def initDBs(): __initDB(ConfigHelper.getRollingDatabasePath()) RollingDatabaseHelper.init() __initDB(ConfigHelper.getBehaviorDatabasePath()) BehaviorDatabaseHelper.init() #TODO init graph database #print "Databases initialized." return
def export(file_path, contents): # appending .csv file if not file_path.endswith(file_extention): file_path += file_extention row_timestamp = "timestamp" row_entries = "entries" row_exits = "exits" row_current_population = "current_population" file = open(file_path, 'w') field_names = [ row_timestamp, row_entries, row_exits, row_current_population ] writer = csv.DictWriter(file, fieldnames=field_names) file.write("Starting time: " + __convert_time_full(contents[0][0]) + "\n") file.write("Ending time: " + __convert_time_full(contents[-1][0]) + " (plus monitoring duration of " + str(60 / ConfigHelper.getHourSegments()) + " mins)\n") file.write("\n") file.write(row_timestamp + ", " + row_entries + ", " + row_exits + ", " + row_current_population + "\n") for c in contents: time = __convert_time(c[0]) writer.writerow({ row_timestamp: time, row_entries: c[1], row_exits: c[2], row_current_population: c[3] }) file.close()
def removeBadPackets(connection): for bad in Observation.bad_addresses: # might have to hash them if config says so if ConfigHelper.shouldHash(): bad = PrivacyUtility.processAddress(bad) connection.execute(remove_bad_packets % bad) connection.commit()
def scan(): ThreadKeeper.incrementThreadCount() captureInterface = str(ConfigHelper.getWirelessCaptureInterface()) captureDuration = str(ConfigHelper.getCaptureDuration()) capturePath = str(ConfigHelper.getCaptureDirectory()) + \ ThreadKeeper.getTimeStamp() + \ "-unprocessed.pcap" try: # making the saved pcap able to be deleted by normal users since it was created with root call(["touch", capturePath]) call(["chmod", "777", capturePath]) except Exception, errmsg: print "Could not change output file permissions, you might need root permissions to delete it now, sorry about that..." print errmsg
def analyze(): global action_exit, action_notice action_notice = BehaviorDatabaseHelper.type_notice action_exit = BehaviorDatabaseHelper.type_exit behaviorDBConnection = BehaviorDatabaseHelper.connect() rollingDBConnection = RollingDatabaseHelper.connect() # current GMT minus the backtracking time (in seconds) startTime = int(time.time()) - int(ConfigHelper.getCaptureDuration( )) # int(ConfigHelper.getNumBackTrackHours() * 3600) # or if we want to analyze everything we've ever captured if ConfigHelper.doAllAnalysisForever(): startTime = 0 uniques = BehaviorDatabaseHelper.getUniques(behaviorDBConnection, startTime) count = 0 total = len(uniques) for address in uniques: count += 1 print '{0}\r'.format(" analysis: " + str(100 * count / total) + "%"), # array of int timesOfAddress = RollingDatabaseHelper.getTimesOfAddress( rollingDBConnection, address) makeEntriesAndExitsForAddress(address, timesOfAddress, behaviorDBConnection) # make a new line to advance from the percentage print output print # commit changes to behavior db and close out both connections behaviorDBConnection.commit() behaviorDBConnection.close() rollingDBConnection.close() return
def create_app(): app = Flask(__name__, template_folder='') dist_folder = os.path.abspath(os.path.join(app.root_path, "../static")) app.static_folder = dist_folder app.static_url_path = '/static' app_path = app.root_path app.url_map.strict_slashes = False app.config.from_object(ConfigHelper.set_config(sys.argv)) register_blueprints(app) init_global_functions(app) register_extensions(app) register_components(app) return app
def create_app(): app = Flask(__name__) redefine_delimiters(app) dist_folder = os.path.abspath(os.path.join(app.root_path,"../static")) app.static_folder = dist_folder app.static_url_path='/static' app.url_map.strict_slashes = False app.config.from_object(ConfigHelper.set_config(sys.argv)) initialize_libraries(app) init_filters(app) init_global_functions(app) register_blueprints(app) register_error_handlers(app) return app
