def __new__(cls, name, # type: str bases, # type: Tuple[type, ...] dct # type: Dict[str, Any] ): # type: (...) -> Type[ASN1_Class] for b in bases: for k, v in six.iteritems(b.__dict__): if k not in dct and isinstance(v, ASN1Tag): dct[k] = v.clone() rdict = {} for k, v in six.iteritems(dct): if isinstance(v, int): v = ASN1Tag(k, v) dct[k] = v rdict[v] = v elif isinstance(v, ASN1Tag): rdict[v] = v dct["__rdict__"] = rdict ncls = cast('Type[ASN1_Class]', type.__new__(cls, name, bases, dct)) for v in six.itervalues(ncls.__dict__): if isinstance(v, ASN1Tag): # overwrite ASN1Tag contexts, even cloned ones v.context = ncls return ncls
def multiplot(self, f, # type: Callable[..., Any] lfilter=None, # type: Optional[Callable[..., Any]] plot_xy=False, # type: bool **kargs # type: Any ): # type: (...) -> Line2D """Uses a function that returns a label and a value for this label, then plots all the values label by label. A list of matplotlib.lines.Line2D is returned. """ # Defer imports of matplotlib until its needed # because it has a heavy dep chain from scapy.libs.matplot import ( plt, MATPLOTLIB_INLINED, MATPLOTLIB_DEFAULT_PLOT_KARGS ) # Python 2 backward compatibility f = lambda_tuple_converter(f) if lfilter is not None: lfilter = lambda_tuple_converter(lfilter) # Get the list of packets if lfilter is None: lst_pkts = (f(*e) for e in self.res) else: lst_pkts = (f(*e) for e in self.res if lfilter(*e)) # Apply the function f to the packets d = {} # type: Dict[str, List[float]] for k, v in lst_pkts: d.setdefault(k, []).append(v) # Mimic the default gnuplot output if not kargs: kargs = MATPLOTLIB_DEFAULT_PLOT_KARGS if plot_xy: lines = [plt.plot(*zip(*pl), **dict(kargs, label=k)) for k, pl in six.iteritems(d)] else: lines = [plt.plot(pl, **dict(kargs, label=k)) for k, pl in six.iteritems(d)] plt.legend(loc="center right", bbox_to_anchor=(1.5, 0.5)) # Call show() if matplotlib is not inlined if not MATPLOTLIB_INLINED: plt.show() return lines
def __repr__(self): # type: () -> str lst = [] for num, layer in six.iteritems(self.num2layer): if layer in self.layer2num and self.layer2num[layer] == num: dir = "<->" else: dir = " ->" lst.append((num, "%#6x %s %-20s (%s)" % (num, dir, layer.__name__, layer._name))) for layer, num in six.iteritems(self.layer2num): if num not in self.num2layer or self.num2layer[num] != layer: lst.append((num, "%#6x <- %-20s (%s)" % (num, layer.__name__, layer._name))) lst.sort() return "\n".join(y for x, y in lst)
def __getattr__(self, attr): # type: (str) -> _K try: return object.__getattribute__(self, attr) # type: ignore except AttributeError: for k, v in six.iteritems(self.d): if self.ident(v) == attr: return cast(_K, k) raise AttributeError
def __repr__(self): # type: () -> str s = [] if self: mk = max(len(k) for k in six.iterkeys(self.__dict__)) fmt = "%%-%is %%s" % (mk + 1) for item in six.iteritems(self.__dict__): s.append(fmt % item) return "\n".join(s)
def update(self, # type: ignore other, # type: Any **kwargs # type: Any ): # type: (...) -> None for key, value in six.iteritems(other): # We only update an element from `other` either if it does # not exist in `self` or if the entry in `self` is older. if key not in self or self._timetable[key] < other._timetable[key]: dict.__setitem__(self, key, value) self._timetable[key] = other._timetable[key]
