def _generateDataValues(self, cellsData):
result = []
for data in cellsData:
if len(data) > 0:
data = data[:8] # We take at most 8 bytes
unitSize = int(AbstractType.UNITSIZE_8) * len(data)
unitSize = int(pow(2, math.ceil(math.log(
unitSize, 2)))) # Round to the nearest upper power of 2
result.append(
Integer.encode(data,
endianness=AbstractType.ENDIAN_BIG,
unitSize=str(unitSize)))
else:
result.append(0)
return result
def decode(data,
unitSize=AbstractType.UNITSIZE_32,
endianness=AbstractType.defaultEndianness(),
sign=AbstractType.SIGN_UNSIGNED):
"""Decodes the specified Timestamp data into its raw representation
>>> from netzob.all import *
>>> value = 1444494130
>>> print(len(Timestamp.decode(value)))
4
"""
if data is None:
raise TypeError("Data cannot be None")
return Integer.decode(data,
unitSize=unitSize,
endianness=endianness,
sign=sign)
def normalize(data):
"""Given the specified data, this static methods normalize its representation
using Netzob types.
:parameter data: the data to normalize
:type data: :class:`object`
:return: an abstractType which value is data
:rtype: :class:`netzob.Model.Vocabulary.Types.AbstractType.AbstractType`
>>> from netzob.all import *
>>> normalizedData = AbstractType.normalize("netzob")
>>> print(normalizedData.__class__)
<class 'netzob.Model.Vocabulary.Types.ASCII.ASCII'>
>>> print(normalizedData.value)
bitarray('011011100110010101110100011110100110111101100010')
"""
if data is None:
raise TypeError("Cannot normalize None data")
normalizedData = None
if isinstance(data, AbstractType):
return data
elif isinstance(data, int):
from netzob.Model.Vocabulary.Types.Integer import Integer
return Integer(value=data)
elif isinstance(data, bytes):
from netzob.Model.Vocabulary.Types.Raw import Raw
normalizedData = Raw(value=data)
elif isinstance(data, str):
from netzob.Model.Vocabulary.Types.ASCII import ASCII
normalizedData = ASCII(value=data)
if normalizedData is None:
raise TypeError(
"Not a valid data ({0}), impossible to normalize it.",
type(data))
return normalizedData
def initHeader(self):
"""Initialize the IP header according to the IP format definition.
"""
# Ethernet header
# Retrieve remote MAC address
dstMacAddr = get_mac_address(ip=self.remoteIP)
if dstMacAddr is not None:
dstMacAddr = dstMacAddr.replace(':', '')
dstMacAddr = binascii.unhexlify(dstMacAddr)
else:
# Force ARP resolution
p = subprocess.Popen(["/bin/ping", "-c1", self.remoteIP])
p.wait()
time.sleep(0.1)
dstMacAddr = get_mac_address(ip=self.remoteIP)
if dstMacAddr is not None:
dstMacAddr = dstMacAddr.replace(':', '')
dstMacAddr = binascii.unhexlify(dstMacAddr)
else:
raise Exception(
"Cannot resolve IP address to a MAC address for IP: '{}'".
