def __new__(cls,
name, # type: str
bases, # type: Tuple[type, ...]
dct # type: Dict[str, Any]
):
# type: (...) -> Type[ASN1_Class]
for b in bases:
for k, v in six.iteritems(b.__dict__):
if k not in dct and isinstance(v, ASN1Tag):
dct[k] = v.clone()
rdict = {}
for k, v in six.iteritems(dct):
if isinstance(v, int):
v = ASN1Tag(k, v)
dct[k] = v
rdict[v] = v
elif isinstance(v, ASN1Tag):
rdict[v] = v
dct["__rdict__"] = rdict
ncls = cast('Type[ASN1_Class]',
type.__new__(cls, name, bases, dct))
for v in six.itervalues(ncls.__dict__):
if isinstance(v, ASN1Tag):
# overwrite ASN1Tag contexts, even cloned ones
v.context = ncls
return ncls
def multiplot(self,
f, # type: Callable[..., Any]
lfilter=None, # type: Optional[Callable[..., Any]]
plot_xy=False, # type: bool
**kargs # type: Any
):
# type: (...) -> Line2D
"""Uses a function that returns a label and a value for this label, then
plots all the values label by label.
A list of matplotlib.lines.Line2D is returned.
"""
# Defer imports of matplotlib until its needed
# because it has a heavy dep chain
from scapy.libs.matplot import (
plt,
MATPLOTLIB_INLINED,
MATPLOTLIB_DEFAULT_PLOT_KARGS
)
# Python 2 backward compatibility
f = lambda_tuple_converter(f)
if lfilter is not None:
lfilter = lambda_tuple_converter(lfilter)
# Get the list of packets
if lfilter is None:
lst_pkts = (f(*e) for e in self.res)
else:
lst_pkts = (f(*e) for e in self.res if lfilter(*e))
# Apply the function f to the packets
d = {} # type: Dict[str, List[float]]
for k, v in lst_pkts:
d.setdefault(k, []).append(v)
# Mimic the default gnuplot output
if not kargs:
kargs = MATPLOTLIB_DEFAULT_PLOT_KARGS
if plot_xy:
lines = [plt.plot(*zip(*pl), **dict(kargs, label=k))
for k, pl in six.iteritems(d)]
else:
lines = [plt.plot(pl, **dict(kargs, label=k))
for k, pl in six.iteritems(d)]
plt.legend(loc="center right", bbox_to_anchor=(1.5, 0.5))
# Call show() if matplotlib is not inlined
if not MATPLOTLIB_INLINED:
plt.show()
return lines
def __repr__(self):
# type: () -> str
lst = []
for num, layer in six.iteritems(self.num2layer):
if layer in self.layer2num and self.layer2num[layer] == num:
dir = "<->"
else:
dir = " ->"
lst.append((num, "%#6x %s %-20s (%s)" % (num, dir, layer.__name__,
layer._name)))
for layer, num in six.iteritems(self.layer2num):
if num not in self.num2layer or self.num2layer[num] != layer:
lst.append((num, "%#6x <- %-20s (%s)" % (num, layer.__name__,
layer._name)))
lst.sort()
return "\n".join(y for x, y in lst)
def __getattr__(self, attr):
# type: (str) -> _K
try:
return object.__getattribute__(self, attr) # type: ignore
except AttributeError:
for k, v in six.iteritems(self.d):
if self.ident(v) == attr:
return cast(_K, k)
raise AttributeError
def __repr__(self):
# type: () -> str
s = []
if self:
mk = max(len(k) for k in six.iterkeys(self.__dict__))
fmt = "%%-%is %%s" % (mk + 1)
for item in six.iteritems(self.__dict__):
s.append(fmt % item)
return "\n".join(s)
def update(self, # type: ignore
other, # type: Any
**kwargs # type: Any
):
# type: (...) -> None
for key, value in six.iteritems(other):