def conversations(self, getsrcdst=None, # type: Optional[Callable[[Packet], Tuple[Any, ...]]] # noqa: E501 **kargs # type: Any ): # type: (...) -> Any """Graphes a conversations between sources and destinations and display it (using graphviz and imagemagick) :param getsrcdst: a function that takes an element of the list and returns the source, the destination and optionally a label. By default, returns the IP source and destination from IP and ARP layers :param type: output type (svg, ps, gif, jpg, etc.), passed to dot's "-T" option :param target: filename or redirect. Defaults pipe to Imagemagick's display program :param prog: which graphviz program to use """ if getsrcdst is None: def _getsrcdst(pkt): # type: (Packet) -> Tuple[str, str] """Extract src and dst addresses""" if 'IP' in pkt: return (pkt['IP'].src, pkt['IP'].dst) if 'IPv6' in pkt: return (pkt['IPv6'].src, pkt['IPv6'].dst) if 'ARP' in pkt: return (pkt['ARP'].psrc, pkt['ARP'].pdst) raise TypeError() getsrcdst = _getsrcdst conv = {} # type: Dict[Tuple[Any, ...], Any] for p in self.res: p = self._elt2pkt(p) try: c = getsrcdst(p) except Exception: # No warning here: it's OK that getsrcdst() raises an # exception, since it might be, for example, a # function that expects a specific layer in each # packet. The try/except approach is faster and # considered more Pythonic than adding tests. continue if len(c) == 3: conv.setdefault(c[:2], set()).add(c[2]) else: conv[c] = conv.get(c, 0) + 1 gr = 'digraph "conv" {\n' for (s, d), l in six.iteritems(conv): gr += '\t "%s" -> "%s" [label="%s"]\n' % ( s, d, ', '.join(str(x) for x in l) if isinstance(l, set) else l ) gr += "}\n" return do_graph(gr, **kargs)
def nmap_search(sigs): guess = 0, [] for osval, fprint in conf.nmap_kdb.get_base(): score = 0.0 for test, values in six.iteritems(fprint): if test in sigs: score += nmap_match_one_sig(sigs[test], values) score /= len(sigs) if score > guess[0]: guess = score, [osval] elif score == guess[0]: guess[1].append(osval) return guess
def _load( self, dat, # type: Dict[str, NetworkInterface] prov, # type: InterfaceProvider ): # type: (...) -> None for ifname, iface in six.iteritems(dat): if ifname in self.data: # Handle priorities: keep except if libpcap if prov.libpcap: self.data[ifname] = iface else: self.data[ifname] = iface
def build_graph(self): # type: () -> str s = 'digraph "%s" {\n' % self.__class__.__name__ se = "" # Keep initial nodes at the beginning for better rendering for st in six.itervalues(self.states): if st.atmt_initial: se = ( '\t"%s" [ style=filled, fillcolor=blue, shape=box, root=true];\n' % st.atmt_state) + se # noqa: E501 elif st.atmt_final: se += '\t"%s" [ style=filled, fillcolor=green, shape=octagon ];\n' % st.atmt_state # noqa: E501 elif st.atmt_error: se += '\t"%s" [ style=filled, fillcolor=red, shape=octagon ];\n' % st.atmt_state # noqa: E501 elif st.atmt_stop: se += '\t"%s" [ style=filled, fillcolor=orange, shape=box, root=true ];\n' % st.atmt_state # noqa: E501 s += se for st in six.itervalues(self.states): for n in st.atmt_origfunc.__code__.co_names + st.atmt_origfunc.__code__.co_consts: # noqa: E501 if n in self.states: s += '\t"%s" -> "%s" [ color=green ];\n' % ( st.atmt_state, n) # noqa: E501 for c, k, v in ( [("purple", k, v) for k, v in self.conditions.items()] + # noqa: E501 [("red", k, v) for k, v in self.recv_conditions.items()] + # noqa: E501 [("orange", k, v) for k, v in self.ioevents.items()]): for f in v: for n in f.__code__.co_names + f.__code__.co_consts: if n in self.states: line = f.atmt_condname for x in self.actions[f.atmt_condname]: line += "\\l>[%s]" % x.__name__ s += '\t"%s" -> "%s" [label="%s", color=%s];\n' % ( k, n, line, c) # noqa: E501 for k, v2 in six.iteritems(self.timeout): for t, f in v2: if f is None: continue for n in f.__code__.co_names + f.__code__.co_consts: if n in self.states: line = "%s/%.1fs" % (f.atmt_condname, t) for x in self.actions[f.atmt_condname]: line += "\\l>[%s]" % x.__name__ s += '\t"%s" -> "%s" [label="%s",color=blue];\n' % ( k, n, line) # noqa: E501 s += "}\n" return s
