def main_menu_choice(selector,symbols): if (selector == "1"): click.echo(click.style("DISPLAY PCAP\n", fg="yellow")) pcap_exchange_menu(symbols) elif (selector == "2"): click.echo(click.style("MANIPULATE MENU\n", fg="yellow")) manipulate_menu(symbols) elif(selector == "3"): click.echo(click.style("SAVE\n", fg="yellow")) save_object(symbols) elif(selector == "4"): click.echo(click.style("IPYTHON SHELL",fg="yellow")) IPython.embed() main_menu(symbols) elif (selector == "5"): click.echo(click.style("EXPORT MENU", fg="yellow")) exporter_menu(symbols) elif (selector == "6"): click.echo(click.style("Dynamic Analysis MENU", fg="yellow")) dynamic_sequence_menu(symbols) elif (selector == "E"): click.echo(click.style("Bye! Thanks for using TAPIRE, feedback welcome! :)", fg="yellow")) exit() else: click.echo(click.style("ERROR : WRONG SELECTION\n", fg="yellow")) main_menu(symbols)
def clusterize_by_size(symbols, symbol_selector): if symbol_selector == "*": messages = [] for symbol in symbols: messages += symbol.messages.list else: symbol = symbolselector.selectsymbol(symbols, symbol_selector) messages = symbol.messages.list new_symbols = Format.clusterBySize(messages) manipulate_menu(new_symbols)
def identifyHash(symbol_selector,symbols): identifyer = HashIdentifyer() if symbol_selector == "*": for symbol in symbols: click.echo(click.style("[Symbol] : " + symbol.name, fg="red") + "\n") identifyer.identify(symbol) else: symbol = symbolselector.selectsymbol(symbols,symbol_selector) click.echo(click.style("[Symbol] : " + symbol.name, fg="red") + "\n") identifyer.identify(symbol) manipulate_menu(symbols)
def split_static(symbols, symbol_selector, field_selector): if symbol_selector == "*": for symbol in symbols: if field_selector is not None: Format.splitStatic(symbol.fields[int(field_selector)]) else: Format.splitStatic(symbol) else: symbol = symbolselector.selectsymbol(symbols, symbol_selector) Format.splitStatic(symbol) if isinstance(symbols, TypedList): return manipulate_menu(symbols)
def headerSeeker_menu_choice(seeker_selector, symbols): if (seeker_selector == "1"): click.echo(click.style("Ratio based search\n", fg="yellow")) seek_headers_ratio(symbols) elif (seeker_selector == "2"): click.echo(click.style("Field separator based search\n", fg="yellow")) seek_headers_field_sep(symbols) elif (seeker_selector == "3"): click.echo(click.style("SEARCH FOR HEADER AND DATA FIELDS\n", fg="yellow")) seek_headers_value_sep(symbols) else: click.echo(click.style("ERROR : WRONG SELECTION\n", fg="yellow")) manipulate_menu(symbols)
def add_encoding_function(symbols, symbol_selector,encoding,syms): if isinstance(symbols, list) or isinstance(symbols, TypedList): if symbol_selector == "*": for symbol in symbols: symbol.addEncodingFunction(encoding) else: symbol = symbolselector.selectsymbol(symbols, symbol_selector) symbol.addEncodingFunction(encoding) else: symbols.addEncodingFunction(encoding) if syms is None: manipulate_menu(symbols) else: manipulate_menu(syms)
def clusterize_by_CRC(symbols, symbol_selector): if symbol_selector == "*": messages = [] for symbol in symbols: messages += symbol.messages.list else: symbol = symbolselector.selectsymbol(symbols, symbol_selector) messages = symbol.messages.list new_symbols = Format.clusterByCRC(messages) if symbol_selector != "*": replace_symbols.replace_symb(symbols, symbol, new_symbols) else: symbols = new_symbols manipulate_menu(symbols)
def split_aligned(symbols, symbol_selector, field_selector): if symbol_selector != "*": symbol = symbolselector.selectsymbol(symbols, symbol_selector) Format.splitAligned(symbol) else: for symbol in symbols: if field_selector is not None: Format.splitAligned(symbol.fields[int(field_selector)], doInternalSlick=True) else: Format.splitAligned(symbol) if isinstance(symbols, TypedList): return manipulate_menu(symbols)
