def compareFormat(self, value, indice, negative, vocabulary, memory):
"""compareFormat:
Compute if the provided data is "format-compliant" and return the size of the biggest compliant data.
@type value: bitarray.bitarray
@param value: a bit array a subarray of which we compare to the current variable binray value.
@type indice: integer
@param indice: the starting point of comparison in value.
@type negative: boolean
@param negative: tells if we use the variable or a logical not of it.
@type vocabulary: netzob.Common.Vocabulary.Vocabulary
@param vocabulary: the vocabulary of the current project.
@type memory: netzob.Common.MMSTD.Memory.Memory
@param memory: a memory which can contain a former value of the variable.
@rtype: integer
@return: the size of the biggest compliant data, -1 if it does not comply.
"""
tmp = value[indice:]
size = len(tmp)
if size <= 8:
self.log.debug("Too small, not even 8 bits available (1 number)")
return -1
for i in range(size, 8, -1):
subValue = value[indice:indice + i - 1]
strVal = TypeConvertor.bin2string(
TypeConvertor.strBitarray2Bitarray(subValue))
typeIdentifier = TypeIdentifier()
if typeIdentifier.isAscii(strVal):
if (strVal.isdigit()):
self.log.debug("Its a numeric : (" + str(strVal) + ")")
return i + indice - 1
self.log.debug("the value " + str(
TypeConvertor.bin2string(TypeConvertor.strBitarray2Bitarray(tmp)))
+ " cannot be parsed as a decimalWord")
return -1
def write(self, message):
self.log.debug("Writing to the socket")
self.outputMessages.append(message)
# This work only for values between 0x00 and 0x7f
# self.socket.send(message.tostring())
if self.protocol == "UDP":
self.socket.sendto(TypeConvertor.bin2string(message), (self.getTargetIP(), self.getTargetPort()))
else: # TCP
self.socket.send(TypeConvertor.bin2string(message))
self.log.debug("Write down !")
def compareFormat(self, value, indice, negative, vocabulary, memory):
"""compareFormat:
Compute if the provided data is "format-compliant" and return the size of the biggest compliant data.
@type value: bitarray.bitarray
@param value: a bit array a subarray of which we compare to the current variable binray value.
@type indice: integer
@param indice: the starting point of comparison in value.
@type negative: boolean
@param negative: tells if we use the variable or a logical not of it.
@type vocabulary: netzob.Common.Vocabulary.Vocabulary
@param vocabulary: the vocabulary of the current project.
@type memory: netzob.Common.MMSTD.Memory.Memory
@param memory: a memory which can contain a former value of the variable.
@rtype: integer
@return: the size of the biggest compliant data, -1 if it does not comply.
"""
tmp = value[indice:]
size = len(tmp)
if size <= 16:
self.log.debug("Too small, not even 16 bits available (2 letters)")
return -1
for i in range(size, 16, -1):
subValue = value[indice:indice + i - 1]
if (i - 1) % 8 == 0:
strVal = TypeConvertor.bin2string(TypeConvertor.strBitarray2Bitarray(subValue))
typeIdentifier = TypeIdentifier()
if typeIdentifier.isAscii(strVal):
self.log.debug("Its an ascii : (" + str(strVal) + ")")
if (not ' ' in strVal and not '\n' in strVal and not '\r' in strVal):
self.log.debug("Its an ascii without space : (" + str(strVal) + ")")
self.log.debug("Binary value of the ascii : %s" % str(TypeConvertor.strBitarray2Bitarray(subValue)))
return indice + i - 1
return -1
def compareFormat(self, value, indice, negative, vocabulary, memory):
tmp = value[indice:]
size = len(tmp)
if size <= 8:
self.log.debug("Too small, not even 8 bits available (1 number)")
return -1
for i in range(size, 8, -1):
subValue = value[indice:indice + i - 1]
strVal = TypeConvertor.bin2string(TypeConvertor.strBitarray2Bitarray(subValue))
typeIdentifier = TypeIdentifier()
if typeIdentifier.isAscii(strVal):
if (strVal.isdigit()):
self.log.debug("Its a numeric : (" + str(strVal) + ")")
return i + indice - 1
self.log.debug("the value " + str(TypeConvertor.bin2string(TypeConvertor.strBitarray2Bitarray(tmp))) + " cannot be parsed as a decimalWord")
return -1
def learn(self, value, indice, negative, vocabulary, memory):
if self.format == Format.ASCII:
currentContent = TypeConvertor.bin2string(value[indice:])
IPRegex = re.compile("(((?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))")
hasMatched = False
for t in range(min(len(currentContent), 15), 7, -1):
currentPossibleIP = currentContent[:t]
result = IPRegex.match(currentPossibleIP)
if result != None:
hasMatched = True
elif hasMatched:
break
if hasMatched:
result = currentContent[:t + 2]
self.log.debug("Learn from received message : " + str(result))
strCurrentValue = str(result)
binCurrentValue = TypeConvertor.string2bin(result, 'big')
memory.memorize(self, (binCurrentValue, strCurrentValue))
return len(TypeConvertor.string2bin(result, 'big'))
else:
self.log.debug("Compare on format was not successfull")
return -1
else:
raise NotImplementedError("Error, the current variable (IPv4Variable) doesn't support function compareFormat in this case")
def write(self, message):
self.log.debug("Write down !")
