def __on_sort_layer(self, item):
lst = self.populate(False)
dct = defaultdict(list)
for proto in lst:
dct[backend.get_proto_layer(proto)].append(proto)
for i in xrange(1, 8, 1):
if not i in dct:
continue
it = self.store.append(None, [self.layer_icon, _('Layer %d') % i,
None])
for proto in dct[i]:
self.store.append(it, [self.proto_icon,
backend.get_proto_class_name(proto),
proto])
if None in dct:
it = self.store.append(None, [self.layer_icon, _('Unknown layer'),
None])
for proto in dct[None]:
self.store.append(it, [self.proto_icon,
backend.get_proto_class_name(proto),
proto])
self.tree.set_rules_hint(False)
self.tree.set_model(self.store)
def __init__(self, sess, manager):
self.headers_complete = False
self.content_length = -1
self.chunked = False
self.headers = defaultdict(list)
self.body = ''
self.chunks = [(-1, '')]
self.session = sess
self.manager = manager
self.http_type = HTTP_REQUEST
def __init__(self, tree, count, inter, iface, strict, capmethod, \
scallback, rcallback, sudata, rudata, excback):
"""
Create a SequenceConsumer object.
@param tree a tree represantation of the packets to send
@param count how many time we have to send the tree
@param inter the interval to wait between 2 consecutive sends
@param iface the interface to send/recv on
@param capmethod the method to use 0 for native, 1 for tcpdump, 2 for
dumpcap
@param scallback the send callback
@param rcallback the receive callback
@param sudata user data for send callback
@param rudata user data for receive callback
@param excback exception callback
"""
assert len(tree) > 0
self.tree = tree
self.count = count
self.inter = inter
self.strict = strict
self.iface = iface
self.timeout = None
self.capmethod = capmethod
self.procs = {}
self.sockets = []
self.recv_list = defaultdict(list)
self.receiving = False
self.internal = False
self.active_helpers = 0
self.active_helpers_lock = Lock()
self.running = Condition()
self.pool = ThreadPool(2, 10)
self.pool.queue_work(None, self.__notify_exc, self.__check)
self.scallback = scallback
self.rcallback = rcallback
self.excback = excback
self.sudata, self.rudata = sudata, rudata
log.debug("%d total packets to send for %d times" % (len(tree),
self.count))
def __init__(self, tree, count, inter, iface, strict, capmethod, \
scallback, rcallback, sudata, rudata, excback):
"""
Create a SequenceConsumer object.
@param tree a tree represantation of the packets to send
@param count how many time we have to send the tree
@param inter the interval to wait between 2 consecutive sends
@param iface the interface to send/recv on
@param capmethod the method to use 0 for native, 1 for tcpdump, 2 for
dumpcap
@param scallback the send callback
@param rcallback the receive callback
@param sudata user data for send callback
@param rudata user data for receive callback
@param excback exception callback
"""
assert len(tree) > 0
self.tree = tree
self.count = count
self.inter = inter
self.strict = strict
self.iface = iface
self.timeout = None
self.capmethod = capmethod
self.procs = {}
self.sockets = []
self.recv_list = defaultdict(list)
self.receiving = False
self.internal = False
self.active_helpers = 0
self.active_helpers_lock = Lock()
self.running = Condition()
self.pool = ThreadPool(2, 10)
self.pool.queue_work(None, self.__notify_exc, self.__check)
self.scallback = scallback
self.rcallback = rcallback
self.excback = excback
self.sudata, self.rudata = sudata, rudata
log.debug("%d total packets to send for %d times" %
(len(tree), self.count))
def __on_analyze(self, btn):
cookies = defaultdict(list)
packets = self.session.sniff_page.get_selected_packets()
def is_present(mpkt):
hdrs = mpkt.cfields.get('dissector.http.headers', None)
if not hdrs:
return False
if 'cookie' in hdrs:
for cstr in hdrs['cookie']:
cookie = SimpleCookie()
cookie.load(cstr)
for k, mar in cookie.items():
cookies[k].append(mar.value)
return True
elif 'set-cookie' in hdrs:
for cstr in hdrs['set-cookie']:
cookie = SimpleCookie()
cookie.load(cstr)
for k, mar in cookie.items():
cookies[k].append(mar.value)
return True
return False
packets = filter(is_present, packets)
d = CookieChooserDialog(cookies)
if d.run() == gtk.RESPONSE_ACCEPT:
model, iter = d.tree.get_selection().get_selected()
key = model.get_value(iter, 0)
lst = map(int, filter(lambda x: x.isdigit(), cookies[key]))
self.webview.load_html_string(
