNING = range(2)
# CHECKME: Add this to avoid multiple request of that prefs.
SKIP_UPDATE = Prefs()['gui.operationstab.uniqueupdate'].value
def __init__(self):
self.iter = None
self.model = None
self.state = self.NOT_RUNNING
def set_iter(self, model, iter):
self.iter = iter
self.model = model
def notify_parent(self):
# emit a row-changed to update the model
if self.iter and self.model:
self.model.row_changed(self.model.get_path(self.iter), self.iter)
def activate(self):
"Called when the user clicks on the row"
pass
def get_summary(self):
return 'Implement me'
def get_percentage(self):
"""
@return None if we should pulse or a int
if None you should provide percentage attribute
"""
return None
def create_ui(self):
self.grid = PropertyGrid()
self.grid.tree.connect('finish-edit', self.__redraw_hex_view)
self.grid.tree.connect('field-selected', self.__on_field_selected)
font_desc = Prefs(
)['gui.views.property_tab.font'].value or 'Monospace 8'
font_desc = pango.FontDescription(font_desc)
self.grid.tree.tree.modify_font(font_desc)
self._main_widget.add(self.grid)
self._main_widget.show_all()
self.prev_page = None
self.change_id = None
self.notify = {}
# Start disabled
self._main_widget.set_border_width(0)
self._main_widget.set_sensitive(False)
def _thread_main(self, udata=None):
if self.type == FileOperation.TYPE_LOAD:
ctx = udata
rctx = None
log.debug('Loading file as %s' % str(ctx))
if ctx is backend.SequenceContext:
rctx = backend.SequenceContext(self.file)
elif ctx is backend.SniffContext or \
ctx is backend.StaticContext:
rctx = backend.StaticContext(
self.file, self.file,
Prefs()['backend.system.static.audits'].value)
if rctx is not None:
# Let's update our operation directly from load
if rctx.load(operation=self) == True:
# Now let's add a callback to when
gobject.idle_add(self.__on_idle, (ctx, rctx))
else:
log.error('Error while loading context on %s.' % self.file)
self.state = self.NOT_RUNNING
else:
log.debug('Saving %s to %s' % (self.ctx, self.ctx.cap_file))
if self.ctx.save(operation=self) == True:
gobject.idle_add(self.__on_idle, ())
else:
log.error('Error while saving context on %s.' % \
self.ctx.cap_file)
self.state = self.NOT_RUNNING
self.thread = None
def __create_view(self):
sw = gtk.ScrolledWindow()
sw.set_policy(gtk.POLICY_AUTOMATIC, gtk.POLICY_AUTOMATIC)
sw.set_shadow_type(gtk.SHADOW_ETCHED_IN)
# We have to create two seperate objects if we want to have more
# performance while sniffing. We'll use the tree_store only for
# reflowing without a model filter.
self.tree_store = gtk.TreeStore(object)
self.list_store = gtk.ListStore(object)
self.active_model = self.list_store
self.tree = gtk.TreeView(self.active_model)
self.active_filter = None
self.model_filter = self.list_store.filter_new()
self.model_filter.set_visible_func(self.__filter_func)
idx = 0
rend = GridRenderer()
rend.set_property('ellipsize', pango.ELLIPSIZE_END)
columns_str = Prefs()['gui.maintab.sniffview.columns'].value
for column_str in columns_str.split(','):
try:
label, pixel_size, eval_str = column_str.split('|', 2)
pixel_size = int(pixel_size)
if eval_str[-1] != '%' or eval_str[0] != '%':
continue
eval_str = eval_str[1:-1]
col = gtk.TreeViewColumn(label, rend)
col.set_min_width(pixel_size)
col.set_fixed_width(pixel_size)
col.set_resizable(True)