def self_build(self, **kwargs): ''' Takes an HTTPRequest or HTTPResponse object, and creates its string representation.''' if not isinstance(self.underlayer, HTTP): warning( "An HTTPResponse/HTTPRequest should always be below an HTTP") # Check for cache if self.raw_packet_cache is not None: return self.raw_packet_cache p = b"" # Walk all the fields, in order for f in self.fields_desc: if f.name == "Unknown_Headers": continue # Get the field value val = self.getfieldval(f.name) if not val: # Not specified. Skip continue if f.name not in [ 'Method', 'Path', 'Reason_Phrase', 'Http_Version', 'Status_Code' ]: val = _header_line(f.real_name, val) # Fields used in the first line have a space as a separator, # whereas headers are terminated by a new line if isinstance(self, HTTPRequest): if f.name in ['Method', 'Path']: separator = b' ' else: separator = b'\r\n' elif isinstance(self, HTTPResponse): if f.name in ['Http_Version', 'Status_Code']: separator = b' ' else: separator = b'\r\n' # Add the field into the packet p = f.addfield(self, p, val + separator) # Handle Unknown_Headers if self.Unknown_Headers: headers_text = b"" for name, value in six.iteritems(self.Unknown_Headers): headers_text += _header_line(name, value) + b"\r\n" p = self.get_field("Unknown_Headers").addfield( self, p, headers_text) # The packet might be empty, and in that case it should stay empty. if p: # Add an additional line after the last header p = f.addfield(self, p, b'\r\n') return p
def guess_payload_class(self, payload): if len(payload) < self._min_ieo_len: return Packet.guess_payload_class(self, payload) # Look at fields of the generic ICMPExtensionObject to determine which # bound extension type to use. ieo = ICMPExtensionObject(payload) if ieo.len < self._min_ieo_len: return Packet.guess_payload_class(self, payload) for fval, cls in self.payload_guess: if all( hasattr(ieo, k) and v == ieo.getfieldval(k) for k, v in six.iteritems(fval)): return cls return ICMPExtensionObject
def reverse_lookup(self, name, case_sensitive=False): # type: (str, bool) -> Dict[str, str] """ Find all MACs registered to a OUI :param name: the OUI name :param case_sensitive: default to False :returns: a dict of mac:tuples (Name, Extended Name) """ if case_sensitive: filtr = lambda x, l: any(x in z for z in l) # type: Callable[[str, Tuple[str, str]], bool] # noqa: E501 else: name = name.lower() filtr = lambda x, l: any(x in z.lower() for z in l) return {k: v for k, v in six.iteritems(self.d) if filtr(name, v)}
def load(self, NetworkInterface_Win=NetworkInterface_Win): results = {} if not conf.cache_pcapiflist: # Try a restart WindowsInterfacesProvider._pcap_check() windows_interfaces = dict() for i in get_windows_if_list(): # Detect Loopback interface if "Loopback" in i['name']: i['name'] = conf.loopback_name if i['guid']: if conf.use_npcap and i['name'] == conf.loopback_name: i['guid'] = NPCAP_LOOPBACK_NAME windows_interfaces[i['guid']] = i index = 0 for netw, if_data in six.iteritems(conf.cache_pcapiflist): name, ips, flags, _ = if_data guid = _pcapname_to_guid(netw) data = windows_interfaces.get(guid, None) if data: # Exists in Windows registry data['network_name'] = netw data['ips'] = list(set(data['ips'] + ips)) data['flags'] = flags else: # Only in [Wi]npcap index -= 1 data = { 'name': name, 'description': name, 'index': index, 'guid': guid, 'network_name': netw, 'mac': '00:00:00:00:00:00', 'ipv4_metric': 0, 'ipv6_metric': 0, 'ips': ips, 'flags': flags } # No KeyError will happen here, as we get it from cache results[guid] = NetworkInterface_Win(self, data) return results
