Exemplo n.º 1
0
def showDatetimeSearch():
    form = DatetimeSearchForm(request.form)
    page = request.form['page']
  
    if (form.time_start.data is None) or (form.time_end.data is None):
        return redirect(url_for('datetimeSearch'))
    
    #page set
    if int(page) > 1:
        BackPage = int(page) - 1
    else:
        BackPage = int(page)
    FrontPage = int(page) + 1

    #datetime Day and Time
    time_start = str(form.time_start.data)

    time_end = str(form.time_end.data)


    if not InFiveMin(form.time_start.data, form.time_end.data):
        flash('time interval is more then 5 min')
        return redirect(url_for('datetimeSearch'))
    sql = 'select * from raw_packet where packet_time BETWEEN '
    Show = db.engine.execute(sql + "'" + str(form.time_start.data) + "'" + ' AND ' + "'" + str(form.time_end.data) + "'" + 'Limit ' + str(10*(int(page) - 1)) + ', 10')
    Nshow_list = []
    for raw_pac in Show:

        hex_str = ''
        for ToHex in raw_pac.raw_packet_data:
            hex_str = hex_str + hex(ord(ToHex)) + ' '
        hex_str = hex_str[:-1]

        # payload_data ascii
        asc_str = ''
        asc_str = binToAsc(raw_pac.raw_packet_data)

        Nshow_list.append([raw_pac, hex_str, asc_str])
    return render_template('showDatetimeSearch.html', title='showDatetimeSearch', Nshow_list=Nshow_list, time_start=time_start, time_end=time_end, BackPage=BackPage, FrontPage=FrontPage, form=form, page=page)
Exemplo n.º 2
0
def srcIpSearch():
    form = SrcIpSearchForm(request.form)
    page = request.form['page']

    if form.src_port.data is None:
        return redirect(url_for('srcIpSearchInput'))

    #for parameter
    src_ip = str(form.src_ip.data)

    src_port = str(form.src_port.data)

    TcpList = []
    UdpList = []

    #page set
    if int(page) > 1:
        BackPage = int(page) - 1
    else:
        BackPage = int(page)
    FrontPage = int(page) + 1
    
    tsql = 'select * from tcp_ip_packet where src_ip = '
    tarIp = IpParser(form.src_ip.data)

    if tarIp is -1:
        return redirect(url_for('srcIpSearchInput'))

    tsql = tsql + 'cast(' + str(hex(tarIp))+ ' as binary(4)) and src_port = ' + str(form.src_port.data) +  ' Limit ' + str(10*(int(page) - 1)) + ', 10'
    tcp_pack = db.engine.execute(tsql)
        
    for foundTcp in tcp_pack:
        # tcp_header hex
        tcp_headerInt = ''
        for ToHex in foundTcp.tcp_header:
            tcp_headerInt = tcp_headerInt + hex(ord(ToHex)) + ' '
        tcp_headerInt = tcp_headerInt[:-1]

        # ip_header hex
        ip_headerInt = ''
        for ToHex in foundTcp.ip_header:
            ip_headerInt = ip_headerInt + hex(ord(ToHex)) + ' '
        ip_headerInt = ip_headerInt[:-1]

        # src_ip str
        src_ipInt = ''
        for ToHex in foundTcp.src_ip:
            src_ipInt = src_ipInt + str(ord(ToHex)) + '.'
        src_ipInt = src_ipInt[:-1]

        # dst_ip str
        dst_ipInt = ''
        for ToHex in foundTcp.dst_ip:
            dst_ipInt = dst_ipInt + str(ord(ToHex)) + '.'
        dst_ipInt = dst_ipInt[:-1]

        # payload_data hex
        hex_str = ''
        for ToHex in foundTcp.payload_data:
            hex_str = hex_str + hex(ord(ToHex)) + ' '
        hex_str = hex_str[:-1]

        # payload_data ascii
        asc_str = ''
        asc_str = binToAsc(foundTcp.payload_data)

        TcpList.append([foundTcp, src_ipInt, dst_ipInt, hex_str, asc_str, ip_headerInt, tcp_headerInt])

    usql = 'select * from udp_ip_packet where src_ip = '
    usql = usql + 'cast(' + str(hex(tarIp))+ ' as binary(4)) and src_port = ' + str(form.src_port.data) +  ' Limit ' + str(10*(int(page) - 1)) + ', 10'
    udp_pack = db.engine.execute(usql)
        
    for foundUdp in udp_pack:
        # ip_header hex
        ip_headerInt = ''
        for ToHex in foundUdp.ip_header:
            ip_headerInt = ip_headerInt + hex(ord(ToHex)) + ' '
        ip_headerInt = ip_headerInt[:-1]

