def displayMessage(self, message):
# Clean the hexdump view
self.textview.get_buffer().delete(self.textview.get_buffer().get_start_iter(), self.textview.get_buffer().get_end_iter())
# Fecth the content of the message to display
hexContent = TypeConvertor.hexdump(TypeConvertor.netzobRawToPythonRaw(message.getData()))
# Update the hexdump
self.textview.get_buffer().insert_with_tags_by_name(self.textview.get_buffer().get_start_iter(), hexContent, "normalTag")
def displayMessage(self, message):
# Clean the hexdump view
self.textview.get_buffer().delete(self.textview.get_buffer().get_start_iter(), self.textview.get_buffer().get_end_iter())
# Fecth the content of the message to display
hexContent = TypeConvertor.hexdump(TypeConvertor.netzobRawToPythonRaw(message.getData()))
# Update the hexdump
self.textview.get_buffer().insert_with_tags_by_name(self.textview.get_buffer().get_start_iter(), hexContent, "normalTag")
def getMessageDetails(self, messageID):
if not messageID in self._payloadDict:
errorMessage = _("Message ID: {0} not found in importer " +
"message list").format(messageID)
logging.error(errorMessage)
raise NetzobImportException("IPC", errorMessage, ERROR)
payload = self._payloadDict[messageID]
return TypeConvertor.hexdump(TypeConvertor.netzobRawToPythonRaw(payload))
def getMessageDetails(self, messageID):
if not messageID in self._payloadDict:
errorMessage = _("Message ID: {0} not found in importer " +
"message list").format(messageID)
logging.error(errorMessage)
raise NetzobImportException("IPC", errorMessage, ERROR)
payload = self._payloadDict[messageID]
return TypeConvertor.hexdump(
TypeConvertor.netzobRawToPythonRaw(payload))
def doGetMessageDetails(self, messageID):
message = self.model.getMessageByID(str(messageID))
properties = [(props.getName(), props.getCurrentValue()) for props in message.getProperties()
if props.getName() != 'Data']
messageDetails = "\n".join(["{0}: {1}".format(*prop)
for prop in properties])
messageDetails += "\n\n" + TypeConvertor.hexdump(TypeConvertor.netzobRawToPythonRaw(message.getStringData()))
return messageDetails
def compilePattern(self):
# self.log.debug("CALL COMPILE")
tokens = []
maxA = 126 # Max of ascii char not extended
minA = 32 # Min of ascii printable
spe = [9, 10, 13] # tab, \n, \r
tempstr = ""
tempbstr = ""
ASCIITHRESHOLD = 5 # TODO put as option in UI
isAsciiPrintable = lambda t: (ord(t) >= minA and ord(t) <= maxA
) # or ord(t) in spe
current = ""
tempLength = 0 # Temporary length of byte token
canRemove = False
if len(str(self.getData())) > 0:
# self.log.debug(str(self.getData()))
for i in TypeConvertor.netzobRawToPythonRaw(str(self.getData())):
if isAsciiPrintable(i):
if tempLength:
if not canRemove: # Means that there where bytes before
tokens.append(
Token(Format.HEX, tempLength, "constant",
tempbstr))
canRemove = True
tempLength += 1
tempstr += i
else: # We have a byte
if len(tempstr) > ASCIITHRESHOLD:
tempbstr = ""
tempLength = 0
tokens.append(
Token(Format.STRING, len(tempstr), "constant",
tempstr))
canRemove = False
elif canRemove: # It is not considered as a text string or we have a byte
tokens.pop()
tempbstr += tempstr
canRemove = False
elif tempstr:
tempLength += len(tempstr)
tempbstr += tempstr
tempstr = ""
tempbstr += i
tempLength += 1
if len(tempstr) > ASCIITHRESHOLD or (not tokens and tempstr):
tokens.append(
Token(Format.STRING, len(tempstr), "constant", tempstr))
else:
if canRemove:
tokens.pop()
tokens.append(
Token(Format.HEX, tempLength, "constant", tempbstr))
self.pattern.append(tokens)
def doGetMessageDetails(self, messageID):
message = self.model.getMessageByID(str(messageID))
properties = [(props.getName(), props.getCurrentValue())
