def abstract(data, fields):
"""Search in the fields/symbols the first one that can abstract the data.
>>> from netzob.all import *
>>> messages = ["{0}, what's up in {1} ?".format(pseudo, city) for pseudo in ['netzob', 'zoby'] for city in ['Paris', 'Berlin']]
>>> f1a = Field("netzob")
>>> f2a = Field(", what's up in ")
>>> f3a = Field(Alt(["Paris", "Berlin"]))
>>> f4a = Field(" ?")
>>> s1 = Symbol([f1a, f2a, f3a, f4a], name="Symbol-netzob")
>>> f1b = Field("zoby")
>>> f2b = Field(", what's up in ")
>>> f3b = Field(Alt(["Paris", "Berlin"]))
>>> f4b = Field(" ?")
>>> s2 = Symbol([f1b, f2b, f3b, f4b], name="Symbol-zoby")
>>> for m in messages:
... abstractedSymbol = AbstractField.abstract(m, [s1, s2])
... print(abstractedSymbol.name)
Symbol-netzob
Symbol-netzob
Symbol-zoby
Symbol-zoby
:parameter data: the data that should be abstracted in symbol
:type data: :class:`str`
:parameter fields: a list of fields/symbols targeted during the abstraction process
:type fields: :class:`list` of :class:`netzob.Model.Vocabulary.AbstractField`
:return: a field/symbol
:rtype: :class:`netzob.Model.Vocabulary.AbstractField`
:raises: :class:`netzob.Model.Vocabulary.AbstractField.AbstractionException` if an error occurs while abstracting the data
"""
from netzob.Common.Utils.DataAlignment.DataAlignment import DataAlignment
for field in fields:
try:
DataAlignment.align([data], field, encoded=False)
return field
except:
pass
from netzob.Model.Vocabulary.UnknownSymbol import UnknownSymbol
from netzob.Model.Vocabulary.Messages.RawMessage import RawMessage
unknown_symbol = UnknownSymbol(RawMessage(data))
logging.error(
"Impossible to abstract the message in one of the specified symbols, we create an unknown symbol for it: '%s'",
unknown_symbol)
return unknown_symbol
def readSymbols(self, timeout=EmptySymbol.defaultReceptionTimeout()):
"""Read from the abstraction layer a flow and abstract it with one or more consecutive symbols
The timeout parameter represents the amount of time (in millisecond) above which
no reception of a message triggers the reception of an :class:`netzob.Model.Vocabulary.EmptySymbol.EmptySymbol`. If timeout set to None
or to a negative value means it always wait for the reception of a message.
:keyword timeout: the time above which no reception of message triggers the reception of an :class:`netzob.Model.Vocabulary.EmptySymbol.EmptySymbol`
:type timeout: :class:`int`
:raise TypeError if the parameter is not valid and Exception if an error occurs.
"""
self._logger.debug("Reading data from communication channel...")
data = self.channel.read(timeout=timeout)
self._logger.debug("Received : {}".format(repr(data)))
symbols = []
# if we read some bytes, we try to abstract them
if len(data) > 0:
try:
symbols_and_data = self.flow_parser.parseFlow(
RawMessage(data), self.symbols)
for (symbol, alignment) in symbols_and_data:
symbols.append(symbol)
except Exception as e:
self._logger.error(e)
if len(symbols) > 0:
self.memory = self.flow_parser.memory
self.specializer.memory = self.memory
else:
symbols.append(EmptySymbol())
if len(symbols) == 0 and len(data) > 0:
msg = RawMessage(data)
symbols.append(UnknownSymbol(message=msg))
return (symbols, data)
def readSymbol(self, timeout=EmptySymbol.defaultReceptionTimeout()):
"""Read from the abstraction layer a message and abstract it
into a message.
The timeout parameter represents the amount of time (in millisecond) above which
no reception of a message triggers the reception of an :class:`netzob.Model.Vocabulary.EmptySymbol.EmptySymbol`. If timeout set to None
or to a negative value means it always wait for the reception of a message.
