示例#1
0
文件: Searcher.py 项目: lindi2/netzob
 def getSearchedDataForDecimal(self, value):
     if not value.isdigit():
         return []
     # Creation of a SearchTask
     task = SearchTask(value, value, Format.DECIMAL)
     task.registerVariation(TypeConvertor.decimalToNetzobRaw(value), "Decimal representation of '{0}'".format(TypeConvertor.decimalToNetzobRaw(value)))
     task.registerVariation(TypeConvertor.decimalToNetzobRaw(value[::-1]), "Inverted decimal representation of '{0}'".format(TypeConvertor.decimalToNetzobRaw(value[::-1])))
     return [task]
示例#2
0
文件: Searcher.py 项目: lindi2/netzob
    def getSearchedDataForHexadecimal(self, value, extraInfo=None):
        typeIdentifier = TypeIdentifier()
        if not typeIdentifier.isHexString(value):
            return []
        # Creation of a SearchTask
        task = SearchTask(value, value, Format.HEX)
        task.registerVariation(value, "Hex repr of '{0}'({1}))".format(value, extraInfo))
#        task.registerVariation(value[::-1], "Inverted representation of '{0}'".format(value[::-1]))
        return [task]
示例#3
0
 def getSearchedDataForHexadecimal(self, value, extraInfo=None):
     typeIdentifier = TypeIdentifier()
     if not typeIdentifier.isHexString(value):
         return []
     # Creation of a SearchTask
     task = SearchTask(value, value, Format.HEX)
     task.registerVariation(
         value, "Hex repr of '{0}'({1}))".format(value, extraInfo))
     #        task.registerVariation(value[::-1], "Inverted representation of '{0}'".format(value[::-1]))
     print task
     return [task]
示例#4
0
    def execute(self, symbol):
        results = []
        toBeAnalyzed = []
        if symbol is not None:
            toBeAnalyzed.append(symbol)
        else:
            toBeAnalyzed.extend(self.project.getVocabulary().getSymbols())

        for symbol in toBeAnalyzed:
            searchTask = SearchTask(
                "URL Data Carver",
                "((http:\/\/|https:\/\/)?(www\.)?(([a-z0-9\-]){2,}\.){1,4}([a-z]){2,6}(\/([a-z\-_\/\.0-9#:?+%=&;,])*)?)",
                "URL",
            )

            ## TODO: put this things in a dedicated class
            infoCarvers = {
                "url": re.compile(
                    "((http:\/\/|https:\/\/)?(www\.)?(([a-z0-9\-]){2,}\.){1,4}([a-z]){2,6}(\/([a-z\-_\/\.0-9#:?+%=&;,])*)?)"
                ),
                "email": re.compile("[a-z0-9._%+-]+@[a-z0-9.-]+\.[a-z]{2,4}"),
                "ip": re.compile(
                    "(((?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))"
                ),
            }
            foundValues = []

            tasks = []
            # Execute the search operation in String mode
            for (carver, regex) in infoCarvers.items():
                currentTask = SearchTask(carver, None, carver)
                taskResults = []
                for message in symbol.getMessages():
                    strData = TypeConvertor.netzobRawToString(message.getReducedStringData())
                    for match in regex.finditer(strData):
                        if match is None:
                            taskResult = SearchResult(message, "Data Carving: {0}".format(carver))
                            taskResult.addSegment(0, len(message.getReducedStringData()))
                            taskResults.append(taskResult)
                        else:
                            taskResult = SearchResult(message, "Data Carving: {0}".format(carver))
                            taskResult.addSegment(match.start(0) * 2, match.end(0) * 2)
                            taskResults.append(taskResult)
                if len(taskResults) > 0:
                    currentTask.registerResults(taskResults, "Data Carving: {0}".format(carver))
                    tasks.append(currentTask)
            results.append(tasks)