for props in message.getProperties()
if props.getName() != 'Data']
messageDetails = "\n".join(
["{0}: {1}".format(*prop) for prop in properties])
messageDetails += "\n\n" + TypeConvertor.hexdump(
TypeConvertor.netzobRawToPythonRaw(message.getStringData()))
return messageDetails
def reverse(self, message):
"""reverse:
Encode in B64 the provided message"""
result = message
try:
rawContent = TypeConvertor.netzobRawToPythonRaw(message)
b64Content = base64.b64encode(rawContent)
result = TypeConvertor.pythonRawToNetzobRaw(b64Content)
except TypeError as error:
logging.warning("Impossible to compute the base64 value of message (error={0})".format(str(error)))
result = ""
return result
def apply(self, message):
result = message
rawData = TypeConvertor.netzobRawToPythonRaw(message)
compressedstream = StringIO.StringIO(rawData)
try:
gzipper = gzip.GzipFile(fileobj=compressedstream)
data = gzipper.read()
result = TypeConvertor.pythonRawToNetzobRaw(data)
except Exception as e:
logging.info("Impossible to apply GZip function on provided message (error= {0})".format(str(e)))
result = ""
return result
def reverse(self, message):
"""reverse:
This compress the provided message in bz2 format"""
result = message
rawData = TypeConvertor.netzobRawToPythonRaw(message)
try:
rawResult = bz2.compress(rawData)
result = TypeConvertor.pythonRawToNetzobRaw(rawResult)
except Exception as e:
logging.info("Impossible to reverse BZ2 function (compress) on provided message (error= {0})".format(str(e)))
result = ""
return result
def reverse(self, message):
result = message
rawData = TypeConvertor.netzobRawToPythonRaw(message)
compressedstream = StringIO.StringIO()
try:
gzipper = gzip.GzipFile(fileobj=compressedstream, mode='w')
gzipper.write(rawData)
gzipper.close()
result = TypeConvertor.pythonRawToNetzobRaw(compressedstream.getvalue())
except Exception as e:
logging.info("Impossible to apply GZip function on provided message (error= {0})".format(str(e)))
result = ""
return result
def reverse(self, message):
"""reverse:
Encode in B64 the provided message"""
result = message
try:
rawContent = TypeConvertor.netzobRawToPythonRaw(message)
b64Content = base64.b64encode(rawContent)
result = TypeConvertor.pythonRawToNetzobRaw(b64Content)
except TypeError as error:
logging.warning(
"Impossible to compute the base64 value of message (error={0})"
.format(str(error)))
result = ""
return result
def compilePattern(self):
# self.log.debug("CALL COMPILE")
tokens = []
maxA = 126 # Max of ascii char not extended
minA = 32 # Min of ascii printable
spe = [9, 10, 13] # tab, \n, \r
tempstr = ""
tempbstr = ""
ASCIITHRESHOLD = 5 # TODO put as option in UI
isAsciiPrintable = lambda t: (ord(t) >= minA and ord(t) <= maxA) # or ord(t) in spe
current = ""
tempLength = 0 # Temporary length of byte token
canRemove = False
if len(str(self.getData())) > 0:
# self.log.debug(str(self.getData()))
for i in TypeConvertor.netzobRawToPythonRaw(str(self.getData())):
if isAsciiPrintable(i):
if tempLength:
if not canRemove: # Means that there where bytes before
tokens.append(Token(Format.HEX, tempLength, "constant", tempbstr))
canRemove = True
tempLength += 1
tempstr += i
else: # We have a byte
if len(tempstr) > ASCIITHRESHOLD:
tempbstr = ""
tempLength = 0
tokens.append(Token(Format.STRING, len(tempstr), "constant", tempstr))
canRemove = False
elif canRemove: # It is not considered as a text string or we have a byte
tokens.pop()
tempbstr += tempstr
canRemove = False
elif tempstr:
tempLength += len(tempstr)
tempbstr += tempstr
tempstr = ""
tempbstr += i
tempLength += 1
if len(tempstr) > ASCIITHRESHOLD or (not tokens and tempstr):
tokens.append(Token(Format.STRING, len(tempstr), "constant", tempstr))
