def dict_from_object(cls, defined_object): """Parse and return a dictionary for a Network Connection Object object""" defined_object_dict = {} if defined_object.get_tls_used() is not None: defined_object_dict["tls_used"] = {"value": defined_object.get_tls_used()} if defined_object.get_Layer3_Protocol() is not None: defined_object_dict["layer3_protocol"] = Base_Object_Attribute.dict_from_object( defined_object.get_Layer3_Protocol() ) if defined_object.get_Layer4_Protocol() is not None: defined_object_dict["layer4_protocol"] = Base_Object_Attribute.dict_from_object( defined_object.get_Layer4_Protocol() ) if defined_object.get_Layer7_Protocol() is not None: defined_object_dict["layer7_protocol"] = Base_Object_Attribute.dict_from_object( defined_object.get_Layer7_Protocol() ) if defined_object.get_Local_IP_Address() is not None: defined_object_dict["local_ip_address"] = Address.dict_from_object(defined_object.get_Local_IP_Address()) if defined_object.get_Local_Port() is not None: defined_object_dict["local_port"] = Port.dict_from_object(defined_object.get_Local_Port()) if defined_object.get_Remote_IP_Address() is not None: defined_object_dict["remote_ip_address"] = Address.dict_from_object(defined_object.get_Remote_IP_Address()) if defined_object.get_Remote_Port() is not None: defined_object_dict["remote_port"] = Port.dict_from_object(defined_object.get_Remote_Port()) if defined_object.get_Layer7_Connections() is not None: layer7_conn = defined_object.get_Layer7_Connections() layer7_conn_dict = {} if layer7_conn.get_HTTP_Session() is not None: layer7_conn_dict["http_session"] = HTTP_Session.dict_from_object(layer7_conn.get_HTTP_Session()) defined_object_dict["layer7_connections"] = layer7_conn_dict return defined_object_dict
def test_roundtrip2(self): addr_dict = {'address_value': "1.2.3.4", 'category': Address.CAT_IPV4, 'is_destination': True, 'is_source': False} addr_obj = Address.object_from_dict(addr_dict) addr_dict2 = Address.dict_from_object(addr_obj) self.assertEqual(addr_dict, addr_dict2)
def dict_from_object(cls, socket_obj): """Parse and return a dictionary for a Socket Object object""" socket_dict = {} if socket_obj.get_is_blocking() is not None: socket_dict['is_blocking'] = {'value' : socket_obj.get_is_blocking()} if socket_obj.get_is_listening() is not None: socket_dict['is_listening'] = {'value' : socket_obj.get_is_listening()} if socket_obj.get_Address_Family() is not None: socket_dict['address_family'] = Base_Object_Attribute.dict_from_object(socket_obj.get_Address_Family()) if socket_obj.get_Domain() is not None: socket_dict['domain'] = Base_Object_Attribute.dict_from_object(socket_obj.get_Domain()) if socket_obj.get_Local_Address() is not None: local_address_dict = {} if socket_obj.get_Local_Address().get_IP_Address() is not None: local_address_dict['ip_address'] = Address.dict_from_object(socket_obj.get_Local_Address().get_IP_Address()) if socket_obj.get_Local_Address().get_Port() is not None: local_address_dict['port'] = Port.dict_from_object(socket_obj.get_Local_Address().get_Port()) if socket_obj.get_Options() is not None: socket_dict['options'] = cls.__socket_options_dict_from_object(socket_obj.get_Options()) if socket_obj.get_Protocol() is not None: Base_Object_Attribute.dict_from_object(socket_obj.get_Protocol()) if socket_obj.get_Remote_Address() is not None: remote_address_dict = {} if socket_obj.get_Remote_Address().get_IP_Address() is not None: remote_address_dict['ip_address'] = Address.dict_from_object(socket_obj.get_Local_Address().get_IP_Address()) if socket_obj.get_Remote_Address().get_Port() is not None: remote_address_dict['port'] = Port.dict_from_object(socket_obj.get_Local_Address().get_Port()) if socket_obj.get_Type() is not None: Base_Object_Attribute.dict_from_object(socket_obj.get_Type()) return socket_dict