        return results
示例#5
0
 def getSearchedDataForString(self, value):
     # Creation of a SearchTask
     task = SearchTask(value, value, Format.STRING)
     task.registerVariation(TypeConvertor.stringToNetzobRaw(value), "String representation of '%s'" % value)
     task.registerVariation(TypeConvertor.stringToNetzobRaw(value[::-1]), "Inverted string representation of '%s'" % value[::-1])
     task.registerVariation(TypeConvertor.stringToNetzobRaw(value.decode('utf-8')), "String representation of '%s' encoded in UTF-8" % value)
     return [task]
示例#6
0
 def getSearchedDataForString(self, value):
     # Creation of a SearchTask
     task = SearchTask(value, value, Format.STRING)
     task.registerVariation(TypeConvertor.stringToNetzobRaw(value),
                            "String representation of '%s'" % value)
     task.registerVariation(
         TypeConvertor.stringToNetzobRaw(value[::-1]),
         "Inverted string representation of '%s'" % value[::-1])
     task.registerVariation(
         TypeConvertor.stringToNetzobRaw(value.decode('utf-8')),
         "String representation of '%s' encoded in UTF-8" % value)
     return [task]
示例#7
0
    def execute(self, symbol):
        results = []
        toBeAnalyzed = []
        if symbol is not None:
            toBeAnalyzed.append(symbol)
        else:
            toBeAnalyzed.extend(self.project.getVocabulary().getSymbols())

        for symbol in toBeAnalyzed:
            searchTask = SearchTask("URL Data Carver", "((http:\/\/|https:\/\/)?(www\.)?(([a-z0-9\-]){2,}\.){1,4}([a-z]){2,6}(\/([a-z\-_\/\.0-9#:?+%=&;,])*)?)", "URL")

            ## TODO: put this things in a dedicated class
            infoCarvers = {
                'url': re.compile("((http:\/\/|https:\/\/)?(www\.)?(([a-z0-9\-]){2,}\.){1,4}([a-z]){2,6}(\/([a-z\-_\/\.0-9#:?+%=&;,])*)?)"),
                'email': re.compile("[a-z0-9._%+-]+@[a-z0-9.-]+\.[a-z]{2,4}"),
                'ip': re.compile("(((?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\.){3}(?:25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?))")
            }
            foundValues = []

            tasks = []
            # Execute the search operation in String mode
            for (carver, regex) in infoCarvers.items():
                currentTask = SearchTask(carver, None, carver)
                taskResults = []
                for message in symbol.getMessages():
                    strData = TypeConvertor.netzobRawToString(message.getReducedStringData())
                    for match in regex.finditer(strData):
                        if match is None:
                            taskResult = SearchResult(message, "Data Carving: {0}".format(carver))
                            taskResult.addSegment(0, len(message.getReducedStringData()))
                            taskResults.append(taskResult)
                        else:
                            taskResult = SearchResult(message, "Data Carving: {0}".format(carver))
                            taskResult.addSegment(match.start(0) * 2, match.end(0) * 2)
                            taskResults.append(taskResult)
                if len(taskResults) > 0:
                    currentTask.registerResults(taskResults, "Data Carving: {0}".format(carver))
                    tasks.append(currentTask)
            results.append(tasks)

        return results
示例#8
0
 def getSearchedDataForDecimal(self, value):
     if not value.isdigit():
         return []
     # Creation of a SearchTask
     task = SearchTask(value, value, Format.DECIMAL)
     task.registerVariation(
         TypeConvertor.decimalToNetzobRaw(value),
         "Decimal representation of '{0}'".format(
             TypeConvertor.decimalToNetzobRaw(value)))
     task.registerVariation(
         TypeConvertor.decimalToNetzobRaw(value[::-1]),
         "Inverted decimal representation of '{0}'".format(
             TypeConvertor.decimalToNetzobRaw(value[::-1])))
     return [task]
示例#9
0
文件: Searcher.py 项目: KurSh/netzob
 def getSearchedDataForHexadecimal(self, value):
     # Creation of a SearchTask
     task = SearchTask(value, value, Format.HEX)
     task.registerVariation(value, "Hexadecimal representation of '{0}'".format(value))
     task.registerVariation(value[::-1], "Inverted representation of '{0}'".format(value[::-1]))
     return [task]