self.outputMessages.append(message)
try:
self.outputFile.write(TypeConvertor.bin2string(message))
self.outputFile.flush()
except:
self.log.warn("An error occured while trying to write on the communication channel")
def learn(self, value, indice, negative, vocabulary, memory):
# First we retrieve the size of the value to memorize
size = self.compare(value, indice, negative, vocabulary, memory)
if size > 0:
# memorize
self.log.debug("Memorize : " + str(value[indice:size]))
memory.memorize(self, (value[indice:size], TypeConvertor.bin2string(TypeConvertor.strBitarray2Bitarray(value[indice:size]))))
return size
else:
self.log.debug("Incompatible for learning")
return -1
def write(self, message):
self.log.debug("Write down !")
self.outputMessages.append(message)
try:
self.outputFile.write(TypeConvertor.bin2string(message))
self.outputFile.flush()
except:
self.log.warn(
"An error occured while trying to write on the communication channel"
)
def generateValue(self, negative, dictionary):
# Retrieve the value of the data to hash
var = dictionary.getVariableByID(self.id_var)
(binToHash, strToHash) = var.getValue(negative, dictionary)
toHash = TypeConvertor.bin2string(binToHash)
self.log.debug("Will hash the followings : " + toHash)
md5core = hashlib.md5(self.init)
md5core.update(toHash)
md5Hex = md5core.digest()
self.binVal = TypeConvertor.hex2bin(md5Hex)
self.strVal = TypeConvertor.bin2strhex(self.binVal)
self.log.debug("Generated MD5 = " + self.strVal)
def learn(self, val, indice, isForced, dictionary):
self.log.debug("LEARN")
variable = dictionary.getVariableByID(self.idVar)
(binValue, strValue) = variable.getValue(False, dictionary)
nb_letter = TypeConvertor.bin2int(binValue) * 8
self.log.debug("nb_letter = " + str(nb_letter))
tmp = val[indice:]
self.log.debug("tmp size : " + str(len(tmp)))
if (len(tmp) >= nb_letter):
self.binVal = tmp[:nb_letter]
self.strVal = TypeConvertor.bin2string(self.binVal)
self.log.debug("Value learnt : " + self.strVal)
return indice + nb_letter
return -1
def compareFormat(self, value, indice, negative, vocabulary, memory):
"""compareFormat:
Compute if the provided data is "format-compliant" and return the size of the biggest compliant data.
@type value: bitarray.bitarray
@param value: a bit array a subarray of which we compare to the current variable binray value.
@type indice: integer
@param indice: the starting point of comparison in value.
@type negative: boolean
@param negative: tells if we use the variable or a logical not of it.
@type vocabulary: netzob.Common.Vocabulary.Vocabulary
@param vocabulary: the vocabulary of the current project.
@type memory: netzob.Common.MMSTD.Memory.Memory
@param memory: a memory which can contain a former value of the variable.
@rtype: integer
@return: the size of the biggest compliant data, -1 if it does not comply.