def __init__(self, name, default, *args, **kwargs): # type: (str, Any, *_CHOICE_T, **Any) -> None if "implicit_tag" in kwargs: err_msg = "ASN1F_CHOICE has been called with an implicit_tag" raise ASN1_Error(err_msg) self.implicit_tag = None for kwarg in ["context", "explicit_tag"]: setattr(self, kwarg, kwargs.get(kwarg)) super(ASN1F_CHOICE, self).__init__(name, None, context=self.context, explicit_tag=self.explicit_tag) self.default = default self.current_choice = None self.choices = {} # type: Dict[int, _CHOICE_T] self.pktchoices = {} for p in args: if hasattr(p, "ASN1_root"): p = cast('ASN1_Packet', p) # should be ASN1_Packet if hasattr(p.ASN1_root, "choices"): root = cast(ASN1F_CHOICE, p.ASN1_root) for k, v in six.iteritems(root.choices): # ASN1F_CHOICE recursion self.choices[k] = v else: self.choices[p.ASN1_root.network_tag] = p elif hasattr(p, "ASN1_tag"): p = cast(Union[ASN1F_PACKET, Type[ASN1F_field[Any, Any]]], p) if isinstance(p, type): # should be ASN1F_field class self.choices[int(p.ASN1_tag)] = p else: # should be ASN1F_field instance self.choices[p.network_tag] = p if p.implicit_tag is not None: self.choices[p.implicit_tag & 0x1f] = p self.pktchoices[hash(p.cls)] = (p.implicit_tag, p.explicit_tag ) # noqa: E501 else: raise ASN1_Error("ASN1F_CHOICE: no tag found for one field")
def s2i_frameid(x): """ Get pnio frame ID from a representation name Performs a reverse look-up in PNIO_FRAME_IDS dictionary :param x: a value of PNIO_FRAME_IDS dict :returns: integer """ try: return { "RT_CLASS_3": 0x0100, "RT_CLASS_1": 0x8000, "RT_CLASS_UDP": 0xC000, "FragmentationFrameID": 0xFF80, }[x] except KeyError: pass try: return next(key for key, value in six.iteritems(PNIO_FRAME_IDS) if value == x) except StopIteration: pass return x
def get_URL_dict(cls): return { x: y.URL for (x, y) in six.iteritems(cls.__dict__) if isinstance(y, File) }
def values(self): # type: () -> Any if self.timeout is None: return list(six.itervalues(self)) t0 = time.time() return [v for (k, v) in six.iteritems(self.__dict__) if t0 - self._timetable[k] < self.timeout] # noqa: E501
def items(self): # type: () -> Any if self.timeout is None: return super(CacheInstance, self).items() t0 = time.time() return [(k, v) for (k, v) in six.iteritems(self.__dict__) if t0 - self._timetable[k] < self.timeout] # noqa: E501
def itervalues(self): # type: () -> Iterator[Tuple[str, Any]] if self.timeout is None: return six.itervalues(self.__dict__) # type: ignore t0 = time.time() return (v for (k, v) in six.iteritems(self.__dict__) if t0 - self._timetable[k] < self.timeout) # noqa: E501
"pxelinux_configuration_file", 210: "pxelinux_path_prefix", 211: "pxelinux_reboot_time", 212: "option-6rd", 213: "v4-access-domain", 255: "end" } DHCPRevOptions = {} for k, v in six.iteritems(DHCPOptions): if isinstance(v, str): n = v v = None else: n = v.name DHCPRevOptions[n] = (k, v) del (n) del (v) del (k) class RandDHCPOptions(RandField): def __init__(self, size=None, rndstr=None): if size is None: size = RandNumExpo(0.05)
