def readlines_log(debug=False): """ read stdin, if any. Assume sdf file names and return sdfs """ while sys.stdin in select.select([sys.stdin], [], [], 0)[0]: line = sys.stdin.readline() if not line: yield from [] break line = line.strip() name = line.split("/") name = name[-1] name = name.split(".") name = name[0] try: if "b3lyp" in line: properties = read_properties_b3lyp(line) elif "g4mp2" in line: properties = read_properties_g4mp2(line) if debug: print(name) yield name, properties except: misc.eprint(name, "fail") continue
def main(): global args, searchterm parser = argparse.ArgumentParser( description='Search captured traffic for a pattern') parser.add_argument('app_or_capture', metavar='appname', help='Application name or network capture file') parser.add_argument('searchterm', type=str, help='String to search for') parser.add_argument('-v', '--verbose', dest='verbose', action='store_true', help='display packet contents') parser.add_argument('-m', '--multi', dest='multi', action='store_true', help='search multiple encodings') args = parser.parse_args() app = args.app_or_capture searchterm = args.searchterm appdir = os.path.join('results', app) search_output = get_search_outname(searchterm) if os.path.isdir(appdir): sys.stdout = Logger(os.path.join(appdir, search_output)) if args.app_or_capture: # Check only one app # Option to use full packets perhaps specified if args.multi: check_multi(app, searchterm) else: check_app(app, searchterm) else: # Check all apps tested for entry in os.listdir('results'): if os.path.isdir(os.path.join('results', entry)): app = entry if args.multi: check_multi(app, searchterm) else: check_app(app, searchterm) elif os.path.isdir(os.path.join('results', entry.lower())): app = entry if args.multi: check_multi(app, searchterm) else: check_app(app, searchterm) print('') # Flush stdout log file sys.stdout = sys.__stdout__ # Copy log file to universally-named one copy2(os.path.join(appdir, search_output), os.path.join(appdir, report_output)) eprint(color.bright('Done!'))
def main(): parser = argparse.ArgumentParser( description='Run all reports for one or more tested application') parser.add_argument('app_or_capture', metavar='appname', nargs='?', help='Application name or network capture file') args = parser.parse_args() app = args.app_or_capture if args.app_or_capture: # Check only one app runreports(app) else: # Check all apps tested for app in getapps(): runreports(app) eprint(color.bright('Done!'))
def check_app(app, force=False): ''' Check application based on app name in Tapioca results ''' dnscacheloaded = False largewarned = False # Get pcap file location if app.endswith('.pcap'): pcapfile = app if os.path.exists(pcapfile): sys.stdout = Logger('%s.%s' % (pcapfile, report_output)) else: pcapfile = os.path.join('results', app, 'tcpdump.pcap') if os.path.exists(pcapfile): sys.stdout = Logger(os.path.join('results', app, report_output)) if os.path.exists(pcapfile): pcapdir = os.path.dirname(pcapfile) dnspkl = os.path.join(pcapdir, '.dnsmap.pkl') eprint(color.bright('Checking app %s...' % color.cyan(app))) if os.path.exists(dnspkl) and not force: eprint('Loading cached DNS info...') with open(dnspkl, 'rb') as pklhandle: try: net.dnsmap = pickle.load(pklhandle) dnscacheloaded = True except: pass if not dnscacheloaded: if os.path.getsize(pcapfile) > 100000000: # Over 100MB eprint( color.bright( color.yellow( 'Warning: capture size is large. Please be patient.' ))) largewarned = True # Get captured DNS info for IP addresses eprint('Getting DNS info...') dnspackets = pyshark.FileCapture(pcapfile, keep_packets=False, display_filter='dns') dnspackets.apply_on_packets(net.get_dns_info, timeout=1000) with open(dnspkl, 'wb') as pklhandle: pickle.dump(net.dnsmap, pklhandle, protocol=pickle.HIGHEST_PROTOCOL) if os.path.getsize(pcapfile) > 100000000 and not