:keyword timeout: the time above which no reception of message triggers the reception of an :class:`netzob.Model.Vocabulary.EmptySymbol.EmptySymbol`
:type timeout: :class:`int`
:raise TypeError if the parameter is not valid and Exception if an error occurs.
"""
self._logger.debug("Reading data from communication channel...")
data = self.channel.read(timeout=timeout)
self._logger.debug("Received : {}".format(repr(data)))
symbol = None
# if we read some bytes, we try to abstract them
if len(data) > 0:
for potential in self.symbols:
try:
self.parser.parseMessage(RawMessage(data), potential)
symbol = potential
self.memory = self.parser.memory
self.specializer.memory = self.memory
break
except Exception:
symbol = None
if symbol is None and len(data) > 0:
msg = RawMessage(data)
symbol = UnknownSymbol(message=msg)
elif symbol is None and len(data) == 0:
symbol = EmptySymbol()
return (symbol, data)
def abstract(data, fields):
"""Search in the fields/symbols the first one that can abstract the data.
>>> from netzob.all import *
>>> messages = ["{0}, what's up in {1} ?".format(pseudo, city) for pseudo in ['netzob', 'zoby'] for city in ['Paris', 'Berlin']]
>>> f1a = Field(name="name", domain="netzob")
>>> f2a = Field(name="question", domain=", what's up in ")
>>> f3a = Field(name="city", domain=Alt(["Paris", "Berlin"]))
>>> f4a = Field(name="mark", domain=" ?")
>>> s1 = Symbol([f1a, f2a, f3a, f4a], name="Symbol-netzob")
>>> f1b = Field(name="name", domain="zoby")
>>> f2b = Field(name="question", domain=", what's up in ")
>>> f3b = Field(name="city", domain=Alt(["Paris", "Berlin"]))
>>> f4b = Field(name="mark", domain=" ?")
>>> s2 = Symbol([f1b, f2b, f3b, f4b], name="Symbol-zoby")
>>> for m in messages:
... (abstractedSymbol, structured_data) = AbstractField.abstract(m, [s1, s2])
... print(structured_data)
... print(abstractedSymbol.name)
OrderedDict([('name', b'netzob'), ('question', b", what's up in "), ('city', b'Paris'), ('mark', b' ?')])
Symbol-netzob
OrderedDict([('name', b'netzob'), ('question', b", what's up in "), ('city', b'Berlin'), ('mark', b' ?')])
Symbol-netzob
OrderedDict([('name', b'zoby'), ('question', b", what's up in "), ('city', b'Paris'), ('mark', b' ?')])
Symbol-zoby
OrderedDict([('name', b'zoby'), ('question', b", what's up in "), ('city', b'Berlin'), ('mark', b' ?')])
Symbol-zoby
:parameter data: the data that should be abstracted in symbol
:type data: :class:`str`
:parameter fields: a list of fields/symbols targeted during the abstraction process
:type fields: :class:`list` of :class:`netzob.Model.Vocabulary.AbstractField`
:return: a field/symbol and the structured received message
:rtype: a tuple (:class:`netzob.Model.Vocabulary.AbstractField`, dict)
:raises: :class:`netzob.Model.Vocabulary.AbstractField.AbstractionException` if an error occurs while abstracting the data
"""
from netzob.Common.Utils.DataAlignment.DataAlignment import DataAlignment
for field in fields:
try:
# Try to align/parse the data with the current field
alignedData = DataAlignment.align([data], field, encoded=False)
# If it matches, we build a dict that contains, for each field, the associated value that was present in the message
structured_data = OrderedDict()
for fields_value in alignedData:
for i, field_value in enumerate(fields_value):
structured_data[alignedData.headers[i]] = field_value
return (field, structured_data)
except:
pass
from netzob.Model.Vocabulary.UnknownSymbol import UnknownSymbol
from netzob.Model.Vocabulary.Messages.RawMessage import RawMessage
unknown_symbol = UnknownSymbol(RawMessage(data))
structured_data = OrderedDict()
logging.error(
"Impossible to abstract the message in one of the specified symbols, we create an unknown symbol for it: '%s'",
unknown_symbol)
return (unknown_symbol, structured_data)