if eval_str == 'number':
col.set_cell_data_func(rend, self.__cell_data_number)
else:
func = getattr(MetaPacket, eval_str, None) or \
getattr(MetaPacket, 'get_' + eval_str, None)
if not func:
col.set_cell_data_func(rend, self.__cell_data_cfield,
eval_str)
else:
col.set_cell_data_func(rend, self.__cell_data_func,
func)
self.tree.insert_column(col, idx)
idx += 1
except Exception:
pass
# Set the fixed height mode property to True to speeds up
self.tree.set_fixed_height_mode(True)
sw.add(self.tree)
self.pack_start(sw)
from umit.pm.core.i18n import _
from umit.pm.core.logger import log
from umit.pm.manager.preferencemanager import Prefs
if not 'WINDOWS' in globals():
WINDOWS = False
def change_interface(iface):
if iface:
conf.iface = iface
conf.color_theme = NoTheme()
Prefs()['backend.scapy.interface'].connect(change_interface)
###############################################################################
# Protocols loading
###############################################################################
def load_scapy_protocols():
import __builtin__
all = __builtin__.__dict__.copy()
all.update(globals())
objlst = filter(lambda (n,o): isinstance(o,type) and issubclass(o,Packet), \
all.items())
objlst.sort(lambda x, y: cmp(x[0], y[0]))
ret = []
class VirtualIFace(object):
def __init__(self, name, desc, ip):
self.name = name
self.description = desc
self.ip = ip
class SequencePacket(object):
def __init__(self, packet, filter='', inter=0):
self.packet = packet
self.filter = None
self.inter = inter
# Contexts
from abstract.basecontext.static import StaticContext
from abstract.basecontext.timed import TimedContext
from abstract.basecontext.send import SendContext
from abstract.basecontext.sendreceive import SendReceiveContext
from abstract.basecontext.sniff import SniffContext
from abstract.basecontext.sequence import SequenceContext
from abstract.basecontext.audit import AuditContext
from umit.pm.manager.preferencemanager import Prefs
if Prefs()['backend.system'].value.lower() == 'umpa':
from umpa import *
else:
from scapy import *
def __init__(self):
super(CaptureOptions, self).__init__()
self.set_border_width(4)
self.set_label_widget(self.new_label(_('<b>Options</b>')))
tbl = gtk.Table(8, 4, False)
tbl.set_border_width(4)
tbl.set_col_spacings(4)
tbl.attach(self.new_label(_('Filter:')),
0,
1,
0,
1,
yoptions=gtk.SHRINK)
tbl.attach(self.new_label(_('Capture file:')),
0,
1,
1,
2,
yoptions=gtk.SHRINK)
tbl.attach(self.new_label(_('Capture method:')),
0,
1,
2,
3,
yoptions=gtk.SHRINK)
tbl.attach(self.new_label(_('Min packet size:')),
0,
1,
3,
4,
yoptions=gtk.SHRINK)
tbl.attach(self.new_label(_('Max packet size:')),
0,
1,
4,
5,
yoptions=gtk.SHRINK)
tbl.attach(self.new_label(_('Stop after:')),
0,
1,
5,
6,
yoptions=gtk.SHRINK)
tbl.attach(self.new_label(_('Stop after:')),
0,
1,
6,
7,
yoptions=gtk.SHRINK)
tbl.attach(self.new_label(_('Stop after:')),
0,
1,
7,
8,
yoptions=gtk.SHRINK)
self.filter = gtk.Entry()
btn = gtk.Button()
btn.add(gtk.image_new_from_stock(gtk.STOCK_INFO, gtk.ICON_SIZE_BUTTON))
btn.set_relief(gtk.RELIEF_NONE)
btn.set_tooltip_markup(
_('Enter a pcap filter expression here.\nSee '
'also <span foreground="blue">'
'http://www.cs.ucr.edu/~marios/ethereal-tcpdump.pdf</span>'))
hbox = gtk.HBox(0, False)
hbox.pack_start(btn, False, False)