        # src_ip str
        src_ipInt = ''
        for ToHex in foundUdp.src_ip:
            src_ipInt = src_ipInt + str(ord(ToHex)) + '.'
        src_ipInt = src_ipInt[:-1]

        # dst_ip str
        dst_ipInt = ''
        for ToHex in foundUdp.dst_ip:
            dst_ipInt = dst_ipInt + str(ord(ToHex)) + '.'
        dst_ipInt = dst_ipInt[:-1]

        # payload_data hex
        hex_str = ''
        for ToHex in foundUdp.payload_data:
            hex_str = hex_str + hex(ord(ToHex)) + ' '
        hex_str = hex_str[:-1]

        # payload_data ascii
        asc_str = ''
        asc_str = binToAsc(foundUdp.payload_data)

        UdpList.append([foundUdp, src_ipInt, dst_ipInt, hex_str, asc_str, ip_headerInt])
    return render_template('srcIpSearch.html', title='srcIpSearch', form=form, TcpList=TcpList, UdpList=UdpList, BackPage=BackPage, FrontPage=FrontPage, src_ip=src_ip, src_port=src_port, page=page)
Exemplo n.º 3
0
def tcpAndUdpSearch():
    page = request.args.get('page', default = 1, type = int)
    sql = 'select packet_id from raw_packet Limit '
    packet_ids = db.engine.execute(sql + str(10*(int(page) - 1)) + ', 10')
    TcpList = []
    UdpList = []
    for pack_id in packet_ids:    #type 0 : TCP,  1 : UDP
        tsql = 'select * from tcp_ip_packet where packet_id = '
        tcp_pack = db.engine.execute(tsql + str(pack_id.packet_id))
        if tcp_pack.rowcount < 1:
            usql = 'select * from udp_ip_packet where packet_id = '
            udp_pack = db.engine.execute(usql + str(pack_id.packet_id))
            for UDP in udp_pack:
                # ip_header hex
                ip_headerInt = ''
                for ToHex in UDP.ip_header:
                    ip_headerInt = ip_headerInt + hex(ord(ToHex)) + ' '
                ip_headerInt = ip_headerInt[:-1]

                # src_ip str
                src_ipInt = ''
                for ToHex in UDP.src_ip:
                    src_ipInt = src_ipInt + str(ord(ToHex)) + '.'
                src_ipInt = src_ipInt[:-1]

                # dst_ip str
                dst_ipInt = ''
                for ToHex in UDP.dst_ip:
                    dst_ipInt = dst_ipInt + str(ord(ToHex)) + '.'
                dst_ipInt = dst_ipInt[:-1]

                # payload_data hex
                hex_str = ''
                for ToHex in UDP.payload_data:
                    hex_str = hex_str + hex(ord(ToHex)) + ' '
                hex_str = hex_str[:-1]

                # payload_data ascii
                asc_str = ''
                asc_str = binToAsc(UDP.payload_data)

                UdpList.append([1, UDP, src_ipInt, dst_ipInt, hex_str, asc_str, ip_headerInt])
        else:
            for TCP in tcp_pack:
                # tcp_header hex
                tcp_headerInt = ''
                for ToHex in TCP.tcp_header:
                    tcp_headerInt = tcp_headerInt + hex(ord(ToHex)) + ' '
                tcp_headerInt = tcp_headerInt[:-1]

                # ip_header hex
                ip_headerInt = ''
                for ToHex in TCP.ip_header:
                    ip_headerInt = ip_headerInt + hex(ord(ToHex)) + ' '
                ip_headerInt = ip_headerInt[:-1]

                # src_ip str
                src_ipInt = ''
                for ToHex in TCP.src_ip:
                    src_ipInt = src_ipInt + str(ord(ToHex)) + '.'
                src_ipInt = src_ipInt[:-1]

                # dst_ip str
                dst_ipInt = ''
                for ToHex in TCP.dst_ip:
                    dst_ipInt = dst_ipInt + str(ord(ToHex)) + '.'
                dst_ipInt = dst_ipInt[:-1]