format(self.remoteIP))
# Retrieve local MAC address
srcMacAddr = self.get_interface_addr(bytes(self.interface, 'utf-8'))[1]
eth_dst = Field(name='eth.dst', domain=Raw(dstMacAddr))
eth_src = Field(name='eth.src', domain=Raw(srcMacAddr))
eth_type = Field(name='eth.type', domain=Raw(b"\x08\x00"))
# IP header
ip_ver = Field(name='ip.version',
domain=BitArray(value=bitarray('0100'))) # IP Version 4
ip_ihl = Field(name='ip.hdr_len', domain=BitArray(bitarray('0000')))
ip_tos = Field(name='ip.tos',
domain=Data(dataType=BitArray(nbBits=8),
originalValue=bitarray('00000000'),
svas=SVAS.PERSISTENT))
ip_tot_len = Field(name='ip.len',
domain=BitArray(bitarray('0000000000000000')))
ip_id = Field(name='ip.id', domain=BitArray(nbBits=16))
ip_flags = Field(name='ip.flags',
domain=Data(dataType=BitArray(nbBits=3),
originalValue=bitarray('000'),
svas=SVAS.PERSISTENT))
ip_frag_off = Field(name='ip.fragment',
domain=Data(
dataType=BitArray(nbBits=13),
originalValue=bitarray('0000000000000'),
svas=SVAS.PERSISTENT))
ip_ttl = Field(name='ip.ttl',
domain=Data(dataType=BitArray(nbBits=8),
originalValue=bitarray('01000000'),
svas=SVAS.PERSISTENT))
ip_proto = Field(name='ip.proto',
domain=Integer(value=self.upperProtocol,
unitSize=AbstractType.UNITSIZE_8,
endianness=AbstractType.ENDIAN_BIG,
sign=AbstractType.SIGN_UNSIGNED))
ip_checksum = Field(name='ip.checksum',
domain=BitArray(bitarray('0000000000000000')))
ip_saddr = Field(name='ip.src', domain=IPv4(self.localIP))
ip_daddr = Field(name='ip.dst', domain=IPv4(self.remoteIP))
ip_payload = Field(name='ip.payload', domain=Raw())
ip_ihl.domain = Size([
ip_ver, ip_ihl, ip_tos, ip_tot_len, ip_id, ip_flags, ip_frag_off,
ip_ttl, ip_proto, ip_checksum, ip_saddr, ip_daddr
],
dataType=BitArray(nbBits=4),
factor=1 / float(32))
ip_tot_len.domain = Size([
ip_ver, ip_ihl, ip_tos, ip_tot_len, ip_id, ip_flags, ip_frag_off,
ip_ttl, ip_proto, ip_checksum, ip_saddr, ip_daddr, ip_payload
],
dataType=Integer(
unitSize=AbstractType.UNITSIZE_16,
sign=AbstractType.SIGN_UNSIGNED),
factor=1 / float(8))
ip_checksum.domain = InternetChecksum(
fields=[
ip_ver, ip_ihl, ip_tos, ip_tot_len, ip_id, ip_flags,
ip_frag_off, ip_ttl, ip_proto, ip_checksum, ip_saddr, ip_daddr
],
dataType=Raw(nbBytes=2, unitSize=AbstractType.UNITSIZE_16))
self.header = Symbol(name='Ethernet layer',
fields=[
eth_dst, eth_src, eth_type, ip_ver, ip_ihl,
ip_tos, ip_tot_len, ip_id, ip_flags,
ip_frag_off, ip_ttl, ip_proto, ip_checksum,
ip_saddr, ip_daddr, ip_payload
])
def convert(data,
sourceType,
destinationType,
src_unitSize=None,
src_endianness=AbstractType.defaultEndianness(),
src_sign=AbstractType.defaultSign(),
dst_unitSize=None,
dst_endianness=AbstractType.defaultEndianness(),
dst_sign=AbstractType.defaultSign()):
"""Encode data provided as a sourceType to a destinationType.
To convert an ASCII to its binary (bitarray) representation
>>> from netzob.all import *
>>> data = "That's an helloworld!"
>>> bin = TypeConverter.convert(data, ASCII, BitArray)
>>> print(bin)
bitarray('010101000110100001100001011101000010011101110011001000000110000101101110001000000110100001100101011011000110110001101111011101110110111101110010011011000110010000100001')
>>> data == TypeConverter.convert(bin, BitArray, ASCII)
True
To convert a raw data to its decimal representation and then to its ASCII representation
>>> data = b'\\x23'
>>> decData = TypeConverter.convert(data, Raw, Integer)
>>> print(decData)
35
>>> print(TypeConverter.convert(decData, Integer, ASCII))
#
Conversion to and from Integer detects the output unitsize depending on the input:
>>> TypeConverter.convert(b'\\x0b\\x00', Raw, Integer)
2816
>>> TypeConverter.convert(11, Integer, Raw)
b'\\x0b'
>>> TypeConverter.convert(b'\\xa0\\x0b', Raw, Integer, dst_sign=AbstractType.SIGN_SIGNED)
-24565
>>> TypeConverter.convert(-24565, Integer, Raw, src_sign=AbstractType.SIGN_SIGNED)
b'\\xa0\\x0b'
>>> TypeConverter.convert(0, Integer, Raw)
b'\\x00'
>>> TypeConverter.convert(b'\\x00\\x00\\x00', Raw, Integer)
Traceback (most recent call last):
...
