FlowAnalyzer 0.2.9__py3-none-any.whl → 0.3.1__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- FlowAnalyzer/FlowAnalyzer.py +48 -29
- {FlowAnalyzer-0.2.9.dist-info → FlowAnalyzer-0.3.1.dist-info}/METADATA +1 -1
- FlowAnalyzer-0.3.1.dist-info/RECORD +8 -0
- FlowAnalyzer-0.2.9.dist-info/RECORD +0 -8
- {FlowAnalyzer-0.2.9.dist-info → FlowAnalyzer-0.3.1.dist-info}/LICENSE +0 -0
- {FlowAnalyzer-0.2.9.dist-info → FlowAnalyzer-0.3.1.dist-info}/WHEEL +0 -0
- {FlowAnalyzer-0.2.9.dist-info → FlowAnalyzer-0.3.1.dist-info}/top_level.txt +0 -0
FlowAnalyzer/FlowAnalyzer.py
CHANGED
|
@@ -13,6 +13,7 @@ from .logging_config import configure_logger
|
|
|
13
13
|
|
|
14
14
|
logger = configure_logger("FlowAnalyzer", logging.INFO)
|
|
15
15
|
|
|
16
|
+
|
|
16
17
|
class Request(NamedTuple):
|
|
17
18
|
frame_num: Optional[int]
|
|
18
19
|
header: bytes
|
|
@@ -89,12 +90,10 @@ class FlowAnalyzer:
|
|
|
89
90
|
else:
|
|
90
91
|
# exported_pdu.exported_pdu
|
|
91
92
|
full_request = packet["exported_pdu.exported_pdu"][0]
|
|
92
|
-
|
|
93
|
+
|
|
93
94
|
frame_num = int(packet["frame.number"][0]) if packet.get("frame.number") else None
|
|
94
95
|
request_in = int(packet["http.request_in"][0]) if packet.get("http.request_in") else frame_num
|
|
95
|
-
full_uri = (
|
|
96
|
-
parse.unquote(packet["http.request.full_uri"][0]) if packet.get("http.request.full_uri") else None
|
|
97
|
-
)
|
|
96
|
+
full_uri = parse.unquote(packet["http.request.full_uri"][0]) if packet.get("http.request.full_uri") else None
|
|
98
97
|
|
|
99
98
|
header, file_data = self.extract_http_file_data(full_request)
|
|
100
99
|
|
|
@@ -145,24 +144,52 @@ class FlowAnalyzer:
|
|
|
145
144
|
def extract_json_file(fileName: str, display_filter: str, tshark_workDir: str) -> None:
|
|
146
145
|
# sourcery skip: replace-interpolation-with-fstring, use-fstring-for-formatting
|
|
147
146
|
# tshark -r {} -Y "{}" -T json -e http.request_number -e http.response_number -e http.request_in -e tcp.reassembled.data -e frame.number -e tcp.payload -e frame.time_epoch -e http.request.full_uri > output.json
|
|
148
|
-
|
|
149
|
-
|
|
150
|
-
|
|
151
|
-
|
|
152
|
-
|
|
153
|
-
|
|
154
|
-
|
|
155
|
-
|
|
156
|
-
|
|
157
|
-
|
|
158
|
-
|
|
159
|
-
|
|
160
|
-
|
|
161
|
-
|
|
147
|
+
|
|
148
|
+
command = [
|
|
149
|
+
"tshark",
|
|
150
|
+
"-r",
|
|
151
|
+
fileName,
|
|
152
|
+
"-Y",
|
|
153
|
+
f"(tcp.reassembled_in) or ({display_filter})",
|
|
154
|
+
"-T",
|
|
155
|
+
"json",
|
|
156
|
+
"-e",
|
|
157
|
+
"http.request_number",
|
|
158
|
+
"-e",
|
|
159
|
+
"http.response_number",
|
|
160
|
+
"-e",
|
|
161
|
+
"http.request_in",
|
|
162
|
+
"-e",
|
|
163
|
+
"tcp.reassembled.data",
|
|
164
|
+
"-e",
|
|
165
|
+
"frame.number",
|
|
166
|
+
"-e",
|
|
167
|
+
"tcp.payload",
|
|
168
|
+
"-e",
|
|
169
|
+
"frame.time_epoch",
|
|
170
|
+
"-e",
|
|
171
|
+
"exported_pdu.exported_pdu",
|
|
172
|
+
"-e",
|
|
173
|
+
"http.request.full_uri" ">",
|
|
174
|
+
"output.json",
|
|
175
|
+
]
|
|
176
|
+
|
|
162
177
|
_, stderr = subprocess.Popen(command, shell=True, stdout=subprocess.PIPE, stderr=subprocess.PIPE, cwd=tshark_workDir).communicate()
|
|
163
178
|
if stderr != b"" and b"WARNING" not in stderr:
|
|
164
179
|
print(f"[Waring/Error]: {stderr}")
|
|
165
180
|
|
|
181
|
+
@staticmethod
|
|
182
|
+
def move_and_addMD5Sum(tshark_jsonPath: str, jsonWordPath: str, MD5Sum: str) -> None:
|
|
183
|
+
if tshark_jsonPath != jsonWordPath:
|
|
184
|
+
shutil.move(tshark_jsonPath, jsonWordPath)
|
|
185
|
+
|
|
186
|
+
with open(jsonWordPath, "r", encoding="utf-8") as f:
|
|
187
|
+
data = json.load(f)
|
|
188
|
+
data[0]["MD5Sum"] = MD5Sum
|
|
189
|
+
|
|
190
|
+
with open(jsonWordPath, "w", encoding="utf-8") as f:
|
|
191
|
+
json.dump(data, f, indent=2)
|
|
192
|
+
|
|
166
193
|
@staticmethod
|
|
167
194
|
def get_json_data(filePath: str, display_filter: str) -> str:
|
|
168
195
|
# sourcery skip: replace-interpolation-with-fstring
|
|
@@ -193,20 +220,12 @@ class FlowAnalyzer:
|
|
|
193
220
|
if os.path.exists(jsonWordPath):
|
|
194
221
|
with open(jsonWordPath, "r", encoding="utf-8") as f:
|
|
195
222
|
data = json.load(f)
|
|
196
|
-
if data[0].get(
|
|
223
|
+
if data[0].get("MD5Sum") == MD5Sum:
|
|
197
224
|
logger.debug("匹配HASH校验无误,自动返回Json文件路径!")