                # payload_data hex
                hex_str = ''
                for ToHex in TCP.payload_data:
                    hex_str = hex_str + hex(ord(ToHex)) + ' '
                hex_str = hex_str[:-1]

                # payload_data ascii
                asc_str = ''
                asc_str = binToAsc(TCP.payload_data)

                TcpList.append([0, TCP, src_ipInt, dst_ipInt, hex_str, asc_str, ip_headerInt, tcp_headerInt])

    return render_template('tcpAndUdpSearch.html', title='tcpAndUdpSearch', TcpList=TcpList, UdpList=UdpList, page=page)
Exemplo n.º 4
0
def showDatetimeSearchDif():
    form = DatetimeSearchForm(request.form)
    page = request.form['page']

    if (form.time_start.data is None) or (form.time_end.data is None):
        return redirect(url_for('datetimeSearch'))
    
    #page set
    if int(page) > 1:
        BackPage = int(page) - 1
    else:
        BackPage = int(page)
    FrontPage = int(page) + 1

    #datetime Day and Time
    time_start = str(form.time_start.data)

    time_end = str(form.time_end.data)


    if not InFiveMin(form.time_start.data, form.time_end.data):
        flash('time interval is more then 5 min')
        return redirect(url_for('datetimeSearch'))
    sql = 'select packet_id from raw_packet where packet_time BETWEEN '

    Show = db.engine.execute(sql + "'" + str(form.time_start.data) + "'" + ' AND ' + "'" + str(form.time_end.data) + "'" + 'Limit ' + str(10*(int(page) - 1)) + ', 10')
    TcpList = []
    UdpList = []
    for pack_id in Show:
        tsql = 'select * from tcp_ip_packet where packet_id = '
        tcp_pack = db.engine.execute(tsql + str(pack_id.packet_id))
        if tcp_pack.rowcount < 1:
            usql = 'select * from udp_ip_packet where packet_id = '
            udp_pack = db.engine.execute(usql + str(pack_id.packet_id))

            for UDP in udp_pack:
                # ip_header hex
                ip_headerInt = ''
                for ToHex in UDP.ip_header:
                    ip_headerInt = ip_headerInt + hex(ord(ToHex)) + ' '
                ip_headerInt = ip_headerInt[:-1]

                # src_ip str
                src_ipInt = ''
                for ToHex in UDP.src_ip:
                    src_ipInt = src_ipInt + str(ord(ToHex)) + '.'
                src_ipInt = src_ipInt[:-1]

                # dst_ip str
                dst_ipInt = ''
                for ToHex in UDP.dst_ip:
                    dst_ipInt = dst_ipInt + str(ord(ToHex)) + '.'
                dst_ipInt = dst_ipInt[:-1]

                # payload_data hex
                hex_str = ''
                for ToHex in UDP.payload_data:
                    hex_str = hex_str + hex(ord(ToHex)) + ' '
                hex_str = hex_str[:-1]

                # payload_data ascii
                asc_str = ''
                asc_str = binToAsc(UDP.payload_data)

                UdpList.append([1, UDP, src_ipInt, dst_ipInt, hex_str, asc_str, ip_headerInt])
        else:
            for TCP in tcp_pack:
                # tcp_header hex

                tcp_headerInt = ''
                for ToHex in TCP.tcp_header:
                    tcp_headerInt = tcp_headerInt + hex(ord(ToHex)) + ' '
                tcp_headerInt = tcp_headerInt[:-1]

                # ip_header hex
                ip_headerInt = ''
                for ToHex in TCP.ip_header:
                    ip_headerInt = ip_headerInt + hex(ord(ToHex)) + ' '
                ip_headerInt = ip_headerInt[:-1]

                # src_ip str
                src_ipInt = ''
                for ToHex in TCP.src_ip:

                    src_ipInt = src_ipInt + str(ord(ToHex)) + '.'
                src_ipInt = src_ipInt[:-1]

                # dst_ip str
                dst_ipInt = ''
                for ToHex in TCP.dst_ip:
                    dst_ipInt = dst_ipInt + str(ord(ToHex)) + '.'
                dst_ipInt = dst_ipInt[:-1]

                # payload_data hex
                hex_str = ''
                for ToHex in TCP.payload_data:
                    hex_str = hex_str + hex(ord(ToHex)) + ' '
                hex_str = hex_str[:-1]