TypeError: Unsupported autodetected Integer target UnitSize. Valid UnitSizes are 8, 16, 32 and 64 bits.
You can also play with the unitSize to convert multiple ascii in a single high value decimal
>>> TypeConverter.convert("5", ASCII, Integer)
53
>>> print(TypeConverter.convert("zoby", ASCII, Integer))
2054120057
>>> print(TypeConverter.convert("zoby", ASCII, Integer, dst_unitSize=AbstractType.UNITSIZE_32))
2054120057
It also works for 'semantic' data like IPv4s
>>> TypeConverter.convert("192.168.0.10", IPv4, Integer, dst_sign=AbstractType.SIGN_UNSIGNED)
3232235530
>>> TypeConverter.convert("127.0.0.1", IPv4, BitArray)
bitarray('01111111000000000000000000000001')
>>> TypeConverter.convert(167815360, Integer, IPv4, src_unitSize=AbstractType.UNITSIZE_32, src_sign=AbstractType.SIGN_UNSIGNED)
IPAddress('10.0.168.192')
To check Integer conversion consistency
>>> f = Field(b'some')
>>> v = f.domain.currentValue.tobytes()
>>> try:
... v_hex = v.hex()
... except AttributeError:
... import codecs # Python <= 3.4: 'bytes' object has no attribute 'hex'
... v_hex = codecs.encode(v, 'hex_codec').decode('ascii')
>>> '0x'+v_hex == hex(TypeConverter.convert(f.domain.currentValue, BitArray, Integer))
True
:param sourceType: the data source type
:type sourceType: :class:`type`
:param destinationType: the destination type
:type destinationType: :class:`type`
:keyword src_unitSize: the unitsize to consider while encoding. Values must be one of AbstractType.UNITSIZE_*
:type src_unitSize: str
:keyword src_endianness: the endianness to consider while encoding. Values must be AbstractType.ENDIAN_BIG or AbstractType.ENDIAN_LITTLE
:type src_endianness: str
:keyword src_sign: the sign to consider while encoding Values must be AbstractType.SIGN_SIGNED or AbstractType.SIGN_UNSIGNED
:type src_sign: str
:keyword dst_unitSize: the unitsize of the expected result. Values must be one of AbstractType.UNITSIZE_*
:type dst_unitSize: str
:keyword dst_endianness: the endianness of the expected result. Values must be AbstractType.ENDIAN_BIG or AbstractType.ENDIAN_LITTLE
:type dst_endianness: str
:keyword dst_sign: the sign of the expected result. Values must be AbstractType.SIGN_SIGNED or AbstractType.SIGN_UNSIGNED
:type dst_sign: str
:raise: TypeError if parameter not valid
"""
# Use defaultUnitSize for all types except Integer
if dst_unitSize is None and destinationType is not Integer:
dst_unitSize = AbstractType.defaultUnitSize()
if src_unitSize is None and sourceType is not Integer:
src_unitSize = AbstractType.defaultUnitSize()
# is the two formats supported ?
if sourceType not in TypeConverter.supportedTypes():
raise TypeError(
"The source type ({0}) is not supported".format(sourceType))
if destinationType not in TypeConverter.supportedTypes():
raise TypeError("The destination type ({0}) is not supported".