"""
tmp = value[indice:]
size = len(tmp)
if size <= 8:
self.log.debug("Too small, not even 8 bits available (1 number)")
return -1
for i in range(size, 8, -1):
subValue = value[indice : indice + i - 1]
strVal = TypeConvertor.bin2string(TypeConvertor.strBitarray2Bitarray(subValue))
typeIdentifier = TypeIdentifier()
if typeIdentifier.isAscii(strVal):
if strVal.isdigit():
self.log.debug("Its a numeric : (" + str(strVal) + ")")
return i + indice - 1
self.log.debug(
"the value "
+ str(TypeConvertor.bin2string(TypeConvertor.strBitarray2Bitarray(tmp)))
+ " cannot be parsed as a decimalWord"
)
return -1
def learn(self, val, indice, isForced, dictionary):
self.log.debug("LEARN")
variable = dictionary.getVariableByID(self.idVar)
(binValue, strValue) = variable.getValue(False, dictionary)
nb_letter = TypeConvertor.bin2int(binValue) * 8
self.log.debug("nb_letter = " + str(nb_letter))
tmp = val[indice:]
self.log.debug("tmp size : " + str(len(tmp)))
if (len(tmp) >= nb_letter):
self.binVal = tmp[:nb_letter]
self.strVal = TypeConvertor.bin2string(self.binVal)
self.log.debug("Value learnt : " + self.strVal)
return indice + nb_letter
return -1
def generateValue(self, negative, dictionary):
# Retrieve the value of the data to hash
var = dictionary.getVariableByID(self.id_var)
(binToHash, strToHash) = var.getValue(negative, dictionary)
toHash = TypeConvertor.bin2string(binToHash)
self.log.debug("Will hash the followings : " + toHash)
md5core = hashlib.md5(self.init)
md5core.update(toHash)
md5Hex = md5core.digest()
self.binVal = TypeConvertor.hex2bin(md5Hex)
self.strVal = TypeConvertor.bin2strhex(self.binVal)
self.log.debug("Generated MD5 = " + self.strVal)
def learn(self, value, indice, negative, vocabulary, memory):
"""learn:
Compare the current variable to the end (starting at the "indice"-th character) of value.
Moreover it stores learns from the provided message.
Return the number of letters that matches, -1 if it does not match.
"""
# First we retrieve the size of the value to memorize
size = self.compare(value, indice, negative, vocabulary, memory)
if size > 0:
# memorize
self.log.debug("Memorize : " + str(value[indice:size]))
memory.memorize(self, (value[indice:size], TypeConvertor.bin2string(TypeConvertor.strBitarray2Bitarray(value[indice:size]))))
return size
else:
self.log.debug("Incompatible for learning")
return -1
def compareFormat(self, value, indice, negative, vocabulary, memory):
"""compareFormat:
Compute if the provided data is "format-compliant" and return the size of the biggest compliant data.
@type value: bitarray.bitarray
@param value: a bit array a subarray of which we compare to the current variable binray value.
@type indice: integer
@param indice: the starting point of comparison in value.
@type negative: boolean
@param negative: tells if we use the variable or a logical not of it.
@type vocabulary: netzob.Common.Vocabulary.Vocabulary
@param vocabulary: the vocabulary of the current project.
@type memory: netzob.Common.MMSTD.Memory.Memory
@param memory: a memory which can contain a former value of the variable.
@rtype: integer
@return: the size of the biggest compliant data, -1 if it does not comply.
"""
if self.format == Format.ASCII:
currentContent = TypeConvertor.bin2string(value[indice:])
IPRegex = re.compile(
"(((?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))"
)
hasMatched = False
for t in range(min(len(currentContent), 15), 7, -1):
currentPossibleIP = currentContent[:t]
result = IPRegex.match(currentPossibleIP)
if result is not None:
hasMatched = True
elif hasMatched:
break
if hasMatched:
result = currentContent[:t + 2]
self.log.debug("Compare on format was successfull : " +
str(result))
return len(TypeConvertor.string2bin(result, 'big'))
else:
self.log.debug("Compare on format was not successfull")
return -1
else:
raise NotImplementedError(
"Error, the current variable (IPv4Variable) doesn't support function compareFormat in this case"
)
def compareFormat(self, value, indice, negative, vocabulary, memory):
tmp = value[indice:]
size = len(tmp)
if size <= 16:
self.log.debug("Too small, not even 16 bits available (2 letters)")
return -1
for i in range(size, 16, -1):
subValue = value[indice:indice + i - 1]
if (i - 1) % 8 == 0:
strVal = TypeConvertor.bin2string(TypeConvertor.strBitarray2Bitarray(subValue))
typeIdentifier = TypeIdentifier()
if typeIdentifier.isAscii(strVal):
self.log.debug("Its an ascii : (" + str(strVal) + ")")
if (not ' ' in strVal and not '\n' in strVal and not '\r' in strVal):
self.log.debug("Its an ascii without space : (" + str(strVal) + ")")
self.log.debug("Binary value of the ascii : %s" % str(TypeConvertor.strBitarray2Bitarray(subValue)))
return indice + i - 1
return -1
def compareFormat(self, value, indice, negative, vocabulary, memory):
"""compareFormat:
Compute if the provided data is "format-compliant" and return the size of the biggest compliant data.