def seek_headers_ratio(symbols): ratio = 0 while not 0 < ratio <1: ratio = input(" Please input a ratio >>> ") ratio = float(ratio) if not 0 < ratio < 1: click.echo(click.style("[ERROR] ", fg="red") + click.style("Ratio must be between 0 and 1 (strictly)", fg="blue") + '\n') click.echo(click.style("Searching for Headers\n", fg="yellow")) seeker = headerDetector(ratio=True,ratioValue=ratio) found = seeker.findOnSymbols(symbols) if found: click.echo(click.style("Renaming headers\n", fg="yellow")) else: click.echo(click.style("Sorry, didn't find anything!\n", fg="yellow")) manipulate_menu(symbols)
def simpleSeeker_menu_choice(seeker_selector, symbols, symbol_selector): if (seeker_selector == "1"): click.echo(click.style("ANALYSE ENTROPY\n", fg="yellow")) entropyfinder_menu(symbol_selector, symbols) elif (seeker_selector == "2"): click.echo(click.style("RELATION FINDER\n", fg="yellow")) relationfinder_menu(symbol_selector, symbols) elif (seeker_selector == "3"): click.echo(click.style("RUN HASH IDENTIFYER\n", fg="yellow")) identifyHash(symbol_selector, symbols) elif (seeker_selector == "B"): click.echo(click.style("BACK TO PREVIOUS MENU\n", fg="yellow")) manipulate_menu(symbols) else: click.echo(click.style("ERROR : WRONG SELECTION\n", fg="yellow")) simpleSeeker_menu(symbol_selector, symbols)
def seek_headers_value_sep(symbols): click.echo(click.style("[1] ", fg="green") + click.style("[Ascii]", fg="blue") + '\n') click.echo(click.style("[2] ", fg="green") + click.style("[Raw]", fg="blue") + '\n') click.echo(click.style("[3] ", fg="green") + click.style("[HexaString]", fg="blue") + '\n') click.echo(click.style("[4] ", fg="green") + click.style("[BitArray]", fg="blue") + '\n') click.echo(click.style("[5] ", fg="green") + click.style("[Integer]", fg="blue") + '\n') click.echo(click.style("[6] ", fg="green") + click.style("[IPV4]", fg="blue") + '\n') click.echo(click.style("[7] ", fg="green") + click.style("[TimeStamp]", fg="blue") + '\n') separator = input(" Please select a type of data for the separator between header and data >>> ") if separator == "1": separator = "ASCII" elif separator == "2": separator = "RAW" elif separator == "3": separator = "Hexadecimal" elif separator == "4": separator = "BitArray" elif separator == "5": separator = "Integer" elif separator == "6": separator = "IPV4" elif separator == "7": separator = "TimeStamp" else: click.echo(click.style("[ERROR] ", fg="red") + click.style("Wrong selection", fg="blue") + '\n') headerSeeker_menu(symbols) value = input("Please specify the value of the separator>>> ") if separator == "ASCII": field = Field(domain = ASCII(value)) elif separator == "Raw": field = Field(domain=Raw(converter.input_to_raw(value))) elif separator == "Hexadecimal": pass else: click.echo(click.style("[ERROR] ", fg="red") + click.style("Wrong selection", fg="blue") + '\n') headerSeeker_menu(symbols) seeker = headerDetector(separator=True, separatorValue=field) found = seeker.findOnSymbols(symbols) if found: click.echo(click.style("Renaming headers\n", fg="yellow")) else: click.echo(click.style("Sorry, didn't find anything!\n", fg="yellow")) manipulate_menu(symbols) pass
def clusterize_by_alignment(symbols, symbol_selector): if symbol_selector == "*": messages = [] for symbol in symbols: messages += symbol.messages.list else: symbol = symbolselector.selectsymbol(symbols, symbol_selector) messages = symbol.messages.list new_symbols = Format.clusterByAlignment(messages) if not isinstance(new_symbols, list): new_symbols = [new_symbols] if new_symbols[0].name == "Symbol": index = 0 for sym in new_symbols: sym.name = "Symbol-" + str(index) index += 1 manipulate_menu(new_symbols)