# We only update an element from `other` either if it does
# not exist in `self` or if the entry in `self` is older.
if key not in self or self._timetable[key] < other._timetable[key]:
dict.__setitem__(self, key, value)
self._timetable[key] = other._timetable[key]
def conversations(self,
getsrcdst=None, # type: Optional[Callable[[Packet], Tuple[Any, ...]]] # noqa: E501
**kargs # type: Any
):
# type: (...) -> Any
"""Graphes a conversations between sources and destinations and display it
(using graphviz and imagemagick)
:param getsrcdst: a function that takes an element of the list and
returns the source, the destination and optionally
a label. By default, returns the IP source and
destination from IP and ARP layers
:param type: output type (svg, ps, gif, jpg, etc.), passed to dot's
"-T" option
:param target: filename or redirect. Defaults pipe to Imagemagick's
display program
:param prog: which graphviz program to use
"""
if getsrcdst is None:
def _getsrcdst(pkt):
# type: (Packet) -> Tuple[str, str]
"""Extract src and dst addresses"""
if 'IP' in pkt:
return (pkt['IP'].src, pkt['IP'].dst)
if 'IPv6' in pkt:
return (pkt['IPv6'].src, pkt['IPv6'].dst)
if 'ARP' in pkt:
return (pkt['ARP'].psrc, pkt['ARP'].pdst)
raise TypeError()
getsrcdst = _getsrcdst
conv = {} # type: Dict[Tuple[Any, ...], Any]
for p in self.res:
p = self._elt2pkt(p)
try:
c = getsrcdst(p)
except Exception:
# No warning here: it's OK that getsrcdst() raises an
# exception, since it might be, for example, a
# function that expects a specific layer in each
# packet. The try/except approach is faster and
# considered more Pythonic than adding tests.
continue
if len(c) == 3:
conv.setdefault(c[:2], set()).add(c[2])
else:
conv[c] = conv.get(c, 0) + 1
gr = 'digraph "conv" {\n'
for (s, d), l in six.iteritems(conv):
gr += '\t "%s" -> "%s" [label="%s"]\n' % (
s, d, ', '.join(str(x) for x in l) if isinstance(l, set) else l
)
gr += "}\n"
return do_graph(gr, **kargs)
def nmap_search(sigs):
guess = 0, []
for osval, fprint in conf.nmap_kdb.get_base():
score = 0.0
for test, values in six.iteritems(fprint):
if test in sigs:
score += nmap_match_one_sig(sigs[test], values)
score /= len(sigs)
if score > guess[0]:
guess = score, [osval]
elif score == guess[0]:
guess[1].append(osval)
return guess
def _load(
self,
dat, # type: Dict[str, NetworkInterface]
prov, # type: InterfaceProvider
):
# type: (...) -> None
for ifname, iface in six.iteritems(dat):
if ifname in self.data:
# Handle priorities: keep except if libpcap
if prov.libpcap:
self.data[ifname] = iface
else:
self.data[ifname] = iface
def build_graph(self):
# type: () -> str
s = 'digraph "%s" {\n' % self.__class__.__name__
se = "" # Keep initial nodes at the beginning for better rendering
for st in six.itervalues(self.states):
if st.atmt_initial:
se = (
'\t"%s" [ style=filled, fillcolor=blue, shape=box, root=true];\n'
% st.atmt_state) + se # noqa: E501
elif st.atmt_final:
se += '\t"%s" [ style=filled, fillcolor=green, shape=octagon ];\n' % st.atmt_state # noqa: E501
elif st.atmt_error:
se += '\t"%s" [ style=filled, fillcolor=red, shape=octagon ];\n' % st.atmt_state # noqa: E501
elif st.atmt_stop:
se += '\t"%s" [ style=filled, fillcolor=orange, shape=box, root=true ];\n' % st.atmt_state # noqa: E501
s += se
for st in six.itervalues(self.states):
for n in st.atmt_origfunc.__code__.co_names + st.atmt_origfunc.__code__.co_consts: # noqa: E501
if n in self.states:
s += '\t"%s" -> "%s" [ color=green ];\n' % (
st.atmt_state, n) # noqa: E501
for c, k, v in (
[("purple", k, v)
for k, v in self.conditions.items()] + # noqa: E501
[("red", k, v)
for k, v in self.recv_conditions.items()] + # noqa: E501
[("orange", k, v) for k, v in self.ioevents.items()]):
for f in v:
for n in f.__code__.co_names + f.__code__.co_consts:
if n in self.states:
line = f.atmt_condname
for x in self.actions[f.atmt_condname]:
line += "\\l>[%s]" % x.__name__
s += '\t"%s" -> "%s" [label="%s", color=%s];\n' % (
k, n, line, c) # noqa: E501
for k, v2 in six.iteritems(self.timeout):
for t, f in v2:
if f is None:
continue
for n in f.__code__.co_names + f.__code__.co_consts:
if n in self.states:
line = "%s/%.1fs" % (f.atmt_condname, t)
for x in self.actions[f.atmt_condname]:
line += "\\l>[%s]" % x.__name__
s += '\t"%s" -> "%s" [label="%s",color=blue];\n' % (
k, n, line) # noqa: E501
s += "}\n"
return s
def self_build(self, **kwargs):
''' Takes an HTTPRequest or HTTPResponse object, and creates its
string representation.'''