def __repr__(self): # type: () -> str return "<Message %s>" % " ".join( "%s=%r" % (k, v) for (k, v) in six.iteritems(self.__dict__) # noqa: E501 if not k.startswith("_"))
def _ltp_guess_payload(pkt, *args): for k, v in six.iteritems(_ltp_payload_conditions): if v(pkt): return k return conf.raw_layer
def __new__(cls, name, bases, dct): # type: (str, Tuple[Any], Dict[str, Any]) -> Type[Automaton] cls = super(Automaton_metaclass, cls).__new__( # type: ignore cls, name, bases, dct) cls.states = {} cls.recv_conditions = {} # type: Dict[str, List[_StateWrapper]] cls.conditions = {} # type: Dict[str, List[_StateWrapper]] cls.ioevents = {} # type: Dict[str, List[_StateWrapper]] cls.timeout = { } # type: Dict[str, List[Tuple[int, _StateWrapper]]] # noqa: E501 cls.actions = {} # type: Dict[str, List[_StateWrapper]] cls.initial_states = [] # type: List[_StateWrapper] cls.stop_states = [] # type: List[_StateWrapper] cls.ionames = [] cls.iosupersockets = [] members = {} classes = [cls] while classes: c = classes.pop( 0 ) # order is important to avoid breaking method overloading # noqa: E501 classes += list(c.__bases__) for k, v in six.iteritems(c.__dict__): if k not in members: members[k] = v decorated = [ v for v in six.itervalues(members) if hasattr(v, "atmt_type") ] for m in decorated: if m.atmt_type == ATMT.STATE: s = m.atmt_state cls.states[s] = m cls.recv_conditions[s] = [] cls.ioevents[s] = [] cls.conditions[s] = [] cls.timeout[s] = [] if m.atmt_initial: cls.initial_states.append(m) if m.atmt_stop: cls.stop_states.append(m) elif m.atmt_type in [ ATMT.CONDITION, ATMT.RECV, ATMT.TIMEOUT, ATMT.IOEVENT ]: # noqa: E501 cls.actions[m.atmt_condname] = [] for m in decorated: if m.atmt_type == ATMT.CONDITION: cls.conditions[m.atmt_state].append(m) elif m.atmt_type == ATMT.RECV: cls.recv_conditions[m.atmt_state].append(m) elif m.atmt_type == ATMT.IOEVENT: cls.ioevents[m.atmt_state].append(m) cls.ionames.append(m.atmt_ioname) if m.atmt_as_supersocket is not None: cls.iosupersockets.append(m) elif m.atmt_type == ATMT.TIMEOUT: cls.timeout[m.atmt_state].append((m.atmt_timeout, m)) elif m.atmt_type == ATMT.ACTION: for co in m.atmt_cond: cls.actions[co].append(m) for v in six.itervalues(cls.timeout): v.sort(key=lambda x: x[0]) v.append((None, None)) for v in itertools.chain(six.itervalues(cls.conditions), six.itervalues(cls.recv_conditions), six.itervalues(cls.ioevents)): v.sort(key=lambda x: x.atmt_prio) for condname, actlst in six.iteritems(cls.actions): actlst.sort(key=lambda x: x.atmt_cond[condname]) for ioev in cls.iosupersockets: setattr( cls, ioev.atmt_as_supersocket, _ATMT_to_supersocket(ioev.atmt_as_supersocket, ioev.atmt_ioname, cast(Type["Automaton"], cls))) # Inject signature try: import inspect cls.__signature__ = inspect.signature( cls.parse_args) # type: ignore # noqa: E501 except (ImportError, AttributeError): pass return cast(Type["Automaton"], cls)
def nmap_match_one_sig(seen, ref): cnt = sum(val in ref.get(key, "").split("|") for key, val in six.iteritems(seen)) if cnt == 0 and seen.get("Resp") == "N": return 0.7 return float(cnt) / len(seen)
def get_local_dict(cls): return { x: y.name for (x, y) in six.iteritems(cls.__dict__) if isinstance(y, File) }
def update(self, *args, **kwargs): # type: (*Dict[str, _V], **Dict[str, _V]) -> None for k, v in six.iteritems(dict(*args, **kwargs)): self[k] = v
def _FlagsList(myfields): flags = ["Reserved%02d" % i for i in range(32)] for i, value in six.iteritems(myfields): flags[i] = value return flags