largewarned: # Over 100MB eprint( color.bright( color.yellow( 'Warning: capture size is large. Please be patient.'))) largewarned = True sslpackets = pyshark.FileCapture(pcapfile, keep_packets=False, display_filter='ssl') eprint('Getting SSL info from capture...') # get_indexed_ssl_info(cap) sslpackets.apply_on_packets(net.get_ssl_info, timeout=1000) dtlspackets = pyshark.FileCapture(pcapfile, keep_packets=False, display_filter='dtls') eprint('Getting DTLS info from capture...') dtlspackets.apply_on_packets(net.get_dtls_info, timeout=1000) # Print report generate_report(app, pcapfile=pcapfile) # Reset globals net.clear()
def check_app(app, fullpacket=False, force=False): ''' Check application based on app name in Tapioca results ''' dnscacheloaded = False targetscacheloaded = False largewarned = False # load local network from config net.set_local() # Get pcap file location if app.endswith('.pcap'): pcapfile = app if os.path.exists(pcapfile): sys.stdout = Logger('%s.%s' % (pcapfile, report_output)) else: pcapfile = os.path.join('results', app, 'tcpdump.pcap') if os.path.exists(pcapfile): sys.stdout = Logger(os.path.join('results', app, report_output)) if os.path.exists(pcapfile): pcapdir = os.path.dirname(pcapfile) dnspkl = os.path.join(pcapdir, '.dnsmap.pkl') targetspkl = os.path.join(pcapdir, '.targets.pkl') eprint(color.bright('Checking app %s...' % color.cyan(app))) if os.path.exists(dnspkl) and not force: eprint('Loading cached DNS info...') with open(dnspkl, 'rb') as pklhandle: try: net.dnsmap = pickle.load(pklhandle) net.dnsreqs = pickle.load(pklhandle) dnscacheloaded = True except: pass if not dnscacheloaded: if os.path.getsize(pcapfile) > 100000000: # Over 100MB eprint( color.bright( color.yellow( 'Warning: capture size is large. Please be patient.' ))) largewarned = True # Get captured DNS info for IP addresses eprint('Getting DNS info...') dnspackets = pyshark.FileCapture(pcapfile, keep_packets=False, display_filter='dns') dnspackets.apply_on_packets(net.get_dns_info, timeout=1000) with open(dnspkl, 'wb') as pklhandle: pickle.dump(net.dnsmap, pklhandle, protocol=pickle.HIGHEST_PROTOCOL) pickle.dump(net.dnsreqs, pklhandle, protocol=pickle.HIGHEST_PROTOCOL) # if os.path.exists(targetspkl) and not force: # eprint('Loading cached targets...') # with open(targetspkl, 'rb') as pklhandle: # try: # net.targets = pickle.load(pklhandle) # targetscacheloaded = True # except: # pass if not targetscacheloaded: if fullpacket: packets = pyshark.FileCapture(pcapfile, keep_packets=False) # Get hosts contacted eprint('Getting hosts contacted...') packets.apply_on_packets(net.get_hosts_contacted_fullpacket, timeout=1000) else: packets = pyshark.FileCapture(pcapfile, keep_packets=False, only_summaries=True) # Get hosts contacted eprint('Getting hosts contacted...') packets.apply_on_packets(net.get_hosts_contacted, timeout=1000) # with open(targetspkl, 'wb') as pklhandle: # pickle.dump( # net.targets, pklhandle, protocol=pickle.HIGHEST_PROTOCOL) # Print report generate_report(app, fullpacket=fullpacket, pcapfile=pcapfile) # Reset globals net.clear()
def main(): parser = argparse.ArgumentParser( description= 'Verify SSL certificate validation for one or more tested application') parser.add_argument('app_or_capture', metavar='appname', nargs='?', help='Application name or network capture file') args = parser.parse_args() app = args.app_or_capture if args.app_or_capture: check_app(app) else: for entry in os.listdir('results'): if os.path.isdir(os.path.join('results', entry)): app = entry check_app(app) eprint('') eprint(color.bright('SSL test summary:')) eprint(color.bright(color.red(('Failed:')))) for app in ssl_failed: eprint(app) if ssl_notest: eprint(color.bright('Not tested:')) for app in ssl_notest: eprint(app) eprint(color.bright(color.green(('Passed:')))) for app in ssl_passed: eprint(app)