def clusterize_by_key_field(symbols, symbol_selector): if symbol_selector == "*": click.echo( click.style("[ERROR] ", fg="red") + click.style("Selector can't be * for key field clustering!", fg="blue") + '\n') manipulate_menu(symbols) else: symbol = symbolselector.selectsymbol(symbols, symbol_selector) display_symbol(symbol) for index, field in enumerate(symbol.fields): click.echo( click.style("[" + str(index) + "] ", fg="green") + click.style("Field-", fg="blue") + str(index)) field_index = input("Please Select a field to cluster >>> ") field = symbol.fields[int(field_index)] new_symbols = Format.clusterByKeyField(symbol, field) replace_symbols.replace_symb(symbols, symbol, new_symbols) manipulate_menu(symbols)
def complexSeeker_menu_choice(seeker_selector, symbols, symbol_selector): if (seeker_selector == "1"): click.echo(click.style("SEARCH FOR IPS\n", fg="yellow")) metaseeker_menu(symbol_selector, symbols) elif (seeker_selector == "2"): click.echo(click.style("SEARCH FOR CRC32\n", fg="yellow")) crcSeeker_menu(symbol_selector, symbols) elif (seeker_selector == "3"): click.echo( click.style("SEARCH FOR HEADER AND DATA FIELDS\n", fg="yellow")) headerSeeker_menu(symbols) elif (seeker_selector == "4"): click.echo(click.style("SEARCH FOR SIZE\n", fg="yellow")) sizeSeeker_menu(symbol_selector, symbols) elif (seeker_selector == "B"): click.echo(click.style("BACK TO PREVIOUS MENU\n", fg="yellow")) manipulate_menu(symbols) else: click.echo(click.style("ERROR : WRONG SELECTION\n", fg="yellow")) complexSeeker_menu(symbol_selector, symbols)
def clusterize_menu_choice(selector, symbols, symbol_selector): if (selector == "1"): click.echo(click.style("CLUSTER BY SIZE\n", fg="yellow")) clusterize_by_size(symbols, symbol_selector) elif (selector == "2"): click.echo(click.style("CLUSTER BY ALIGNMENT\n", fg="yellow")) clusterize_by_alignment(symbols, symbol_selector) elif (selector == "3"): click.echo(click.style("CLUSTER BY APPLICATIVE DATA\n", fg="yellow")) #clusterize_by_applicative(symbols,symbol_selector) elif (selector == "4" and symbol_selector != "*"): click.echo(click.style("CLUSTER BY CRC32\n", fg="yellow")) clusterize_by_CRC(symbols, symbol_selector) elif (selector == "5" and symbol_selector != "*"): click.echo(click.style("CLUSTER BY KEY FIELD\n", fg="yellow")) clusterize_by_key_field(symbols, symbol_selector) elif (selector == "B"): manipulate_menu(symbols) else: click.echo(click.style("ERROR : WRONG SELECTION\n", fg="yellow")) clusterize_menu(symbols, symbol_selector)
def crcSeeker_menu_choice(seeker_selector, symbols, symbol_selector): symbol = symbolselector.selectsymbol(symbols, symbol_selector) seeker = CRCFinder() if (seeker_selector == "1"): not_work = True #Sometimes clustering fails so we apply this quick workaround untill it succeeds new_symbols = clusterize_by_CRC(symbol) while not_work: #new_symbols = clusterize_by_CRC(symbol) for sym in new_symbols: if sym.name.find("No_CRC") == -1: try: seeker.findOnSymbol(symbol=sym, create_fields=True) not_work = False except: not_work = True replace_symbols.replace_symb(symbols, symbol, new_symbols) manipulate_menu(symbols) elif (seeker_selector == "2"): seeker.findOnSymbol(symbol=symbol, create_fields=False) manipulate_menu(symbols) else: click.echo(click.style("ERROR : WRONG SELECTION\n", fg="yellow")) manipulate_menu(symbols)
def seek_headers_field_sep(symbols): click.echo(click.style("[1] ", fg="green") + click.style("[Size relation]", fg="blue") + '\n') click.echo(click.style("[2] ", fg="green") + click.style("[CRC32 relation]", fg="blue") + '\n') click.echo(click.style("[3] ", fg="green") + click.style("[IPchecksum relation]", fg="blue") + '\n') field_separator = input(" Please select a type of field relation for separation between header and data >>> ") if field_separator == "1": field_separator = "Size" elif field_separator == "2": field_separator = "CRC32" elif field_separator == "3": field_separator = "InternetChecksum" else: click.echo(click.style("[ERROR] ", fg="red") + click.style("Wrong selection", fg="blue") + '\n') headerSeeker_menu(symbols) seeker = headerDetector(field=True,fieldType=field_separator) found = seeker.findOnSymbols(symbols) if found: click.echo(click.style("Renaming headers\n", fg="yellow")) else: click.echo(click.style("Sorry, didn't find anything!\n", fg="yellow")) manipulate_menu(symbols)