                # payload_data ascii
                asc_str = ''
                asc_str = binToAsc(TCP.payload_data)

                TcpList.append([0, TCP, src_ipInt, dst_ipInt, hex_str, asc_str, ip_headerInt, tcp_headerInt])

        
    return render_template('showDatetimeSearchDif.html', title='showDatetimeSearchDif', TcpList=TcpList, UdpList=UdpList, time_start=time_start, time_end=time_end, BackPage=BackPage, FrontPage=FrontPage, form=form, page=page)
Exemplo n.º 5
0
def deepSearch():
    # set values
    page = request.form['page']
    rawIpOne = request.form['src_ip']
    PortOne = request.form['src_port']
    rawIpTwo = request.form['dst_ip']
    portTwo = request.form['dst_port']
    pack_id = request.form['packet_id']

    ipOne = IpParser(str(rawIpOne))
    ipTwo = IpParser(str(rawIpTwo))

    TcpList = []
    UdpList = []

    #page set
    if int(page) > 1:
        BackPage = int(page) - 1
    else:
        BackPage = int(page)
    FrontPage = int(page) + 1

    #SQLs
    searchUdpSQL = 'select * from udp_ip_packet where '+'(src_ip = cast('+str(hex(ipOne))+' as binary(4)) and src_port = '+str(PortOne)+' and dst_ip = cast('+str(hex(ipTwo))+' as binary(4)) and dst_port = '+str(portTwo)+') or (src_ip = cast('+str(hex(ipTwo))+' as binary(4)) and src_port = '+str(portTwo)+' and dst_ip = cast('+str(hex(ipOne))+' as binary(4)) and dst_port = '+str(PortOne)+')'+' Limit ' + str(10*(int(page) - 1)) + ', 10'

    searchTcpSQL = 'select * from tcp_ip_packet where '+'(src_ip = cast('+str(hex(ipOne))+' as binary(4)) and src_port = '+str(PortOne)+' and dst_ip = cast('+str(hex(ipTwo))+' as binary(4)) and dst_port = '+str(portTwo)+') or (src_ip = cast('+str(hex(ipTwo))+' as binary(4)) and src_port = '+str(portTwo)+' and dst_ip = cast('+str(hex(ipOne))+' as binary(4)) and dst_port = '+str(PortOne)+')'+' Limit ' + str(10*(int(page) - 1)) + ', 10'

    tcp_pack = db.engine.execute(searchTcpSQL)
    udp_pack = db.engine.execute(searchUdpSQL)

    for foundTcp in tcp_pack:
        # tcp_header hex
        tcp_headerInt = ''
        for ToHex in foundTcp.tcp_header:
            tcp_headerInt = tcp_headerInt + hex(ord(ToHex)) + ' '
        tcp_headerInt = tcp_headerInt[:-1]

        # ip_header hex
        ip_headerInt = ''
        for ToHex in foundTcp.ip_header:
            ip_headerInt = ip_headerInt + hex(ord(ToHex)) + ' '
        ip_headerInt = ip_headerInt[:-1]

        # src_ip str
        src_ipInt = ''
        for ToHex in foundTcp.src_ip:
            src_ipInt = src_ipInt + str(ord(ToHex)) + '.'
        src_ipInt = src_ipInt[:-1]

        # dst_ip str
        dst_ipInt = ''
        for ToHex in foundTcp.dst_ip:
            dst_ipInt = dst_ipInt + str(ord(ToHex)) + '.'
        dst_ipInt = dst_ipInt[:-1]

        # payload_data hex
        hex_str = ''
        for ToHex in foundTcp.payload_data:
            hex_str = hex_str + hex(ord(ToHex)) + ' '
        hex_str = hex_str[:-1]

        # payload_data ascii
        asc_str = ''
        asc_str = binToAsc(foundTcp.payload_data)

        TcpList.append([foundTcp, src_ipInt, dst_ipInt, hex_str, asc_str, ip_headerInt, tcp_headerInt])

    for foundUdp in udp_pack:
        # ip_header hex
        ip_headerInt = ''
        for ToHex in foundUdp.ip_header:
            ip_headerInt = ip_headerInt + hex(ord(ToHex)) + ' '
        ip_headerInt = ip_headerInt[:-1]

