def report(request, task_id):
report = results_db.analysis.find_one({"info.id": int(task_id)},
sort=[("_id", pymongo.DESCENDING)])
if not report:
return render(request, "error.html", {
"error": "The specified analysis does not exist",
})
# Creating dns information dicts by domain and ip.
if "network" in report and "domains" in report["network"]:
domainlookups = dict(
(i["domain"], i["ip"]) for i in report["network"]["domains"])
iplookups = dict(
(i["ip"], i["domain"]) for i in report["network"]["domains"])
for i in report["network"]["dns"]:
for a in i["answers"]:
iplookups[a["data"]] = i["request"]
else:
domainlookups = dict()
iplookups = dict()
if "http_ex" in report["network"] or "https_ex" in report["network"]:
HAVE_HTTPREPLAY = True
else:
HAVE_HTTPREPLAY = False
try:
import httpreplay
httpreplay_version = getattr(httpreplay, "__version__", None)
except ImportError:
httpreplay_version = None
# Is this version of httpreplay deprecated?
deprecated = httpreplay_version and \
versiontuple(httpreplay_version) < versiontuple(LATEST_HTTPREPLAY)
return render(
request, "analysis/report.html", {
"analysis": report,
"domainlookups": domainlookups,
"iplookups": iplookups,
"httpreplay": {
"have": HAVE_HTTPREPLAY,
"deprecated": deprecated,
"current_version": httpreplay_version,
"latest_version": LATEST_HTTPREPLAY,
},
})
def report(request, task_id):
report = results_db.analysis.find_one({"info.id": int(task_id)}, sort=[("_id", pymongo.DESCENDING)])
if not report:
return render(request, "error.html", {"error": "The specified analysis does not exist"})
# Creating dns information dicts by domain and ip.
if "network" in report and "domains" in report["network"]:
domainlookups = dict((i["domain"], i["ip"]) for i in report["network"]["domains"])
iplookups = dict((i["ip"], i["domain"]) for i in report["network"]["domains"])
for i in report["network"]["dns"]:
for a in i["answers"]:
iplookups[a["data"]] = i["request"]
else:
domainlookups = dict()
iplookups = dict()
if "http_ex" in report["network"] or "https_ex" in report["network"]:
HAVE_HTTPREPLAY = True
else:
HAVE_HTTPREPLAY = False
try:
import httpreplay
httpreplay_version = getattr(httpreplay, "__version__", None)
except ImportError:
httpreplay_version = None
# Is this version of httpreplay deprecated?
deprecated = httpreplay_version and versiontuple(httpreplay_version) < versiontuple(LATEST_HTTPREPLAY)
return render(
request,
"analysis/report.html",
{
"analysis": report,
"domainlookups": domainlookups,
"iplookups": iplookups,
"httpreplay": {
"have": HAVE_HTTPREPLAY,
"deprecated": deprecated,
"current_version": httpreplay_version,
"latest_version": LATEST_HTTPREPLAY,
},
},
)
# Imports for the batch sort.
# http://stackoverflow.com/questions/10665925/how-to-sort-huge-files-with-python
# http://code.activestate.com/recipes/576755/
import heapq
from itertools import islice
from collections import namedtuple
Keyed = namedtuple("Keyed", ["key", "obj"])
Packet = namedtuple("Packet", ["raw", "ts"])
log = logging.getLogger(__name__)
cfg = Config()
# Urge users to upgrade to the latest version.
_v = getattr(httpreplay, "__version__", None) if HAVE_HTTPREPLAY else None
if _v and versiontuple(_v) < versiontuple(LATEST_HTTPREPLAY):
log.warning(
"You are using version %s of HTTPReplay, rather than the latest "
"version %s, which may not handle various corner cases and/or TLS "
"cipher suites correctly. This could result in not getting all the "
"HTTP/HTTPS streams that are available or corrupt some streams that "
"were not handled correctly before. Please upgrade it to the latest "
"version (`pip install --upgrade httpreplay`).",
_v, LATEST_HTTPREPLAY,
)
class Pcap(object):
"""Reads network data from PCAP file."""
ssl_ports = 443,
notified_dpkt = False
# Imports for the batch sort.
# http://stackoverflow.com/questions/10665925/how-to-sort-huge-files-with-python
# http://code.activestate.com/recipes/576755/
import heapq
from itertools import islice
from collections import namedtuple
Keyed = namedtuple("Keyed", ["key", "obj"])
Packet = namedtuple("Packet", ["raw", "ts"])
log = logging.getLogger(__name__)
cfg = Config()
# Urge users to upgrade to the latest version.
_v = getattr(httpreplay, "__version__", None) if HAVE_HTTPREPLAY else None
if _v and versiontuple(_v) < versiontuple(LATEST_HTTPREPLAY):
log.warning(
"You are using version %s of HTTPReplay, rather than the latest "
"version %s, which may not handle various corner cases and/or TLS "
"cipher suites correctly. This could result in not getting all the "
"HTTP/HTTPS streams that are available or corrupt some streams that "
"were not handled correctly before. Please upgrade it to the latest "
"version (`pip install --upgrade httpreplay`).",
_v,
LATEST_HTTPREPLAY,
)
class Pcap(object):
"""Reads network data from PCAP file."""
ssl_ports = 443,