else:
if canRemove:
tokens.pop()
tokens.append(Token(Format.HEX, tempLength, "constant", tempbstr))
self.pattern.append(tokens)
def getEncodedSizes(self, cell):
res = {}
# Loop over different possible encoding of size field
for n in [4, 2, 1]:
# Handle big and little endian for size field of 1, 2 and 4 octets length
rawMsgSize = TypeConvertor.netzobRawToPythonRaw(cell[:n * 2])
# We take the tiniest encoding form
if len(rawMsgSize) == 1:
expectedSizeType = "B"
elif len(rawMsgSize) == 2:
expectedSizeType = "H"
elif len(rawMsgSize) == 4:
expectedSizeType = "I"
else: # Do not consider size field with len > 4
break
# We want both little and big endian version of the size
(expectedSizeLE,) = struct.unpack("<" + expectedSizeType, rawMsgSize)
(expectedSizeBE,) = struct.unpack(">" + expectedSizeType, rawMsgSize)
res[len(rawMsgSize)] = (expectedSizeLE, expectedSizeBE)
return res
def getEncodedSizes(self, cell):
res = {}
# Loop over different possible encoding of size field
for n in [4, 2, 1]:
# Handle big and little endian for size field of 1, 2 and 4 octets length
rawMsgSize = TypeConvertor.netzobRawToPythonRaw(cell[:n * 2])
# We take the tiniest encoding form
if len(rawMsgSize) == 1:
expectedSizeType = "B"
elif len(rawMsgSize) == 2:
expectedSizeType = "H"
elif len(rawMsgSize) == 4:
expectedSizeType = "I"
else: # Do not consider size field with len > 4
break
# We want both little and big endian version of the size
(expectedSizeLE, ) = struct.unpack("<" + expectedSizeType,
rawMsgSize)
(expectedSizeBE, ) = struct.unpack(">" + expectedSizeType,
rawMsgSize)
res[len(rawMsgSize)] = (expectedSizeLE, expectedSizeBE)
return res
def doGetMessageDetails(self, messageID):
message = self.model.getMessageByID(str(messageID))
return TypeConvertor.hexdump(TypeConvertor.netzobRawToPythonRaw(message.getData()))
def __init__(self, message, symbol):
data = message.getReducedStringData()
self.alignment = TypeConvertor.netzobRawToPythonRaw(data)
self.uid = symbol.getID()
self.length = len(self.alignment)
def doGetMessageDetails(self, messageID):
message = self.model.getMessageByID(str(messageID))
return TypeConvertor.hexdump(
TypeConvertor.netzobRawToPythonRaw(message.getData()))
def apply(self, message):
if self.unitsize != UnitSize.NONE:
# First we apply the unit size
# Default modulo = 2 => 8BITS
if self.unitsize == UnitSize.BIT:
modulo = 1
else:
modulo = UnitSize.getSizeInBits(self.unitsize) / 4
splittedData = []
tmpResult = ""
for i in range(0, len(message)):
if i > 0 and i % modulo == 0:
splittedData.append(tmpResult)
tmpResult = ""
tmpResult = tmpResult + message[i]
splittedData.append(tmpResult)
else:
splittedData = [message]
encodedSplittedData = []
# Now we have the message splitted per unit size
# we apply endianess on it
# we consider the normal mode is big-endian
for i in range(0, len(splittedData)):
origNetzobRaw = splittedData[i]
# SPECIAL CASE : ASCII we do not compute endianess neither signed/unsigned
if not self.formatType == Format.STRING and UnitSize.getSizeInBits(self.unitsize) >= 8 and not self.formatType == Format.BINARY:
tmpVal = UnitSize.getSizeInBits(self.unitsize) / 4 - len(origNetzobRaw)
if self.endianness == Endianess.BIG:
netzobRaw = (tmpVal * "0") + origNetzobRaw
else:
netzobRaw = origNetzobRaw + (tmpVal * "0")
# Convert in Python raw
pythonraw = TypeConvertor.netzobRawToPythonRaw(netzobRaw)
# Create transformer
# - ENDIANESS
transformer = ">"
if self.endianness == Endianess.LITTLE:
transformer = "<"
# - SIGNED/UNISGNED
if self.sign == Sign.SIGNED:
transformer = transformer + (UnitSize.getPackDefiniton(self.unitsize)).lower()
else:
transformer = transformer + (UnitSize.getPackDefiniton(self.unitsize)).upper()
# Apply the transformation
(unpackRaw,) = struct.unpack(transformer, pythonraw)
localResult = ""
fmt = "%" + str(UnitSize.getMaxDigitForTypeAndUnitSize(self.formatType, self.unitsize))
if self.formatType == Format.OCTAL:
localResult = (fmt + "o") % unpackRaw
elif self.formatType == Format.DECIMAL:
localResult = (fmt + "d") % unpackRaw
elif self.formatType == Format.HEX:
localResult = (fmt + "s") % origNetzobRaw
encodedSplittedData.append(localResult)
elif self.formatType == Format.STRING:
encodedSplittedData.append(TypeConvertor.netzobRawToString(origNetzobRaw))
elif self.formatType == Format.BINARY:
encodedSplittedData.append(TypeConvertor.netzobRawToBinary(origNetzobRaw))
elif self.formatType == Format.IPv4:
encodedSplittedData.append(TypeConvertor.netzobRawToIPv4(origNetzobRaw))
elif UnitSize.getSizeInBits(self.unitsize) < UnitSize.getSizeInBits(UnitSize.BITS8):
encodedSplittedData.append(TypeConvertor.encodeNetzobRawToGivenType(origNetzobRaw, self.formatType))
# Before sending back (;D) we join everything
return " ".join(encodedSplittedData)
def apply(self, message):
if self.unitsize != UnitSize.NONE:
# First we apply the unit size
# Default modulo = 2 => 8BITS
if self.unitsize == UnitSize.BIT:
modulo = 1
else:
modulo = UnitSize.getSizeInBits(self.unitsize) / 4
splittedData = []
tmpResult = ""
for i in range(0, len(message)):
if i > 0 and i % modulo == 0:
splittedData.append(tmpResult)
tmpResult = ""
tmpResult = tmpResult + message[i]
splittedData.append(tmpResult)
else:
splittedData = [message]
encodedSplittedData = []
# Now we have the message splitted per unit size
# we apply endianess on it
# we consider the normal mode is big-endian
for i in range(0, len(splittedData)):
origNetzobRaw = splittedData[i]
# SPECIAL CASE : ASCII we do not compute endianess neither signed/unsigned
if not self.formatType == Format.STRING and UnitSize.getSizeInBits(
self.unitsize
) >= 8 and not self.formatType == Format.BINARY:
tmpVal = UnitSize.getSizeInBits(
self.unitsize) / 4 - len(origNetzobRaw)
if self.endianness == Endianess.BIG:
netzobRaw = (tmpVal * "0") + origNetzobRaw
else:
netzobRaw = origNetzobRaw + (tmpVal * "0")
# Convert in Python raw
pythonraw = TypeConvertor.netzobRawToPythonRaw(netzobRaw)
# Create transformer
# - ENDIANESS
transformer = ">"
if self.endianness == Endianess.LITTLE:
transformer = "<"
# - SIGNED/UNISGNED
if self.sign == Sign.SIGNED:
transformer = transformer + (UnitSize.getPackDefiniton(
self.unitsize)).lower()
else:
transformer = transformer + (UnitSize.getPackDefiniton(
self.unitsize)).upper()
# Apply the transformation
(unpackRaw, ) = struct.unpack(transformer, pythonraw)
localResult = ""
fmt = "%" + str(
UnitSize.getMaxDigitForTypeAndUnitSize(
self.formatType, self.unitsize))
if self.formatType == Format.OCTAL:
localResult = (fmt + "o") % unpackRaw
elif self.formatType == Format.DECIMAL:
localResult = (fmt + "d") % unpackRaw
elif self.formatType == Format.HEX:
localResult = (fmt + "s") % origNetzobRaw
encodedSplittedData.append(localResult)
elif self.formatType == Format.STRING:
encodedSplittedData.append(
TypeConvertor.netzobRawToString(origNetzobRaw))
elif self.formatType == Format.BINARY:
encodedSplittedData.append(
TypeConvertor.netzobRawToBinary(origNetzobRaw))
elif self.formatType == Format.IPv4:
encodedSplittedData.append(
TypeConvertor.netzobRawToIPv4(origNetzobRaw))
elif UnitSize.getSizeInBits(
self.unitsize) < UnitSize.getSizeInBits(UnitSize.BITS8):
encodedSplittedData.append(
TypeConvertor.encodeNetzobRawToGivenType(
origNetzobRaw, self.formatType))
# Before sending back (;D) we join everything
return " ".join(encodedSplittedData)