def split_menu_choice(selector, symbol_selector, symbols, field_selector, parent=None): if (selector == "1"): click.echo(click.style("SPLIT STATIC\n", fg="yellow")) split_static(symbols, symbol_selector, field_selector) elif (selector == "2"): click.echo(click.style("SPLIT ALIGNED\n", fg="yellow")) split_aligned(symbols, symbol_selector, field_selector) elif (selector == "3"): click.echo(click.style("SPLIT DELIMITER\n", fg="yellow")) split_delimiter(symbols, symbol_selector, field_selector) elif (selector == "B"): if parent is not None: manipulate_menu(parent) manipulate_menu(symbols) else: click.echo(click.style("ERROR : WRONG SELECTION\n", fg="yellow")) split_menu(symbol_selector, symbols, parent) return
def metaseeker_menu_choice(seeker_selector, symbols, symbol_selector): symbol = symbolselector.selectsymbol(symbols, symbol_selector) seeker = IPFinder() click.echo( click.style("[1] ", fg="green") + click.style("[Search for two term IPs]", fg="cyan") + '\n') click.echo( click.style("[2] ", fg="green") + click.style("[Don't search for two term IPs]", fg="cyan") + '\n') two_t = input(" PLEASE SELECT A CHOICE >>> ") if (seeker_selector == "1"): if two_t: try: seeker.executeOnSymbol(symbol=symbol, create_fields=True, two_terms=True) except: pass else: try: seeker.executeOnSymbol(symbol=symbol, create_fields=True, two_terms=False) except: pass manipulate_menu(symbols) elif (seeker_selector == "2"): if two_t: try: seeker.executeOnSymbol(symbol=symbol, create_fields=False, two_terms=True) except: pass else: try: seeker.executeOnSymbol(symbol=symbol, create_fields=False, two_terms=False) except: pass manipulate_menu(symbols) else: click.echo(click.style("ERROR : WRONG SELECTION\n", fg="yellow")) manipulate_menu(symbols)
def sizeSeeker_menu_choice(seeker_selector, symbols, symbol_selector, base_index): symbol = symbolselector.selectsymbol(symbols, symbol_selector) seeker = SizeFinder() if (seeker_selector == "1"): seeker.findOnSymbol(symbol=symbol, create_fields=True, baseIndex=base_index) manipulate_menu(symbols) elif (seeker_selector == "2"): seeker.findOnSymbol(symbol=symbol, create_fields=False, baseIndex=base_index) manipulate_menu(symbols) else: click.echo(click.style("ERROR : WRONG SELECTION\n", fg="yellow")) manipulate_menu(symbols)
def split_delimiter(symbols, symbol_selector, field_selector): click.echo( click.style("[1] ", fg="green") + click.style("[Ascii]", fg="blue") + '\n') click.echo( click.style("[2] ", fg="green") + click.style("[Raw]", fg="blue") + '\n') click.echo( click.style("[3] ", fg="green") + click.style("[HexaString]", fg="blue") + '\n') click.echo( click.style("[4] ", fg="green") + click.style("[BitArray]", fg="blue") + '\n') click.echo( click.style("[5] ", fg="green") + click.style("[Integer]", fg="blue") + '\n') click.echo( click.style("[6] ", fg="green") + click.style("[IPV4]", fg="blue") + '\n') click.echo( click.style("[7] ", fg="green") + click.style("[TimeStamp]", fg="blue") + '\n') delimiter_Type = input( "Please select a type of data for the split delimiter >>> ") if delimiter_Type == "1": delimiter_Type = "ASCII" elif delimiter_Type == "2": delimiter_Type = "Raw" elif delimiter_Type == "3": delimiter_Type = "Hexadecimal" elif delimiter_Type == "4": delimiter_Type = "BitArray" elif delimiter_Type == "5": delimiter_Type = "Integer" elif delimiter_Type == "6": delimiter_Type = "IPV4" elif delimiter_Type == "7": delimiter_Type = "TimeStamp" else: click.echo( click.style("[ERROR] ", fg="red") + click.style("Wrong selection", fg="blue") + '\n') split_menu(symbol_selector, symbols) delimiter_string = input( "Please specify a delimiter (For Raw, delimiter should look like so : \"\\\\xca\\\\xfe\\\\xba\\\\xbe\" ) \n >>> " ) if delimiter_Type == "ASCII": delimiter = ASCII(delimiter_string) elif delimiter_Type == "Raw": delimiter = Raw(converter.input_to_raw(delimiter_string)) elif delimiter_Type == "Hexadecimal": pass else: click.echo( click.style("[ERROR] ", fg="red") + click.style("Wrong selection", fg="blue") + '\n') split_menu(symbol_selector, symbols) if symbol_selector == "*": for symbol in symbols: if field_selector is not None: Format.splitDelimiter(symbol.fields[int(field_selector)], delimiter) else: Format.splitDelimiter(symbol, delimiter) else: symbol = symbolselector.selectsymbol(symbols, symbol_selector) Format.splitDelimiter(symbol, delimiter) if isinstance(symbols, TypedList): return manipulate_menu(symbols)
def field_manipulate_menu_choice(selector, field_selector, fields, symbols, symbol_selector): if symbol_selector != "*": if field_selector != "*": if (selector == "1"): click.echo(click.style("DISPLAY FIELD\n", fg="yellow")) display_field(fields, field_selector, symbols, symbol_selector) elif (selector == "2"): click.echo(click.style("RENAME FIELD\n", fg="yellow")) rename_field(fields, field_selector, symbols, symbol_selector) elif (selector == "3"): click.echo(click.style("EDIT FIELD DESCRIPTION\n", fg="yellow")) edit_field_description(fields, field_selector, symbols, symbol_selector) elif (selector == "4"): click.echo(click.style("FIELD MERGER\n", fg="yellow")) field_merger(fields, field_selector, symbols, symbol_selector) elif (selector == "5"): click.echo(click.style("ENCODING MENU\n", fg="yellow")) encoding_menu(fields, field_selector, symbols) elif (selector == "6"): click.echo(click.style("FIELD SPLIT MENU\n", fg="yellow")) split_menu(field_selector, fields, parent=symbols) manipulate_menu(symbols) elif (selector == "B"): click.echo( click.style("BACK TO MANIPULATE MENU\n", fg="yellow")) manipulate_menu(symbols) else: click.echo( click.style("[ERROR] :", fg="red") + click.style("WRONG SELECTION\n", fg="yellow")) field_manipulate_menu(symbols, symbol_selector) else: if (selector == "1"): click.echo(click.style("DISPLAY FIELD\n", fg="yellow")) display_field(fields, field_selector, symbols, symbol_selector) elif (selector == "2"): click.echo(click.style("ENCODING MENU\n", fg="yellow")) encoding_menu(fields, field_selector, symbols) elif (selector == "B"): click.echo( click.style("BACK TO MANIPULATE MENU\n", fg="yellow")) manipulate_menu(symbols) else: click.echo( click.style("[ERROR] :", fg="red") + click.style("WRONG SELECTION\n", fg="yellow")) field_manipulate_menu(symbols, symbol_selector) else: if (selector == "1"): click.echo(click.style("RENAME FIELD\n", fg="yellow")) rename_field(fields, field_selector, symbols, symbol_selector) elif (selector == "2"): click.echo(click.style("EDIT FIELD DESCRIPTION\n", fg="yellow")) edit_field_description(fields, field_selector, symbols, symbol_selector) elif (selector == "3"): click.echo(click.style("ENCODING MENU\n", fg="yellow")) encoding_menu(fields, field_selector, symbols) elif (selector == "4"): click.echo(click.style("FIELD SPLIT MENU\n", fg="yellow")) split_menu(symbol_selector, symbols, field_selector) manipulate_menu(symbols) elif (selector == "B"): click.echo(click.style("BACK TO MANIPULATE MENU\n", fg="yellow")) manipulate_menu(symbols) else: click.echo( click.style("[ERROR] :", fg="red") + click.style("WRONG SELECTION\n", fg="yellow")) field_manipulate_menu(symbols, symbol_selector)
def relationfinder_menu(symbol_selector,symbols): click.echo(click.style("FINDING RELATIONS ",fg="yellow")) find_relations(symbol_selector,symbols) manipulate_menu(symbols)
def entropyfinder_menu(symbol_selector,symbols): click.echo(click.style("ANALYZING ENTROPY",fg="yellow")) find_entropy(symbol_selector,symbols) manipulate_menu(symbols)