g_js_graph.replace('$name$', key) \
.replace('$data$', str(lst)), 'file:///')
d.hide()
d.destroy()
def __on_analyze(self, btn):
cookies = defaultdict(list)
packets = self.session.sniff_page.get_selected_packets()
def is_present(mpkt):
hdrs = mpkt.cfields.get('dissector.http.headers', None)
if not hdrs:
return False
if 'cookie' in hdrs:
for cstr in hdrs['cookie']:
cookie = SimpleCookie()
cookie.load(cstr)
for k, mar in cookie.items():
cookies[k].append(mar.value)
return True
elif 'set-cookie' in hdrs:
for cstr in hdrs['set-cookie']:
cookie = SimpleCookie()
cookie.load(cstr)
for k, mar in cookie.items():
cookies[k].append(mar.value)
return True
return False
packets = filter(is_present, packets)
d = CookieChooserDialog(cookies)
if d.run() == gtk.RESPONSE_ACCEPT:
model, iter = d.tree.get_selection().get_selected()
key = model.get_value(iter, 0)
lst = map(int, filter(lambda x: x.isdigit(), cookies[key]))
self.webview.load_html_string(
g_js_graph.replace('$name$', key) \
.replace('$data$', str(lst)), 'file:///')
d.hide()
d.destroy()
def populate(self, packets):
self.store.clear()
dct = defaultdict(int)
for packet in packets:
names = [backend.get_proto_name(proto) \
for proto in packet.get_protocols()]
for name in names:
dct[name] += 1
sortable = [(v, k) for (k, v) in dct.items()]
sortable.sort()
sortable.reverse()
self.store.append([self.icon, _('No filter')])
for value, name in sortable:
self.store.append([self.icon, name])
self.set_active(0)
def populate(self, packets):
self.store.clear()
dct = defaultdict(int)
for packet in packets:
names = [backend.get_proto_name(proto) \
for proto in packet.get_protocols()]
for name in names:
dct[name] += 1
sortable = [(v, k) for (k, v) in dct.items()]
sortable.sort()
sortable.reverse()
self.store.append([self.icon, _('No filter')])
for value, name in sortable:
self.store.append([self.icon, name])
self.set_active(0)
def start(self, reader):
# We see profile with l3_addr as key (IP address)
# and the overflowed items as a list. So we use a defaultdict
self.profiles = defaultdict(list)
conf = AuditManager().get_configuration('passive.profiler')
self.maxnum = max(conf['cleanup_hit'], 10)
self.keep_local = conf['keep_local']
if conf['mac_fingerprint']:
if reader:
contents = reader.file.read('data/finger.mac.db')
else:
contents = open(os.path.join('passive', 'profiler', 'data',
'finger.mac.db'), 'r').read()
self.macdb = {}
for line in contents.splitlines():
if not line or line[0] == '#':
continue
try:
mac_pref, vendor = line.split(' ', 1)
self.macdb[mac_pref] = vendor
except:
continue
log.info('Loaded %d MAC fingerprints.' % len(self.macdb))
else:
self.macdb = None
if reader:
self.debug = False
else:
self.debug = True
def __init__(self, conn_idle=5, conn_timeout=300):
self.conn_list = []
self.connections = defaultdict(list)
self.conn_idle = conn_idle
self.conn_timeout = conn_timeout
def __init__(self):
self._sessions = defaultdict(dict)
def __init__(self, conn_idle=5, conn_timeout=300):
self.conn_list = []
self.connections = defaultdict(list)
self.conn_idle = conn_idle
self.conn_timeout = conn_timeout
def __init__(self):
self._sessions = defaultdict(dict)
def draw_payload(self, cr):
payload = self.packet.get_raw()
layout = self.create_pango_layout('')
layout.set_font_description(pango.FontDescription(self.hex_font))
layout.set_text("FF")
atom_x, atom_y = layout.get_pixel_size()
atom_x += atom_x / 2.0
atom_y += atom_y / 2.0
start_x = self.allocation.width - (atom_x * 16) - 10
cr.move_to(start_x, 4)
# We should have space to place 16 bytes in hex
dct = defaultdict(list)
protocol_idx = 0
for protocol, color in self.protocols:
for field in backend.get_proto_fields(protocol):
if not backend.is_showable_field(field, self.packet):
continue
start = backend.get_field_offset(self.packet, protocol, field)
end = backend.get_field_size(protocol, field)
start /= 8
dct[start].append((end, field))
# Now we have the dict so we have to transform to
# a sorted list
lst = dct.items()
lst.sort()
tot_w = 0
tot_h = 0
for offset, child_list in lst:
# We have also a child list to iterate
size = 0
if len(child_list) == 1 and child_list[0][0] == 0:
continue
else:
for end, field in child_list:
size += end
size /= 8
current_field = child_list[-1][1]
field_name = backend.get_field_name(current_field)
fill_color = self.__get_color(field_name)
