def pcap_module(self): print '' cprint('Pcap file module', 'green') print '=======================\n' print ' read <filename> Reads a pcap file into narith from given filename' print ' count provides the number of packets in read pcap file' print ' interface provides the used interface in the on recorded session'
def domain_module(self): print '' cprint('Domains module', 'green') print '=======================\n' print ' www prints out all remote hostnames' print ' all prints all occurances of all hostnames during session' print ' search <infix> reads a substring and searches for domains that match'
def __init__(self, filename=None, binary=None): self.__records = [] self.__packets = [] if filename and (type(filename) is str) and (len(filename) < 256): self.__packet_count = 0 self.__interface = 0 try: self.__file = IOManager(filename, 'r') except: cprint('[!] File %s does not exist' % filename, 'red') return try: self.__global_header = self.GlobalHeader(self.__file.read(24)) (self.__packet_headers, self.__packets) = \ self._parseFromFile(self.__global_header.parse) except: cprint('[!] Invalid pcap file format', 'red') return elif binary and (type(binary) is str): self.__binary = binary self.__global_header = self.GlobalHeader(binary[:24]) (self.__packet_headers, self.__packets) = \ self._parseFromBin(binary[24:], self.__global_header.parse) else: raise ValueError, "Invalid filename length or binary data type"
def core(self): print '' cprint('List of core modules', 'red') print '=====================' print ' pcap Specialized in extracting data from pcap' print ' local Specialized in extracting data about local user' print ' domain Specialized in extracting data about domain names'
def session_module(self): print '' cprint('Session information module', 'green') print '=======================\n' print ' all Lists all sessions information' print ' search <infix> Searches for sessions with hosts which contain the infix' print ' www Lists all sessions with www domain name' print ' protocol Lists sessions which uses certain protocol'
def read(self, files): p = [] for f in files: pp = Pcap(f) p.append(pp) if pp.length: cprint(('[*] file %s read' % f),'green') self.__pcap = p
def local_module(self): print '' cprint('Local information module', 'green') print '=======================\n' print ' info Lists all information obtained about local host' print ' host Prints both the local ip and hostname if exists' print ' dns-servers Prints all dns servers used by local host' print ' mac-addr Prints the local host mac address'
def interface(self, files): for p in self.__pcap: try: cprint( '[*] file %s: %s' % (p.file, self.__interfaces[p.interface]), 'green') except: cprint('[!] Invalid file', 'red')
def all(self, commands): count = 0 for host, session in self.__se.sessions.iteritems(): cprint("Host:\t\t" + session.hostname, 'green') cprint("Packets no.:\t" + str(session.count), 'green') cprint("Date:\t\t" + session.start + " ~ " + session.end, 'green') cprint("Bytes:\t\t" + str(session.bytes), 'green') print "" count += 1 cprint("Total sessions: " + str(count), 'magenta')
def www(self, commands): count = 0 for session in self.__se.prefix("www"): cprint("Host:\t\t" + session.hostname, 'green') cprint("Packets no.:\t" + str(session.count), 'green') cprint("Date:\t\t" + session.start + " ~ " + session.end, 'green') cprint("Bytes:\t\t" + str(session.bytes), 'green') print "" count += 1 cprint("Total sessions: " + str(count), 'magenta')
def www(self, commands): count = 0 for session in self.__se.prefix("www"): cprint ("Host:\t\t"+session.hostname,'green') cprint ("Packets no.:\t"+str(session.count),'green') cprint ("Date:\t\t"+session.start+" ~ "+session.end,'green') cprint ("Bytes:\t\t"+str(session.bytes),'green') print "" count +=1 cprint("Total sessions: "+str(count),'magenta')