if not isinstance(self.underlayer, HTTP):
warning(
"An HTTPResponse/HTTPRequest should always be below an HTTP")
# Check for cache
if self.raw_packet_cache is not None:
return self.raw_packet_cache
p = b""
# Walk all the fields, in order
for f in self.fields_desc:
if f.name == "Unknown_Headers":
continue
# Get the field value
val = self.getfieldval(f.name)
if not val:
# Not specified. Skip
continue
if f.name not in [
'Method', 'Path', 'Reason_Phrase', 'Http_Version',
'Status_Code'
]:
val = _header_line(f.real_name, val)
# Fields used in the first line have a space as a separator,
# whereas headers are terminated by a new line
if isinstance(self, HTTPRequest):
if f.name in ['Method', 'Path']:
separator = b' '
else:
separator = b'\r\n'
elif isinstance(self, HTTPResponse):
if f.name in ['Http_Version', 'Status_Code']:
separator = b' '
else:
separator = b'\r\n'
# Add the field into the packet
p = f.addfield(self, p, val + separator)
# Handle Unknown_Headers
if self.Unknown_Headers:
headers_text = b""
for name, value in six.iteritems(self.Unknown_Headers):
headers_text += _header_line(name, value) + b"\r\n"
p = self.get_field("Unknown_Headers").addfield(
self, p, headers_text)
# The packet might be empty, and in that case it should stay empty.
if p:
# Add an additional line after the last header
p = f.addfield(self, p, b'\r\n')
return p
def guess_payload_class(self, payload):
if len(payload) < self._min_ieo_len:
return Packet.guess_payload_class(self, payload)
# Look at fields of the generic ICMPExtensionObject to determine which
# bound extension type to use.
ieo = ICMPExtensionObject(payload)
if ieo.len < self._min_ieo_len:
return Packet.guess_payload_class(self, payload)
for fval, cls in self.payload_guess:
if all(
hasattr(ieo, k) and v == ieo.getfieldval(k)
for k, v in six.iteritems(fval)):
return cls
return ICMPExtensionObject
def reverse_lookup(self, name, case_sensitive=False):
# type: (str, bool) -> Dict[str, str]
"""
Find all MACs registered to a OUI
:param name: the OUI name
:param case_sensitive: default to False
:returns: a dict of mac:tuples (Name, Extended Name)
"""
if case_sensitive:
filtr = lambda x, l: any(x in z for z in l) # type: Callable[[str, Tuple[str, str]], bool] # noqa: E501
else:
name = name.lower()
filtr = lambda x, l: any(x in z.lower() for z in l)
return {k: v for k, v in six.iteritems(self.d)
if filtr(name, v)}
def load(self, NetworkInterface_Win=NetworkInterface_Win):
results = {}
if not conf.cache_pcapiflist:
# Try a restart
WindowsInterfacesProvider._pcap_check()
windows_interfaces = dict()
for i in get_windows_if_list():
# Detect Loopback interface
if "Loopback" in i['name']:
i['name'] = conf.loopback_name
if i['guid']:
if conf.use_npcap and i['name'] == conf.loopback_name:
i['guid'] = NPCAP_LOOPBACK_NAME
windows_interfaces[i['guid']] = i
index = 0
for netw, if_data in six.iteritems(conf.cache_pcapiflist):
name, ips, flags, _ = if_data
guid = _pcapname_to_guid(netw)
data = windows_interfaces.get(guid, None)
if data:
# Exists in Windows registry
data['network_name'] = netw
data['ips'] = list(set(data['ips'] + ips))
data['flags'] = flags
else:
# Only in [Wi]npcap
index -= 1
data = {
'name': name,
'description': name,
'index': index,
'guid': guid,
'network_name': netw,
'mac': '00:00:00:00:00:00',
'ipv4_metric': 0,
'ipv6_metric': 0,
'ips': ips,