        # src_ip str
        src_ipInt = ''
        for ToHex in foundUdp.src_ip:
            src_ipInt = src_ipInt + str(ord(ToHex)) + '.'
        src_ipInt = src_ipInt[:-1]

        # dst_ip str
        dst_ipInt = ''
        for ToHex in foundUdp.dst_ip:
            dst_ipInt = src_ipInt + str(ord(ToHex)) + '.'
        dst_ipInt = dst_ipInt[:-1]

        # payload_data hex
        hex_str = ''
        for ToHex in foundUdp.payload_data:

            hex_str = hex_str + hex(ord(ToHex)) + ' '
        hex_str = hex_str[:-1]

        # payload_data ascii
        asc_str = ''
        asc_str = binToAsc(foundUdp.payload_data)

        UdpList.append([foundUdp, src_ipInt, dst_ipInt, hex_str, asc_str, ip_headerInt])

    return render_template('deepSearch.html', title='deepSearch', TcpList=TcpList, UdpList=UdpList, BackPage=BackPage, FrontPage=FrontPage, dst_ip=rawIpTwo, dst_port=portTwo, src_ip=rawIpOne, src_port=PortOne, packet_id=pack_id, page=page)
Exemplo n.º 6
0
def stealingPacket():
    packets = request.form['packets']
    parsed_packets = parser(packets)
    TcpList = []
    UdpList = []
    for pack in parsed_packets:
        tsql = 'select * from tcp_ip_packet where packet_id = '
        tcp_pack = db.engine.execute(tsql + str(pack))
        if tcp_pack.rowcount < 1:
            usql = 'select * from udp_ip_packet where packet_id = '
            udp_pack = db.engine.execute(usql + str(pack))
            for UDP in udp_pack:
                # ip_header hex
                ip_headerInt = ''
                for ToHex in UDP.ip_header:
                    ip_headerInt = ip_headerInt + hex(ord(ToHex)) + ' '
                ip_headerInt = ip_headerInt[:-1]

                # src_ip str
                src_ipInt = ''
                for ToHex in UDP.src_ip:
                    src_ipInt = src_ipInt + str(ord(ToHex)) + '.'
                src_ipInt = src_ipInt[:-1]

                # dst_ip str
                dst_ipInt = ''
                for ToHex in UDP.dst_ip:
                    dst_ipInt = dst_ipInt + str(ord(ToHex)) + '.'
                dst_ipInt = dst_ipInt[:-1]

                # payload_data hex
                hex_str = ''
                for ToHex in UDP.payload_data:
                    hex_str = hex_str + hex(ord(ToHex)) + ' '
                hex_str = hex_str[:-1]

                # payload_data ascii
                asc_str = ''
                asc_str = binToAsc(UDP.payload_data)

                UdpList.append([1, UDP, src_ipInt, dst_ipInt, hex_str, asc_str, ip_headerInt])
        else:
            for TCP in tcp_pack:
                # tcp_header hex
                tcp_headerInt = ''
                for ToHex in TCP.tcp_header:
                    tcp_headerInt = tcp_headerInt + hex(ord(ToHex)) + ' '
                tcp_headerInt = tcp_headerInt[:-1]

                # ip_header hex
                ip_headerInt = ''
                for ToHex in TCP.ip_header:
                    ip_headerInt = ip_headerInt + hex(ord(ToHex)) + ' '
                ip_headerInt = ip_headerInt[:-1]

                # src_ip str
                src_ipInt = ''
                for ToHex in TCP.src_ip:
                    src_ipInt = src_ipInt + str(ord(ToHex)) + '.'
                src_ipInt = src_ipInt[:-1]

                # dst_ip str
                dst_ipInt = ''
                for ToHex in TCP.dst_ip:
                    dst_ipInt = dst_ipInt + str(ord(ToHex)) + '.'
                dst_ipInt = dst_ipInt[:-1]

                # payload_data hex
                hex_str = ''
                for ToHex in TCP.payload_data:
                    hex_str = hex_str + hex(ord(ToHex)) + ' '
                hex_str = hex_str[:-1]

                # payload_data ascii
                asc_str = ''
                asc_str = binToAsc(TCP.payload_data)

                TcpList.append([0, TCP, src_ipInt, dst_ipInt, hex_str, asc_str, ip_headerInt, tcp_headerInt])
 
    return render_template('StealingPacket.html', title='StealingPacket', TcpList=TcpList, UdpList=UdpList)