def all(self, commands): count = 0 for host,session in self.__se.sessions.iteritems(): cprint ("Host:\t\t"+session.hostname,'green') cprint ("Packets no.:\t"+str(session.count),'green') cprint ("Date:\t\t"+session.start+" ~ "+session.end,'green') cprint ("Bytes:\t\t"+str(session.bytes),'green') print "" count +=1 cprint("Total sessions: "+str(count),'magenta')
def requestSelect(self, commands): import time # print commands host = commands[0] # print host for i, j in self.__http.requests.iteritems(): if j['index'] == int(host): key = i break try: key except: cprint('Invalid host index', 'red') return cprint( '[+] %s request(s) to %s' % (self.__http.requests[key]['times'], key), 'blue') nonVerbalKeys = ['times', 'index'] h = '[+] ' for v in self.__http.requests[key]: if v in nonVerbalKeys: continue # h += ' | ' h += v + ': ' + str(self.__http.requests[key][v]) h += ' | ' cprint(h, 'green')
def __init__(self, filename=None,binary=None): self.__packet_headers = [] self.__packets = [] if filename and ( type(filename) is str ) and ( len(filename) < 256): self.__packet_count = 0 self.__interface = 0 try: self.__file = IOManager(filename,'r') except: cprint ('[!] File %s does not exist' %filename,'red') return try: self.__global_header = self.GlobalHeader(self.__file.read(24)) (self.__packet_headers, self.__packets) = \ self._parseFromFile(self.__global_header.parse) except: cprint('[!] Invalid pcap file format','red') return elif binary and (type(binary) is str): self.__binary = binary try: self.__global_header = self.GlobalHeader(binary[:24]) (self.__packet_headers, self.__packets) = \ self._parseFromBin(binary[24:], self.__global_header.parse) except: cprint('[!] Invalid pcap file format','red') return else: raise ValueError,"Invalid filename length or binary data type"
def requests(self, c): import time cprint( '[+] Found %s requests to %s hosts...' % (str(sum(x['times'] for x in self.__http.requests.values())), str(len(self.__http.requests.keys()))), 'blue') time.sleep(1) # r = 0 for i, j in self.__http.requests.iteritems(): # r += 1 # self.__http.requests[i]['index'] = r cprint('[%s]' % j['index'] + i, 'green') h = ' %s request(s)' % str(j['times']) nonVerbalKeys = ['times', 'index'] for v in j: if v in nonVerbalKeys: continue h += ' | ' h += v + ': ' + str(j[v]) cprint(h, 'yellow')
def www(self, commands): for domain,ip in self.__de.wwwExtract(): cprint("[*] " + domain + " -> " + ip,'green')
def executer(self, commands): if commands[0] not in self.__commands: cprint("[!] Command not found", 'red') return self.__commands[commands[0]](commands[1:])
def executer(self, commands): if commands[0] not in self.__commands: cprint("[!] Command not found",'red') return self.__commands[commands[0]](commands[1:])
def mac(self, commands): cprint('[*] Mac address: %s' % self.__li.mac_address, 'green')
def base(self): print '' cprint('List of base modules', 'red') print '==========================' print ' NOT YET No low level modules yet defined'
def host(self, commands): cprint('[*] Host: %s' % self.__li.host, 'green')
def dns(self, commands): cprint('[*] DNS Servers:','green') for server in self.__li.dns_servers: cprint('\tServer: %s' % server, 'green')
def search(self, commands): for domain,ip in self.__de.domains(commands[0]): cprint("[*] " + domain + " -> " + ip, 'green')
def all(self, commands): for domain,ip in self.__de.domains(''): cprint("[*] " + domain + " -> " + ip,'green')
def interface(self, files): for p in self.__pcap: try: cprint('[*] file %s: %s' %(p.file, self.__interfaces[p.interface]),'green') except: cprint('[!] Invalid file','red')
def high(self): print '' cprint('List of high modules', 'red') print '===========================' print ' NOT YET No High level modules yet defined'
def count(self, files): for p in self.__pcap: if p.file and p.length: cprint('[*] file %s: %d packets' % (p.file,p.length),'green') else: cprint('[!] Invalid file','red')