@type value: bitarray.bitarray
@param value: a bit array a subarray of which we compare to the current variable binray value.
@type indice: integer
@param indice: the starting point of comparison in value.
@type negative: boolean
@param negative: tells if we use the variable or a logical not of it.
@type vocabulary: netzob.Common.Vocabulary.Vocabulary
@param vocabulary: the vocabulary of the current project.
@type memory: netzob.Common.MMSTD.Memory.Memory
@param memory: a memory which can contain a former value of the variable.
@rtype: integer
@return: the size of the biggest compliant data, -1 if it does not comply.
"""
if self.format == Format.ASCII:
currentContent = TypeConvertor.bin2string(value[indice:])
IPRegex = re.compile(
"(((?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))"
)
hasMatched = False
for t in range(min(len(currentContent), 15), 7, -1):
currentPossibleIP = currentContent[:t]
result = IPRegex.match(currentPossibleIP)
if result is not None:
hasMatched = True
elif hasMatched:
break
if hasMatched:
result = currentContent[: t + 2]
self.log.debug("Compare on format was successfull : " + str(result))
return len(TypeConvertor.string2bin(result, "big"))
else:
self.log.debug("Compare on format was not successfull")
return -1
else:
raise NotImplementedError(
"Error, the current variable (IPv4Variable) doesn't support function compareFormat in this case"
)
def learn(self, value, indice, negative, vocabulary, memory):
"""learn:
Compare the current variable to the end (starting at the "indice"-th character) of value.
Moreover it stores learns from the provided message.
Return the number of letters that matches, -1 if it does not match.
"""
# First we retrieve the size of the value to memorize
size = self.compare(value, indice, negative, vocabulary, memory)
if size > 0:
# memorize
self.log.debug("Memorize : " + str(value[indice:size]))
memory.memorize(
self,
(value[indice:size],
TypeConvertor.bin2string(
TypeConvertor.strBitarray2Bitarray(value[indice:size]))))
return size
else:
self.log.debug("Incompatible for learning")
return -1
def compareFormat(self, value, indice, negative, vocabulary, memory):
"""compareFormat:
Compute if the provided data is "format-compliant" and return the size of the biggest compliant data.
@type value: bitarray.bitarray
@param value: a bit array a subarray of which we compare to the current variable binray value.
@type indice: integer
@param indice: the starting point of comparison in value.
@type negative: boolean
@param negative: tells if we use the variable or a logical not of it.
@type vocabulary: netzob.Common.Vocabulary.Vocabulary
@param vocabulary: the vocabulary of the current project.
@type memory: netzob.Common.MMSTD.Memory.Memory
@param memory: a memory which can contain a former value of the variable.
@rtype: integer
@return: the size of the biggest compliant data, -1 if it does not comply.
"""
tmp = value[indice:]
size = len(tmp)
if size <= 16:
self.log.debug("Too small, not even 16 bits available (2 letters)")
return -1
for i in range(size, 16, -1):
subValue = value[indice:indice + i - 1]
if (i - 1) % 8 == 0:
strVal = TypeConvertor.bin2string(
TypeConvertor.strBitarray2Bitarray(subValue))
typeIdentifier = TypeIdentifier()
if typeIdentifier.isAscii(strVal):
self.log.debug("Its an ascii : (" + str(strVal) + ")")
if (not ' ' in strVal and not '\n' in strVal
and not '\r' in strVal):
self.log.debug("Its an ascii without space : (" +
str(strVal) + ")")
self.log.debug(
"Binary value of the ascii : %s" %
str(TypeConvertor.strBitarray2Bitarray(subValue)))
return indice + i - 1
return -1
def learn(self, val, indice, isForced, dictionary):
if self.strVal is None or isForced:
tmp = val[indice:]
self.log.debug("Taille MD5 " + str(len(tmp)))
# MD5 size = 16 bytes = 16*8 = 128
if (len(tmp) >= 128):
binVal = tmp[0:128]
# We verify its realy the MD5
var = dictionary.getVariableByID(self.id_var)
(binToHash, strToHash) = var.getValue(False, dictionary)
toHash = TypeConvertor.bin2string(binToHash)
self.log.debug("Will hash the followings : " + toHash)
md5core = hashlib.md5(self.init)
md5core.update(toHash)
md5Hex = md5core.digest()
self.log.debug("We should received an MD5 = " +
str(TypeConvertor.hex2bin(md5Hex)))
self.log.debug("We have received " + str(binVal))
if (TypeConvertor.hex2bin(md5Hex) == binVal):
self.binVal = TypeConvertor.hex2bin(md5Hex)
self.strVal = TypeConvertor.bin2strhex(self.binVal)
self.log.debug("Perfect, there are equals we return " +
str(len(binVal)))
return indice + len(binVal)
else:
return -1
else:
return -1
self.log.debug("value = " + str(self.strVal) + ", isForced = " +
str(isForced))
return -1
def learn(self, value, indice, negative, vocabulary, memory):
"""learn:
Compare the current variable to the end (starting at the "indice"-th character) of value.