'flags': flags
}
# No KeyError will happen here, as we get it from cache
results[guid] = NetworkInterface_Win(self, data)
return results
def __init__(self, name, default, *args, **kwargs):
# type: (str, Any, *_CHOICE_T, **Any) -> None
if "implicit_tag" in kwargs:
err_msg = "ASN1F_CHOICE has been called with an implicit_tag"
raise ASN1_Error(err_msg)
self.implicit_tag = None
for kwarg in ["context", "explicit_tag"]:
setattr(self, kwarg, kwargs.get(kwarg))
super(ASN1F_CHOICE, self).__init__(name,
None,
context=self.context,
explicit_tag=self.explicit_tag)
self.default = default
self.current_choice = None
self.choices = {} # type: Dict[int, _CHOICE_T]
self.pktchoices = {}
for p in args:
if hasattr(p, "ASN1_root"):
p = cast('ASN1_Packet', p)
# should be ASN1_Packet
if hasattr(p.ASN1_root, "choices"):
root = cast(ASN1F_CHOICE, p.ASN1_root)
for k, v in six.iteritems(root.choices):
# ASN1F_CHOICE recursion
self.choices[k] = v
else:
self.choices[p.ASN1_root.network_tag] = p
elif hasattr(p, "ASN1_tag"):
p = cast(Union[ASN1F_PACKET, Type[ASN1F_field[Any, Any]]], p)
if isinstance(p, type):
# should be ASN1F_field class
self.choices[int(p.ASN1_tag)] = p
else:
# should be ASN1F_field instance
self.choices[p.network_tag] = p
if p.implicit_tag is not None:
self.choices[p.implicit_tag & 0x1f] = p
self.pktchoices[hash(p.cls)] = (p.implicit_tag,
p.explicit_tag
) # noqa: E501
else:
raise ASN1_Error("ASN1F_CHOICE: no tag found for one field")
def s2i_frameid(x):
""" Get pnio frame ID from a representation name
Performs a reverse look-up in PNIO_FRAME_IDS dictionary
:param x: a value of PNIO_FRAME_IDS dict
:returns: integer
"""
try:
return {
"RT_CLASS_3": 0x0100,
"RT_CLASS_1": 0x8000,
"RT_CLASS_UDP": 0xC000,
"FragmentationFrameID": 0xFF80,
}[x]
except KeyError:
pass
try:
return next(key for key, value in six.iteritems(PNIO_FRAME_IDS)
if value == x)
except StopIteration:
pass
return x
def get_URL_dict(cls):
return {
x: y.URL
for (x, y) in six.iteritems(cls.__dict__) if isinstance(y, File)
}
def values(self):
# type: () -> Any
if self.timeout is None:
return list(six.itervalues(self))
t0 = time.time()
return [v for (k, v) in six.iteritems(self.__dict__) if t0 - self._timetable[k] < self.timeout] # noqa: E501
def items(self):
# type: () -> Any
if self.timeout is None:
return super(CacheInstance, self).items()
t0 = time.time()
return [(k, v) for (k, v) in six.iteritems(self.__dict__) if t0 - self._timetable[k] < self.timeout] # noqa: E501
def itervalues(self):
# type: () -> Iterator[Tuple[str, Any]]
if self.timeout is None:
return six.itervalues(self.__dict__) # type: ignore
t0 = time.time()
return (v for (k, v) in six.iteritems(self.__dict__) if t0 - self._timetable[k] < self.timeout) # noqa: E501
"pxelinux_configuration_file",
210:
"pxelinux_path_prefix",
211:
"pxelinux_reboot_time",
212:
"option-6rd",
213:
"v4-access-domain",
255:
"end"
}
DHCPRevOptions = {}
for k, v in six.iteritems(DHCPOptions):
if isinstance(v, str):
n = v
v = None
else:
n = v.name
DHCPRevOptions[n] = (k, v)
del (n)
del (v)
del (k)
class RandDHCPOptions(RandField):
def __init__(self, size=None, rndstr=None):
if size is None:
size = RandNumExpo(0.05)
def __repr__(self):
# type: () -> str
return "<Message %s>" % " ".join(
"%s=%r" % (k, v)
for (k, v) in six.iteritems(self.__dict__) # noqa: E501
if not k.startswith("_"))