tbl.attach(self.filter, 1, 2, 0, 1, yoptions=gtk.SHRINK)
tbl.attach(hbox, 2, 3, 0, 1, yoptions=gtk.SHRINK)
self.file = gtk.Entry()
btn = gtk.Button()
btn.add(gtk.image_new_from_stock(gtk.STOCK_OPEN, gtk.ICON_SIZE_BUTTON))
btn.set_relief(gtk.RELIEF_NONE)
btn.connect('clicked', self.__on_select_capfile)
hbox = gtk.HBox(0, False)
hbox.pack_start(btn, False, False)
tbl.attach(self.file, 1, 2, 1, 2, yoptions=gtk.SHRINK)
tbl.attach(hbox, 2, 3, 1, 2, yoptions=gtk.SHRINK)
self.method = gtk.combo_box_new_text()
self.method.append_text(_('Native'))
self.method.append_text(_('Virtual interface'))
self.method.append_text(_('tcpdump helper'))
self.method.append_text(_('dumpcap helper'))
self.method.set_active(0)
tbl.attach(self.method, 1, 2, 2, 3, yoptions=gtk.SHRINK)
self.min_size, self.min_combo = \
self.new_combo(68, maxint, [_("byte(s)")], True)
self.max_size, self.max_combo = \
self.new_combo(68, maxint, [_("byte(s)")], True)
self.stop_packets, stop_packets_lbl = \
self.new_combo(0, maxint, [_("packet(s)")])
self.stop_size, self.stop_size_combo = \
self.new_combo(0, 1024, [_("KB"), _("MB"), _("GB")])
self.stop_time, self.stop_time_combo = \
self.new_combo(0, maxint,
[_("second(s)"), _("minute(s)"), _("hour(s)")])
tbl.attach(self.min_size, 1, 2, 3, 4)
tbl.attach(self.min_combo, 2, 3, 3, 4, yoptions=gtk.SHRINK)
tbl.attach(self.max_size, 1, 2, 4, 5)
tbl.attach(self.max_combo, 2, 3, 4, 5, yoptions=gtk.SHRINK)
tbl.attach(self.stop_packets, 1, 2, 5, 6)
tbl.attach(stop_packets_lbl, 2, 3, 5, 6, yoptions=gtk.SHRINK)
tbl.attach(self.stop_size, 1, 2, 6, 7)
tbl.attach(self.stop_size_combo, 2, 3, 6, 7, yoptions=gtk.SHRINK)
tbl.attach(self.stop_time, 1, 2, 7, 8)
tbl.attach(self.stop_time_combo, 2, 3, 7, 8, yoptions=gtk.SHRINK)
self.res_mac = gtk.CheckButton(_('Enable MAC name resolution'))
self.res_name = gtk.CheckButton(_('Enable network name resolution'))
self.res_transport = gtk.CheckButton(_('Enable transport name ' \
'resolution'))
self.gui_real = gtk.CheckButton(_('Update view in real mode'))
self.gui_scroll = gtk.CheckButton(_('Automatic view scrolling'))
self.net_promisc = gtk.CheckButton(_('Capture in promiscuous mode'))
self.background = gtk.CheckButton(_('Start in background mode'))
self.audits = gtk.CheckButton(_('Enable audits'))
tbl.attach(self.gui_real, 3, 4, 0, 1)
tbl.attach(self.gui_scroll, 3, 4, 1, 2)
tbl.attach(self.net_promisc, 3, 4, 2, 3)
tbl.attach(self.res_mac, 3, 4, 3, 4)
tbl.attach(self.res_name, 3, 4, 4, 5)
tbl.attach(self.res_transport, 3, 4, 5, 6)
tbl.attach(self.background, 3, 4, 6, 7)
tbl.attach(self.audits, 3, 4, 7, 8)
# Setting the default values
self.res_mac.set_active(True)
self.res_transport.set_active(True)
self.gui_real.set_active(True)
self.gui_scroll.set_active(True)
self.net_promisc.set_active(True)
if Prefs()['backend.system.sniff.audits'].value == True:
self.audits.set_active(True)
self.add(tbl)
def run_helper(helper_type, iface, filter=None, stop_count=0, stop_time=0, \
stop_size=0):
"""
Start an helper process for capturing
@param helper is integer (0 to use tcpdump, 1 to use pcapdump)
@param iface the interface to sniff on
@param filter the tcpdump filter to use
@param stop_count stop process after n packets (tcpdump/dumpcap)
@param stop_time stop process after n secs (dumpcap only)