Moreover it stores learns from the provided message.
Return the number of letters that matches, -1 if it does not match.
"""
if self.format == Format.ASCII:
currentContent = TypeConvertor.bin2string(value[indice:])
IPRegex = re.compile(
"(((?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))"
)
hasMatched = False
for t in range(min(len(currentContent), 15), 7, -1):
currentPossibleIP = currentContent[:t]
result = IPRegex.match(currentPossibleIP)
if result is not None:
hasMatched = True
elif hasMatched:
break
if hasMatched:
result = currentContent[: t + 2]
self.log.debug("Learn from received message : " + str(result))
strCurrentValue = str(result)
binCurrentValue = TypeConvertor.string2bin(result, "big")
memory.memorize(self, (binCurrentValue, strCurrentValue))
return len(TypeConvertor.string2bin(result, "big"))
else:
self.log.debug("Compare on format was not successfull")
return -1
else:
raise NotImplementedError(
"Error, the current variable (IPv4Variable) doesn't support function compareFormat in this case"
)
def learn(self, val, indice, isForced, dictionary):
if self.strVal is None or isForced:
tmp = val[indice:]
self.log.debug("Taille MD5 " + str(len(tmp)))
# MD5 size = 16 bytes = 16*8 = 128
if (len(tmp) >= 128):
binVal = tmp[0:128]
# We verify its realy the MD5
var = dictionary.getVariableByID(self.id_var)
(binToHash, strToHash) = var.getValue(False, dictionary)
toHash = TypeConvertor.bin2string(binToHash)
self.log.debug("Will hash the followings : " + toHash)
md5core = hashlib.md5(self.init)
md5core.update(toHash)
md5Hex = md5core.digest()
self.log.debug("We should received an MD5 = " + str(TypeConvertor.hex2bin(md5Hex)))
self.log.debug("We have received " + str(binVal))
if (TypeConvertor.hex2bin(md5Hex) == binVal):
self.binVal = TypeConvertor.hex2bin(md5Hex)
self.strVal = TypeConvertor.bin2strhex(self.binVal)
self.log.debug("Perfect, there are equals we return " + str(len(binVal)))
return indice + len(binVal)
else:
return -1
else:
return -1
self.log.debug("value = " + str(self.strVal) + ", isForced = " + str(isForced))
return -1
def learn(self, value, indice, negative, vocabulary, memory):
"""learn:
Compare the current variable to the end (starting at the "indice"-th character) of value.
Moreover it stores learns from the provided message.
Return the number of letters that matches, -1 if it does not match.
"""
if self.format == Format.ASCII:
currentContent = TypeConvertor.bin2string(value[indice:])
IPRegex = re.compile(
"(((?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))"
)
hasMatched = False
for t in range(min(len(currentContent), 15), 7, -1):
currentPossibleIP = currentContent[:t]
result = IPRegex.match(currentPossibleIP)
if result is not None:
hasMatched = True
elif hasMatched:
break
if hasMatched:
result = currentContent[:t + 2]
self.log.debug("Learn from received message : " + str(result))
strCurrentValue = str(result)
binCurrentValue = TypeConvertor.string2bin(result, 'big')
memory.memorize(self, (binCurrentValue, strCurrentValue))
return len(TypeConvertor.string2bin(result, 'big'))
else:
self.log.debug("Compare on format was not successfull")
return -1
else:
raise NotImplementedError(
"Error, the current variable (IPv4Variable) doesn't support function compareFormat in this case"
)