def dict_from_object(cls, process_obj): process_dict = {} if process_obj.get_is_hidden() is not None: process_dict['is_hidden'] = {'value' : process_obj.get_is_hidden()} if process_obj.get_PID() is not None: process_dict['pid'] = Base_Object_Attribute.dict_from_object(process_obj.get_PID()) if process_obj.get_Creation_Time() is not None: process_dict['creation_time'] = Base_Object_Attribute.dict_from_object(process_obj.get_Creation_Time()) if process_obj.get_Parent_PID() is not None: process_dict['parent_pid'] = Base_Object_Attribute.dict_from_object(process_obj.get_Parent_PID()) if process_obj.get_Child_PID_List() is not None: child_pid_list = [] for child_pid in process_obj.get_Child_PID_List().get_Child_PID(): child_pid_list.append(Base_Object_Attribute.dict_from_object(child_pid)) process_dict['child_pid_list'] = child_pid_list if process_obj.get_Image_Info() is not None: image_info = process_obj.get_Image_Info() image_info_dict = {} if image_info.get_File_Name() is not None: image_info_dict['file_name'] = Base_Object_Attribute.dict_from_object(image_info.get_File_Name()) if image_info.get_Command_Line() is not None: image_info_dict['command_line'] = Base_Object_Attribute.dict_from_object(image_info.get_Command_Line()) if image_info.get_Current_Directory() is not None: image_info_dict['current_directory'] = Base_Object_Attribute.dict_from_object(image_info.get_Current_Directory()) if image_info.get_Path() is not None: image_info_dict['path'] = Base_Object_Attribute.dict_from_object(image_info.get_Path()) process_dict['image_info'] = image_info_dict if process_obj.get_Argument_List() is not None: argument_list = [] for argument in process_obj.get_Argument_List().get_Argument(): argument_list.append(Base_Object_Attribute.dict_from_object(argument)) process_dict['argument_list'] = argument_list if process_obj.get_Environment_Variable_List() is not None: process_dict['Environment_Variable_List'] = Environment_Variable_List.dict_from_object(process_obj.get_Environment_Variable_List()) if process_obj.get_Kernel_Time() is not None: process_dict['kernel_time'] = Base_Object_Attribute.dict_from_object(image_info.get_Kernel_Time()) if process_obj.get_Port_List() is not None: port_list = [] for port in process_obj.get_Port_List().get_Port(): port_list.append(port.dict_from_object(port)) process_dict['port_list'] = port_list if process_obj.get_Network_Connection_List() is not None: network_connection_list = [] for network_connection in process_obj.get_Network_Connection_List().get_Network_Connection(): network_connection_dict = {} if network_connection.get_Creation_Time() is not None: network_connection_dict['creation_time'] = Base_Object_Attribute.dict_from_object(network_connection.get_Creation_Time()) if network_connection.get_Destination_IP_Address() is not None: network_connection_dict['destination_ip_Address'] = Address.dict_from_object(network_connection.get_Destination_IP_Address()) if network_connection.get_Destination_Port() is not None: network_connection_dict['destination_port'] = port.dict_from_object(network_connection.get_Destination_Port()) if network_connection.get_Source_IP_Address() is not None: network_connection_dict['source_ip_Address'] = Address.dict_from_object(network_connection.get_Source_IP_Address()) if network_connection.get_Destination_Port() is not None: network_connection_dict['source_port'] = port.dict_from_object(network_connection.get_Source_Port()) if network_connection.get_TCP_State() is not None: network_connection_dict['tcp_state'] = Base_Object_Attribute.dict_from_object(network_connection.get_TCP_State()) network_connection_list.append(network_connection_dict) process_dict['network_connection_list'] = network_connection_list if process_obj.get_Start_Time() is not None: process_dict['start_time'] = Base_Object_Attribute.dict_from_object(process_obj.get_Start_Time()) if process_obj.get_Status() is not None: process_dict['status'] = Base_Object_Attribute.dict_from_object(process_obj.get_Status()) if process_obj.get_String_List() is not None: process_dict['Extracted_String_List'] = Extracted_String_List.dict_from_object(process_obj.get_String_List()) if process_obj.get_Username() is not None: process_dict['username'] = Base_Object_Attribute.dict_from_object(process_obj.get_Username()) if process_obj.get_User_Time() is not None: process_dict['user_time'] = Base_Object_Attribute.dict_from_object(process_obj.get_User_Time()) return process_dict