border_color = color
line_x = offset % 16
line_y = offset / 16
txt = payload[offset:offset + size]
if size + line_x > 16:
start = 16 - line_x
top_right = txt[0:start]
top_right = " ".join(["%02X" % ord(x) for x in top_right])
layout.set_text(top_right)
cr.move_to(start_x + (line_x * atom_x),
(line_y + protocol_idx) * atom_y + 4)
# Here we should write <==
self.draw_box(cr, layout, fill=fill_color,
border=border_color, right=False)
w, h = 0, 0
txt = txt[start:]
lines = (len(txt) / 16) + 1
for i in xrange(lines):
right, left = False, False
if len(txt) > 16:
# here ===
part = txt[i * 16:(i * 16) + 16]
else:
right = True
part = txt[i * 16:]
if i == lines - 1:
right = True
cr.move_to(start_x,
(line_y + protocol_idx + i + 1) * atom_y + 4)
part = " ".join(["%02X" % ord(x) for x in part])
layout.set_text(part)
w, h = self.draw_box(cr, layout, fill=fill_color,
border=border_color,
right=right, left=left)
# End point
self.fields[(protocol, field_name)].append(
(start_x + (w / 2.0),
(line_y + protocol_idx + lines + 1) * atom_y + 8))
else:
txt = " ".join(["%02X" % ord(x) for x in txt])
layout.set_text(txt)
cr.move_to(start_x + (line_x * atom_x),
(line_y + protocol_idx) * atom_y + 4)
w, h = self.draw_box(cr, layout, fill=fill_color,
border=border_color)
tot_w += w + 4
tot_h = max(tot_h, h)
# End point
self.fields[(protocol, field_name)].append(
(start_x + (line_x * atom_x) + (w / 2.0),
(tot_h + (protocol_idx + line_y) * atom_y + 8)))
self.draw_line(cr, protocol, field_name)
cr.rel_move_to(0, tot_h + 4)
dct = defaultdict(list)
protocol_idx += 1
def draw_payload(self, cr):
payload = self.packet.get_raw()
layout = self.create_pango_layout('')
layout.set_font_description(pango.FontDescription(self.hex_font))
layout.set_text("FF")
atom_x, atom_y = layout.get_pixel_size()
atom_x += atom_x / 2.0
atom_y += atom_y / 2.0
start_x = self.allocation.width - (atom_x * 16) - 10
cr.move_to(start_x, 4)
# We should have space to place 16 bytes in hex
dct = defaultdict(list)
protocol_idx = 0
for protocol, color in self.protocols:
for field in backend.get_proto_fields(protocol):
if not backend.is_showable_field(field, self.packet):
continue
start = backend.get_field_offset(self.packet, protocol, field)
end = backend.get_field_size(protocol, field)
start /= 8
dct[start].append((end, field))
# Now we have the dict so we have to transform to
# a sorted list
lst = dct.items()
lst.sort()
tot_w = 0
tot_h = 0
for offset, child_list in lst:
# We have also a child list to iterate
size = 0
if len(child_list) == 1 and child_list[0][0] == 0:
continue
else:
for end, field in child_list:
size += end
size /= 8
current_field = child_list[-1][1]
field_name = backend.get_field_name(current_field)
fill_color = self.__get_color(field_name)
border_color = color
line_x = offset % 16
line_y = offset / 16
txt = payload[offset:offset + size]
if size + line_x > 16:
start = 16 - line_x
top_right = txt[0:start]
top_right = " ".join(["%02X" % ord(x) for x in top_right])
layout.set_text(top_right)
cr.move_to(start_x + (line_x * atom_x),
(line_y + protocol_idx) * atom_y + 4)
# Here we should write <==
self.draw_box(cr,
layout,
fill=fill_color,
border=border_color,
right=False)
w, h = 0, 0
txt = txt[start:]
lines = (len(txt) / 16) + 1
for i in xrange(lines):
right, left = False, False
if len(txt) > 16:
# here ===
part = txt[i * 16:(i * 16) + 16]
else:
right = True
part = txt[i * 16:]
if i == lines - 1:
right = True
cr.move_to(start_x,
(line_y + protocol_idx + i + 1) * atom_y +
4)
part = " ".join(["%02X" % ord(x) for x in part])
layout.set_text(part)
w, h = self.draw_box(cr,
layout,
fill=fill_color,
border=border_color,
right=right,
left=left)
# End point
self.fields[(protocol, field_name)].append(
(start_x + (w / 2.0),
(line_y + protocol_idx + lines + 1) * atom_y + 8))
else:
txt = " ".join(["%02X" % ord(x) for x in txt])
layout.set_text(txt)
cr.move_to(start_x + (line_x * atom_x),
(line_y + protocol_idx) * atom_y + 4)
w, h = self.draw_box(cr,
layout,
fill=fill_color,
border=border_color)
tot_w += w + 4
tot_h = max(tot_h, h)
# End point
self.fields[(protocol, field_name)].append(
(start_x + (line_x * atom_x) + (w / 2.0),
(tot_h + (protocol_idx + line_y) * atom_y + 8)))
self.draw_line(cr, protocol, field_name)
cr.rel_move_to(0, tot_h + 4)
dct = defaultdict(list)
protocol_idx += 1