def makeEntriesAndExitsForAddress(address, times, behaviorDB): global action_exit, action_notice observation_actions = [] # this will hold the entry/exit actions if len(times) > 0: # if there was a previous observation, let's find it previous = -1 lastKnown = __loadLastKnownState(behaviorDB, address) if lastKnown is not None: previous = lastKnown # if the last observation was a leave and it should be, this'll fix it __fixPreviousAction(behaviorDB, address, previous, times[0]) time_difference = 0 for cur_time in times: time_difference = cur_time - previous # find what the state is of the current observation, based on the previous # Did the device leave since we last saw it? if time_difference > ConfigHelper.getExitTime(): # so the previous one was an exit if (previous != -1): observation_actions += [(action_exit, previous)] # and it was just seen entering observation_actions += [(action_notice, cur_time)] # else, its just another observation, we don't care too much about it # update previous previous = cur_time # make the last observation a leave, it'll get updated if it actually isn't observation_actions += [(action_exit, previous)] else: # no observations --> nothing to do, move along return # putting the observations into the behavior database for actions in observation_actions: # actions is a tuple BehaviorDatabaseHelper.addBehavior( behaviorDB, address, actions[0], actions[1]) # can add lat/long here if you want
def TRAKr(app): # loading up the config file parser configHelper = ConfigHelper.ConfigHelper() configHelper.startUp() # handling pre-run parameters first if TRAKr.params.reset: configHelper.resetConfig() # exporting databases if TRAKr.params.export: __exportData() # deleting databases elif TRAKr.params.deleteDB: __deleteDBs() __initDBs() # handling run-oriented parameters # these are the ones that can go infinitely like scans if TRAKr.params.run: __run() else: # this only scans and puts the MACs into the rolling.db if TRAKr.params.scan: __scan(False, False) # run analysis on rolling.db elif TRAKr.params.analyze: __analyze() # load up a file, lat/long will be 0 as default if not inputted if TRAKr.params.load != "": __loadFile(TRAKr.params.load, TRAKr.params.lat, TRAKr.params.long) elif TRAKr.params.loaddir != "": __loadDir(TRAKr.params.loaddir, TRAKr.params.lat, TRAKr.params.long) # wait just a little bit, because sometimes it'll race condition and go past this ThreadKeeper.wait(0.01) # don't stop execution just yet, because scan or analysis may be running ThreadKeeper.waitForThreads()
def makeExportData(): # this is a 2d array of the rows to be exported csv_data = [] conn = BehaviorDatabaseHelper.connect() all_actions = BehaviorDatabaseHelper.getAllActionsSortedbyTime(conn) # number of seconds for each span of observation time_bracket = 3600 / ConfigHelper.getHourSegments() time_end = all_actions[0].time current_entries = 0 current_exits = 0 current_population = 0 filtered_actions = all_actions # __filterActions(all_actions) for action in filtered_actions: # this is guaranteed to hit on the first packet # check if a new bracket needs to be created if action.time > time_end: # update current_population = current_population + current_entries - current_exits # each time stamp will be the start time # and the next observation will be when it ends csv_data += [(time_end, current_entries, current_exits, current_population)] # reset counters time_end = time_end + time_bracket current_entries = 0 current_exits = 0 # entry if action.action == 1: current_entries += 1 # exit else: current_exits += 1 return csv_data[1:]
def __filterActions(all_actions): filtered_actions = [] entries = [] for a in all_actions: # if its an entry, just log it in the list if a.action == 1: entries += [EntryAction(a.time, a.address)] # if it's an exit, we need to see if we're cutting it out else: prev = __findEntryTime(a.address, entries) timespan = a.time - prev # should we keep it? if timespan > ConfigHelper.getEntryTime(): filtered_actions += [SimpleAction(1, a.time, a.address)] filtered_actions += [SimpleAction(0, prev, a.address)] # now everything in filtered_actions are likely to be non-randomized MAC address devices # need to sort by time filtered_actions.sort() return filtered_actions
from multiprocessing import freeze_support
def connect(): pathToDB = ConfigHelper.getRollingDatabasePath() connection = sqlite3.connect(pathToDB) return connection
def connect(): pathToDB = ConfigHelper.getBehaviorDatabasePath() connection = sqlite3.connect(pathToDB) return connection
def __removePcaps(): # http://stackoverflow.com/questions/1995373/ path = str(ConfigHelper.getCaptureDirectory()) [os.remove(path + f) for f in os.listdir(path) if f.endswith(".pcap")]
def makeTimeSlots(): # returns an array of the size of time slots that should be created slotsPerHour = ConfigHelper.getHourSegments() backTrackHours = ConfigHelper.getNumBackTrackHours() return [0] * slotsPerHour * backTrackHours
def deleteDBs(): __deleteDB(ConfigHelper.getRollingDatabasePath()) __deleteDB(ConfigHelper.getBehaviorDatabasePath()) print "Databases deleted."