def __parse_http_client_request(cls, http_client_request): http_client_request_dict = {} if http_client_request.get_HTTP_Request_Line() is not None: client_request_line = http_client_request.get_HTTP_Request_Line() client_request_line_dict = {} if client_request_line.get_HTTP_Method() is not None: client_request_line_dict['http_method'] = Base_Object_Attribute.dict_from_object(client_request_line.get_HTTP_Method()) if client_request_line.get_Value() is not None: client_request_line_dict['value'] = Base_Object_Attribute.dict_from_object(client_request_line.get_HTTP_Value()) if client_request_line.get_Version() is not None: client_request_line_dict['version'] = Base_Object_Attribute.dict_from_object(client_request_line.get_Version()) http_client_request_dict['http_request_line'] = client_request_line_dict if http_client_request.get_HTTP_Request_Header() is not None: request_header = http_client_request.get_HTTP_Request_Header() request_header_dict = {} if request_header.get_Raw_Header() is not None: request_header_dict['raw_header'] = request_header.get_Raw_Header() if request_header.get_Parsed_Header() is not None: parsed_header = request_header.get_Parsed_Header() parsed_header_dict = {} if parsed_header.get_Accept() is not None: parsed_header_dict['accept'] = Base_Object_Attribute.dict_from_object(parsed_header.get_Accept()) if parsed_header.get_Accept_Charset() is not None: parsed_header_dict['accept-charset'] = Base_Object_Attribute.dict_from_object(parsed_header.get_Accept_Charset()) if parsed_header.get_Accept_Language() is not None: parsed_header_dict['accept-language'] = Base_Object_Attribute.dict_from_object(parsed_header.get_Accept_Language()) if parsed_header.get_Accept_Datetime() is not None: parsed_header_dict['accept-datetime'] = Base_Object_Attribute.dict_from_object(parsed_header.get_Accept_Datetime()) if parsed_header.get_Accept_Encoding() is not None: parsed_header_dict['accept'] = Base_Object_Attribute.dict_from_object(parsed_header.get_Accept_Encoding()) if parsed_header.get_Authorization() is not None: parsed_header_dict['authorization'] = Base_Object_Attribute.dict_from_object(parsed_header.get_Authorization()) if parsed_header.get_Cache_Control() is not None: parsed_header_dict['cache-control'] = Base_Object_Attribute.dict_from_object(parsed_header.get_Cache_Control()) if parsed_header.get_Connection() is not None: parsed_header_dict['connection'] = Base_Object_Attribute.dict_from_object(parsed_header.get_Connection()) if parsed_header.get_Cookie() is not None: parsed_header_dict['cookie'] = Base_Object_Attribute.dict_from_object(parsed_header.get_Cookie()) if parsed_header.get_Content_Length() is not None: parsed_header_dict['content-length'] = Base_Object_Attribute.dict_from_object(parsed_header.get_Content_Length()) if parsed_header.get_Content_MD5() is not None: parsed_header_dict['content-md5'] = Base_Object_Attribute.dict_from_object(parsed_header.get_Content_MD5()) if parsed_header.get_Content_Type() is not None: parsed_header_dict['content-type'] = Base_Object_Attribute.dict_from_object(parsed_header.get_Content_Type()) if parsed_header.get_Date() is not None: parsed_header_dict['date'] = Base_Object_Attribute.dict_from_object(parsed_header.get_Date()) if parsed_header.get_Expect() is not None: parsed_header_dict['expect'] = Base_Object_Attribute.dict_from_object(parsed_header.get_Expect()) if parsed_header.get_From() is not None: parsed_header_dict['from'] = Address.dict_from_object(parsed_header.get_From()) if parsed_header.get_Host() is not None: host = parsed_header.get_Host() host_dict = {} if host.get_Domain_Name() is not None: host_dict['domain_name'] = URI.dict_from_object(host.get_Domain_Name()) if host.get_Port() is not None: host_dict['port'] = Port.dict_from_object(host.get_Port()) parsed_header_dict['host'] = host_dict if parsed_header.get_If_Match() is not None: parsed_header_dict['if-match'] = Base_Object_Attribute.dict_from_object(parsed_header.get_If_Match()) if parsed_header.get_If_Modified_Since() is not None: parsed_header_dict['if-modified-since'] = Base_Object_Attribute.dict_from_object(parsed_header.get_If_Modified_Since()) if parsed_header.get_If_None_Match() is not None: parsed_header_dict['if-none-match'] = Base_Object_Attribute.dict_from_object(parsed_header.get_If_None_Match()) if parsed_header.get_If_Range() is not None: parsed_header_dict['if-range'] =Base_Object_Attribute.dict_from_object( parsed_header.get_If_Range()) if parsed_header.get_If_Unmodified_Since() is not None: parsed_header_dict['if-unmodified-since'] = Base_Object_Attribute.dict_from_object(parsed_header.get_If_Unmodified_Since()) if parsed_header.get_Max_Forwards() is not None: parsed_header_dict['max-forwards'] = Base_Object_Attribute.dict_from_object(parsed_header.get_Max_Forwards()) if parsed_header.get_Pragma() is not None: parsed_header_dict['pragma'] = Base_Object_Attribute.dict_from_object(parsed_header.get_Pragma()) if parsed_header.get_Proxy_Authorization() is not None: parsed_header_dict['proxy-authorization'] = Base_Object_Attribute.dict_from_object(parsed_header.get_Proxy_Authorization()) if parsed_header.get_Range() is not None: parsed_header_dict['range'] = Base_Object_Attribute.dict_from_object(parsed_header.get_Range()) if parsed_header.get_Referer() is not None: parsed_header_dict['referer'] = URI.dict_from_object(parsed_header.get_Referer()) if parsed_header.get_TE() is not None: parsed_header_dict['te'] = Base_Object_Attribute.dict_from_object(parsed_header.get_TE()) if parsed_header.get_User_Agent() is not None: parsed_header_dict['user-agent'] = Base_Object_Attribute.dict_from_object(parsed_header.get_User_Agent()) if parsed_header.get_Via() is not None: parsed_header_dict['via'] = Base_Object_Attribute.dict_from_object(parsed_header.get_Via()) if parsed_header.get_Warning() is not None: parsed_header_dict['warning'] = Base_Object_Attribute.dict_from_object(parsed_header.get_Warning()) if parsed_header.get_DNT() is not None: parsed_header_dict['DNT'] = URI.dict_from_object(parsed_header.get_DNT()) if parsed_header.get_X_Requested_With() is not None: parsed_header_dict['x-requested-with'] = Base_Object_Attribute.dict_from_object(parsed_header.get_X_Requested_With()) if parsed_header.get_X_Requested_For() is not None: parsed_header_dict['x-requested-for'] = Base_Object_Attribute.dict_from_object(parsed_header.get_X_Requested_For()) if parsed_header.get_X_ATT_DeviceId() is not None: parsed_header_dict['x-att-deviceid'] = Base_Object_Attribute.dict_from_object(parsed_header.get_X_ATT_DeviceId()) if parsed_header.get_X_Wap_Profile() is not None: parsed_header_dict['x-wap-profile'] = URI.dict_from_object(parsed_header.get_X_Wap_Profile()) request_header_dict['parsed_header'] = parsed_header_dict http_client_request_dict['http_request_header'] = request_header_dict if http_client_request.get_HTTP_Message_Body() is not None: message_body = http_client_request.get_HTTP_Message_Body() message_body_dict = {} if message_body.get_Length() is not None: message_body_dict['length'] = Base_Object_Attribute.dict_from_object(message_body.get_Length()) if message_body.get_Message_Body() is not None: message_body_dict['message_body'] = Base_Object_Attribute.dict_from_object(message_body.get_Message_Body()) http_client_request_dict['http_message_body'] = message_body_dict return http_client_request_dict