|
|
198
225
|
return jsonWordPath
|
|
199
|
-
FlowAnalyzer.extract_json_file(fileName, display_filter, tshark_workDir)
|
|
200
226
|
|
|
201
|
-
|
|
202
|
-
|
|
203
|
-
|
|
204
|
-
with open(jsonWordPath, "r", encoding="utf-8") as f:
|
|
205
|
-
data = json.load(f)
|
|
206
|
-
data[0]['MD5Sum'] = MD5Sum
|
|
207
|
-
|
|
208
|
-
with open(jsonWordPath, "w", encoding="utf-8") as f:
|
|
209
|
-
json.dump(data, f, indent=2)
|
|
227
|
+
FlowAnalyzer.extract_json_file(fileName, display_filter, tshark_workDir)
|
|
228
|
+
FlowAnalyzer.move_and_addMD5Sum(tshark_jsonPath, jsonWordPath, MD5Sum)
|
|
210
229
|
return jsonWordPath
|
|
211
230
|
|
|
212
231
|
def Split_HTTP_headers(self, file_data: bytes) -> Tuple[bytes, bytes]:
|
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
FlowAnalyzer/FlowAnalyzer.py,sha256=aTrTmIbajG8EqiyDnVTFnuhvL32uIHNzgtHzMs8Bs_U,10695
|
|
2
|
+
FlowAnalyzer/__init__.py,sha256=vfiHONPTrvjUU3MwhjFOEo3sWfzlhkA6gOLn_4UJ7sg,70
|
|
3
|
+
FlowAnalyzer/logging_config.py,sha256=e-73IByM1TuE2G1isOBvtIcr9XztWqPkGN-VsNEFbvY,671
|
|
4
|
+
FlowAnalyzer-0.3.1.dist-info/LICENSE,sha256=ybAV0ECduYBZCpjkHyNALVWRRmT_eM0BDgqUszhwEFU,1080
|
|
5
|
+
FlowAnalyzer-0.3.1.dist-info/METADATA,sha256=wR3Rq7muUriFb3zb5lqgJ7f63ns_RYRfVvn_NzPtATY,10302
|
|
6
|
+
FlowAnalyzer-0.3.1.dist-info/WHEEL,sha256=pkctZYzUS4AYVn6dJ-7367OJZivF2e8RA9b_ZBjif18,92
|
|
7
|
+
FlowAnalyzer-0.3.1.dist-info/top_level.txt,sha256=2MtvAF6dEe_eHipw_6G5pFLb2uOCbGnlH0bC4iBtm5A,13
|
|
8
|
+
FlowAnalyzer-0.3.1.dist-info/RECORD,,
|
|
@@ -1,8 +0,0 @@
|
|
|
1
|
-
FlowAnalyzer/FlowAnalyzer.py,sha256=DjZFYHsI84E_wFJ3aoXttsBgRhLg1i7WP1jfKw46Z3E,10350
|
|
2
|
-
FlowAnalyzer/__init__.py,sha256=vfiHONPTrvjUU3MwhjFOEo3sWfzlhkA6gOLn_4UJ7sg,70
|
|
3
|
-
FlowAnalyzer/logging_config.py,sha256=e-73IByM1TuE2G1isOBvtIcr9XztWqPkGN-VsNEFbvY,671
|
|
4
|
-
FlowAnalyzer-0.2.9.dist-info/LICENSE,sha256=ybAV0ECduYBZCpjkHyNALVWRRmT_eM0BDgqUszhwEFU,1080
|
|
5
|
-
FlowAnalyzer-0.2.9.dist-info/METADATA,sha256=GfmORi_8E-2jABeKp1L1qk53fUZ8_99SASa9RLKokpg,10302
|
|
6
|
-
FlowAnalyzer-0.2.9.dist-info/WHEEL,sha256=pkctZYzUS4AYVn6dJ-7367OJZivF2e8RA9b_ZBjif18,92
|
|
7
|
-
FlowAnalyzer-0.2.9.dist-info/top_level.txt,sha256=2MtvAF6dEe_eHipw_6G5pFLb2uOCbGnlH0bC4iBtm5A,13
|
|
8
|
-
FlowAnalyzer-0.2.9.dist-info/RECORD,,
|
|
File without changes
|
|
File without changes
|
|
File without changes
|