def __fixPreviousAction(connection, address, previousTime, newTime): # should it be removed? if newTime - previousTime < ConfigHelper.getExitTime(): BehaviorDatabaseHelper.removeFalseExit(connection, address, previousTime) pass
def serial_operation_by_control_file(tag, case_file=Res.case_file, c=Cfg.SMCommon(), commands=[]): log('launch swipe process of ' + tag) lines = get_usable_lines_from_file(case_file) # parse if have special configuration case_w, case_h, case_nav = 0, 0, 0 for line in lines: items = line.split(Res.split_mark) if Res.case_display_config in line: case_w = int(items[1]) case_h = int(items[2]) case_nav = int(items[3]) break case_has_nav = case_nav > 0 alta_height = (0 if c.has_nav and not case_has_nav else -(c.nav_height if not case_has_nav else case_nav)) real_w, real_h, nav_h = CfgU.device_real_config_info(tag) f_x = float(real_w) / (c.size_x if case_w == 0 else case_w) f_y = float(real_h) / ((c.size_y if case_h == 0 else case_h) + alta_height) for line in lines: items = line.split(Res.split_mark) if real_item(Res.action_click, items[0]): p_open( Res.adb_tap_with_tag(tag, cor(items[1], f_x), cor(items[2], f_y))) delay_index = Res.delay_index_one_point elif real_item(Res.action_hold, items[0]): p_open( Res.adb_touch_screen_with_tag(tag, cor(items[1], f_x), cor(items[2], f_y))) delay_index = Res.delay_index_one_point elif real_item(Res.action_home, items[0]): send_key_home(tag) delay_index = Res.delay_index_zero_point elif real_item(Res.action_back, items[0]): p_open(Res.adb_key_event_back(tag)) delay_index = Res.delay_index_zero_point elif real_item(Res.action_wait, items[0]): delay_index = Res.delay_index_zero_point elif real_item(Res.action_swipe, items[0]): p_open( Res.adb_swipe_with_tag(tag, cor(items[1], f_x), cor(items[2], f_y), cor(items[3], f_x), cor(items[4], f_y))) delay_index = Res.delay_index_two_point elif real_item(Res.special_start, items[0]): p_open(Res.asb_shell_start_activity(tag, c.act)) delay_index = Res.delay_index_zero_point elif real_item(Res.special_stop, items[0]): p_open(Res.asb_shell_force_stop(tag, c.pkg)) delay_index = Res.delay_index_zero_point elif real_item(Res.special_clear_data, items[0]): p_open(Res.asb_shell_clear_data(tag, c.pkg)) delay_index = Res.delay_index_zero_point elif real_item(Res.special_clear_logcat, items[0]): p_open(Res.asb_shell_clear_logcat(tag)) delay_index = Res.delay_index_zero_point elif real_item(Res.special_invoke_watcher, items[0]): p_open(commands[2]) # start collector activity delay_index = Res.delay_index_zero_point elif real_item(Res.special_start_command, items[0]): p_open(commands[0]) delay_index = Res.delay_index_zero_point elif real_item(Res.special_stop_command, items[0]): p_open(commands[1]) delay_index = Res.delay_index_zero_point elif real_item(Res.action_uninstall, items[0]): FunPkg.uninstall(tag, c.pkg) delay_index = Res.delay_index_zero_point elif real_item(Res.action_install, items[0]): delay_index = install_and_parse_index(tag, c, items[1]) elif real_item(Res.action_install_r, items[0]): delay_index = install_and_parse_index(tag, c, items[1], True) elif real_item(Res.action_reboot, items[0]): p_open(Res.adb_reboot(tag)) delay_index = Res.delay_index_zero_point else: continue seconds = items[delay_index] if len( items) > delay_index else Res.default_delay_in_action sleep(float(seconds))
TRAKr.add_param("-analyze", help="run analysis on packets", action='store_true') TRAKr.add_param("-load", help="loads a pcap file into the database", type=str, default="") TRAKr.add_param("-loaddir", help="load a directory full of only pcap files", type=str, default="") TRAKr.add_param("-lat", help="latitude - load or scan parameter", type=float, default=0) TRAKr.add_param("-long", help="longitude - load or scan parameter", type=float, default=0) if __name__ == '__main__': try: TRAKr.run() # catch the keyboard interrupt and cleanup half open files except KeyboardInterrupt: print("\nTRAKr - Keyboard Interrupt - Shutting down...\n") if not ConfigHelper.getKeepAllPcaps(): __removePcaps() os._exit(0)