@param stop_size stop process after n bytes (dumpcap only)
@return a tuple (Popen object, outfile path)
@see subprocess module for more information
"""
if WINDOWS:
log.debug('Ok we\'re in windows. Extracting idx from %s' % iface)
iface = iface.split('.', 1)
log.debug('Sniffing on interface %s with %s as index' %
(iface[0], iface[1]))
iface = iface[0]
if helper_type == 0:
helper = Prefs()['backend.tcpdump'].value
if stop_count:
helper += "-c %d " % stop_count
helper += " -vU -i%s -w%s"
if filter:
helper += " " + filter
log.debug("I'm using tcpdump helper to capture packets")
else:
helper = Prefs()['backend.dumpcap'].value
if stop_count:
helper += "-c %d " % stop_count
if stop_time:
helper += "-a duration:%d " % stop_time
if stop_size:
helper += "-a filesize:%d " % stop_size / 1024
helper += " -i%s -w%s"
if filter:
helper += " " + filter
log.debug("I'm using dumpcap helper to capture packets")
outfile = tempfile.mktemp('.pcap', 'PM-')
process = subprocess.Popen(helper % (iface, outfile),
shell=(not WINDOWS),
close_fds=(not WINDOWS),
stderr=subprocess.PIPE)
if not WINDOWS:
log.debug("Setting O_NONBLOCK stderr file descriptor")
flags = fcntl.fcntl(process.stderr, fcntl.F_GETFL)
if not process.stderr.closed:
fcntl.fcntl(process.stderr, fcntl.F_SETFL, flags | os.O_NONBLOCK)
log.debug("Process spawned as `%s` with pid %d" % \
((helper % (iface, outfile), process.pid)))
log.debug("Helper started on interface %s. Dumping to %s" % \
(iface, outfile))
return process, outfile
def __init__(self):
gtk.VBox.__init__(self, False, 2)
self.set_border_width(4)
self.store = gtk.ListStore(str, int, str)
self.view = gtk.TreeView(self.store)
self.view.set_rules_hint(True)
self.view.set_reorderable(True)
idx = 0
lbls = (_('Column title'), _('Column size'), _('Function/cfield'))
for lbl in lbls[:-1]:
rend = gtk.CellRendererText()
rend.set_property('editable', True)
rend.connect('edited', self.__on_rend_edited, idx)
col = gtk.TreeViewColumn(lbl, rend, text=idx)
self.view.append_column(col)
idx += 1
# Last column
model = gtk.ListStore(str)
cfields = AuditManager().get_configuration('global.cfields').keys()
cfields.sort()
for field in cfields:
model.append(['%' + field + '%'])
rend = gtk.CellRendererCombo()
rend.set_property('model', model)
rend.set_property('text-column', 0)
rend.set_property('editable', True)
rend.connect('edited', self.__on_rend_edited, idx)
self.view.props.has_tooltip = True
self.view.connect('query-tooltip', self.__on_query_tooltip)
col = gtk.TreeViewColumn(lbls[-1], rend, text=idx)
self.view.append_column(col)
sw = gtk.ScrolledWindow()
sw.set_policy(gtk.POLICY_AUTOMATIC, gtk.POLICY_AUTOMATIC)
sw.set_shadow_type(gtk.SHADOW_ETCHED_IN)
sw.add(self.view)
bb = gtk.HButtonBox()
bb.set_layout(gtk.BUTTONBOX_END)
btn = gtk.Button(stock=gtk.STOCK_ADD)
btn.connect('clicked', self.__on_add_row)
bb.pack_start(btn)
btn = gtk.Button(stock=gtk.STOCK_REMOVE)
btn.connect('clicked', self.__on_remove_row)
bb.pack_start(btn)
self.pack_start(sw)
self.pack_end(bb, False, False)
# Let's populate
columns_str = Prefs()['gui.maintab.sniffview.columns'].value
for column_str in columns_str.split(','):
try:
label, pixel_size, eval_str = column_str.split('|', 2)
pixel_size = int(pixel_size)
self.store.append([label, pixel_size, eval_str])
except:
pass
self.widgets = []