format(destinationType))
if data is None:
raise TypeError("Data cannot be None")
# Do we have a specific source to destination encoding function
if (sourceType, destinationType
) in list(TypeConverter.__directEncoding().keys()):
func = TypeConverter.__directEncoding()[(sourceType,
destinationType)]
return func(data, src_unitSize, src_endianness, src_sign,
dst_unitSize, dst_endianness, dst_sign)
else:
# Convert from source to raw
if sourceType is not Raw:
if sourceType is Integer and src_unitSize is None:
src_unitSize = Integer.checkUnitSizeForValue(data,src_sign)
binData = sourceType.decode(
data,
unitSize=src_unitSize,
endianness=src_endianness,
sign=src_sign)
else:
binData = data
# Convert from raw to Destination
if destinationType is not Raw:
if destinationType is Integer and dst_unitSize is None:
nbUnits = len(binData)
if nbUnits == 8:
dst_unitSize = AbstractType.UNITSIZE_64
elif nbUnits == 4:
dst_unitSize = AbstractType.UNITSIZE_32
elif nbUnits == 2:
dst_unitSize = AbstractType.UNITSIZE_16
elif nbUnits == 1:
dst_unitSize = AbstractType.UNITSIZE_8
else:
raise TypeError("Unsupported autodetected Integer target UnitSize. Valid UnitSizes are 8, 16, 32 and 64 bits.")
outputData = destinationType.encode(
binData,
unitSize=dst_unitSize,
endianness=dst_endianness,
sign=dst_sign)
else:
outputData = binData
return outputData
def initHeader(self):
"""Initialize the IP header according to the IP format definition.
"""
ip_ver = Field(name='ip.version',
domain=BitArray(value=bitarray('0100'))) # IP Version 4
ip_ihl = Field(name='ip.hdr_len', domain=BitArray(bitarray('0000')))
ip_tos = Field(name='ip.tos',
domain=Data(dataType=BitArray(nbBits=8),
originalValue=bitarray('00000000'),
svas=SVAS.PERSISTENT))
ip_tot_len = Field(name='ip.len',
domain=BitArray(bitarray('0000000000000000')))
ip_id = Field(name='ip.id', domain=BitArray(nbBits=16))
ip_flags = Field(name='ip.flags',
domain=Data(dataType=BitArray(nbBits=3),
originalValue=bitarray('000'),
svas=SVAS.PERSISTENT))
ip_frag_off = Field(name='ip.fragment',
domain=Data(
dataType=BitArray(nbBits=13),
originalValue=bitarray('0000000000000'),
svas=SVAS.PERSISTENT))
ip_ttl = Field(name='ip.ttl',
domain=Data(dataType=BitArray(nbBits=8),
originalValue=bitarray('01000000'),
svas=SVAS.PERSISTENT))
ip_proto = Field(name='ip.proto',
domain=Integer(value=self.upperProtocol,
unitSize=AbstractType.UNITSIZE_8,
endianness=AbstractType.ENDIAN_BIG,
sign=AbstractType.SIGN_UNSIGNED))
ip_checksum = Field(name='ip.checksum',
domain=BitArray(bitarray('0000000000000000')))
ip_saddr = Field(name='ip.src', domain=IPv4(self.localIP))
ip_daddr = Field(name='ip.dst', domain=IPv4(self.remoteIP))
ip_payload = Field(name='ip.payload', domain=Raw())
ip_ihl.domain = Size([
ip_ver, ip_ihl, ip_tos, ip_tot_len, ip_id, ip_flags, ip_frag_off,
ip_ttl, ip_proto, ip_checksum, ip_saddr, ip_daddr
],
dataType=BitArray(nbBits=4),
factor=1 / float(32))
ip_tot_len.domain = Size([
ip_ver, ip_ihl, ip_tos, ip_tot_len, ip_id, ip_flags, ip_frag_off,
ip_ttl, ip_proto, ip_checksum, ip_saddr, ip_daddr, ip_payload
],
dataType=Integer(
unitSize=AbstractType.UNITSIZE_16,
sign=AbstractType.SIGN_UNSIGNED),
factor=1 / float(8))
ip_checksum.domain = InternetChecksum(
fields=[
ip_ver, ip_ihl, ip_tos, ip_tot_len, ip_id, ip_flags,
ip_frag_off, ip_ttl, ip_proto, ip_checksum, ip_saddr, ip_daddr
],
dataType=Raw(nbBytes=2, unitSize=AbstractType.UNITSIZE_16))
self.header = Symbol(name='IP layer',
fields=[
ip_ver, ip_ihl, ip_tos, ip_tot_len, ip_id,
ip_flags, ip_frag_off, ip_ttl, ip_proto,
ip_checksum, ip_saddr, ip_daddr, ip_payload
])