def _ltp_guess_payload(pkt, *args):
for k, v in six.iteritems(_ltp_payload_conditions):
if v(pkt):
return k
return conf.raw_layer
def __new__(cls, name, bases, dct):
# type: (str, Tuple[Any], Dict[str, Any]) -> Type[Automaton]
cls = super(Automaton_metaclass, cls).__new__( # type: ignore
cls, name, bases, dct)
cls.states = {}
cls.recv_conditions = {} # type: Dict[str, List[_StateWrapper]]
cls.conditions = {} # type: Dict[str, List[_StateWrapper]]
cls.ioevents = {} # type: Dict[str, List[_StateWrapper]]
cls.timeout = {
} # type: Dict[str, List[Tuple[int, _StateWrapper]]] # noqa: E501
cls.actions = {} # type: Dict[str, List[_StateWrapper]]
cls.initial_states = [] # type: List[_StateWrapper]
cls.stop_states = [] # type: List[_StateWrapper]
cls.ionames = []
cls.iosupersockets = []
members = {}
classes = [cls]
while classes:
c = classes.pop(
0
) # order is important to avoid breaking method overloading # noqa: E501
classes += list(c.__bases__)
for k, v in six.iteritems(c.__dict__):
if k not in members:
members[k] = v
decorated = [
v for v in six.itervalues(members) if hasattr(v, "atmt_type")
]
for m in decorated:
if m.atmt_type == ATMT.STATE:
s = m.atmt_state
cls.states[s] = m
cls.recv_conditions[s] = []
cls.ioevents[s] = []
cls.conditions[s] = []
cls.timeout[s] = []
if m.atmt_initial:
cls.initial_states.append(m)
if m.atmt_stop:
cls.stop_states.append(m)
elif m.atmt_type in [
ATMT.CONDITION, ATMT.RECV, ATMT.TIMEOUT, ATMT.IOEVENT
]: # noqa: E501
cls.actions[m.atmt_condname] = []
for m in decorated:
if m.atmt_type == ATMT.CONDITION:
cls.conditions[m.atmt_state].append(m)
elif m.atmt_type == ATMT.RECV:
cls.recv_conditions[m.atmt_state].append(m)
elif m.atmt_type == ATMT.IOEVENT:
cls.ioevents[m.atmt_state].append(m)
cls.ionames.append(m.atmt_ioname)
if m.atmt_as_supersocket is not None:
cls.iosupersockets.append(m)
elif m.atmt_type == ATMT.TIMEOUT:
cls.timeout[m.atmt_state].append((m.atmt_timeout, m))
elif m.atmt_type == ATMT.ACTION:
for co in m.atmt_cond:
cls.actions[co].append(m)
for v in six.itervalues(cls.timeout):
v.sort(key=lambda x: x[0])
v.append((None, None))
for v in itertools.chain(six.itervalues(cls.conditions),
six.itervalues(cls.recv_conditions),
six.itervalues(cls.ioevents)):
v.sort(key=lambda x: x.atmt_prio)
for condname, actlst in six.iteritems(cls.actions):
actlst.sort(key=lambda x: x.atmt_cond[condname])
for ioev in cls.iosupersockets:
setattr(
cls, ioev.atmt_as_supersocket,
_ATMT_to_supersocket(ioev.atmt_as_supersocket,
ioev.atmt_ioname,
cast(Type["Automaton"], cls)))
# Inject signature
try:
import inspect
cls.__signature__ = inspect.signature(
cls.parse_args) # type: ignore # noqa: E501
except (ImportError, AttributeError):
pass
return cast(Type["Automaton"], cls)
def nmap_match_one_sig(seen, ref):
cnt = sum(val in ref.get(key, "").split("|")
for key, val in six.iteritems(seen))
if cnt == 0 and seen.get("Resp") == "N":
return 0.7
return float(cnt) / len(seen)
def get_local_dict(cls):
return {
x: y.name
for (x, y) in six.iteritems(cls.__dict__) if isinstance(y, File)
}
def update(self, *args, **kwargs):
# type: (*Dict[str, _V], **Dict[str, _V]) -> None
for k, v in six.iteritems(dict(*args, **kwargs)):
self[k] = v
def _FlagsList(myfields):
flags = ["Reserved%02d" % i for i in range(32)]
for i, value in six.iteritems(myfields):
flags[i] = value
return flags
