FlowAnalyzer 0.3.5__py3-none-any.whl → 0.3.6__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- FlowAnalyzer/FlowAnalyzer.py +8 -5
- {FlowAnalyzer-0.3.5.dist-info → FlowAnalyzer-0.3.6.dist-info}/METADATA +19 -9
- FlowAnalyzer-0.3.6.dist-info/RECORD +9 -0
- FlowAnalyzer-0.3.5.dist-info/RECORD +0 -9
- {FlowAnalyzer-0.3.5.dist-info → FlowAnalyzer-0.3.6.dist-info}/LICENSE +0 -0
- {FlowAnalyzer-0.3.5.dist-info → FlowAnalyzer-0.3.6.dist-info}/WHEEL +0 -0
- {FlowAnalyzer-0.3.5.dist-info → FlowAnalyzer-0.3.6.dist-info}/top_level.txt +0 -0
FlowAnalyzer/FlowAnalyzer.py
CHANGED
|
@@ -217,11 +217,14 @@ class FlowAnalyzer:
|
|
|
217
217
|
fileName = os.path.basename(filePath)
|
|
218
218
|
|
|
219
219
|
if os.path.exists(jsonWordPath):
|
|
220
|
-
|
|
221
|
-
|
|
222
|
-
|
|
223
|
-
|
|
224
|
-
|
|
220
|
+
try:
|
|
221
|
+
with open(jsonWordPath, "r", encoding="utf-8") as f:
|
|
222
|
+
data = json.load(f)
|
|
223
|
+
if data[0].get("MD5Sum") == MD5Sum:
|
|
224
|
+
logger.debug("匹配HASH校验无误,自动返回Json文件路径!")
|
|
225
|
+
return jsonWordPath
|
|
226
|
+
except Exception:
|
|
227
|
+
logger.debug("默认的Json文件无法被正常解析, 正在重新生成josn文件中")
|
|
225
228
|
|
|
226
229
|
tshark_path = FlowAnalyzer.get_tshark_path(tshark_path)
|
|
227
230
|
FlowAnalyzer.extract_json_file(fileName, display_filter, tshark_workDir, tshark_path)
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
Metadata-Version: 2.1
|
|
2
2
|
Name: FlowAnalyzer
|
|
3
|
-
Version: 0.3.
|
|
3
|
+
Version: 0.3.6
|
|
4
4
|
Summary: FlowAnalyzer是一个流量分析器,用于解析和处理tshark导出的JSON数据文件
|
|
5
5
|
Home-page: https://github.com/Byxs20/FlowAnalyzer
|
|
6
6
|
Author: Byxs20
|
|
@@ -18,9 +18,9 @@ License-File: LICENSE
|
|
|
18
18
|
|
|
19
19
|
# FlowAnalyzer
|
|
20
20
|
|
|
21
|
-
#
|
|
21
|
+
# 安装
|
|
22
22
|
|
|
23
|
-
|
|
23
|
+
使用 `pip` 安装:
|
|
24
24
|
|
|
25
25
|
```
|
|
26
26
|
pip3 install FlowAnalyzer
|
|
@@ -30,15 +30,26 @@ pip3 install FlowAnalyzer
|
|
|
30
30
|
pip3 install FlowAnalyzer -i https://pypi.org/simple
|
|
31
31
|
```
|
|
32
32
|
|
|
33
|
-
#
|
|
33
|
+
# 快速上手
|
|
34
34
|
|
|
35
|
-
|
|
35
|
+
如果您安装 `WireShark` 没有修改安装目录,默认 `tshark` 路径会如下:
|
|
36
|
+
|
|
37
|
+
```python
|
|
38
|
+
# windows
|
|
39
|
+
tshark_path = r"C:\Program Files\Wireshark\tshark.exe"
|
|
40
|
+
```
|
|
41
|
+
|
|
42
|
+
您确定路径没有问题,那也无需任何配置即可使用!
|
|
43
|
+
|
|
44
|
+
否则,您需要修改 `python安装目录\Lib\site- packages\FlowAnalyzer\Path.py` 中的变量 `tshark_path` 改为您的安装目录
|
|
36
45
|
|
|
37
46
|
```
|
|
38
47
|
$ git clone https://github.com/Byxs20/FlowAnalyzer.git
|
|
39
48
|
$ cd ./FlowAnalyzer/
|
|
40
49
|
```
|
|
41
50
|
|
|
51
|
+
使用 `python3 .\tests\demo.py` 看是否能输出正确的运行结果,测试代码如下:
|
|
52
|
+
|
|
42
53
|
```python
|
|
43
54
|
# sourcery skip: use-fstring-for-formatting
|
|
44
55
|
import os
|
|
@@ -63,17 +74,16 @@ for count, http in enumerate(FlowAnalyzer(jsonPath).generate_http_dict_pairs(),
|
|
|
63
74
|
print("序号: {}请求包, 请求头: {}, 文件: {}, 时间: {}".format(response_num, header, file_data, time_epoch))
|
|
64
75
|
```
|
|
65
76
|
|
|
77
|
+
运行结果:
|
|
78
|
+
|
|
66
79
|
```
|
|
67
|
-
$ python3 .\tests\demo.py
|
|
68
80
|
[+] 正在处理第1个HTTP流!
|
|
69
81
|
序号: 2请求包, 请求头: b'POST /upload/php_eval_xor_base64.php HTTP/1.1\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:84.0) Gecko/20100101 Firefox/84.0\r\nCookie: PHPSESSID=s9ocgt7via0goppc2f8ev033e3;\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\r\nAccept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2\r\nHost: 192.168.225.129\r\nConnection: keep-alive\r\nContent-type: application/x-www-form-urlencoded\r\nContent-Length: 1403', 文件: b'pass=eval%28base64_decode%28strrev%28urldecode%28%27K0QfK0QfgACIgoQD9BCIgACIgACIK0wOpkXZrRCLhRXYkRCKlR2bj5WZ90VZtFmTkF2bslXYwRyWO9USTNVRT9FJgACIgACIgACIgACIK0wepU2csFmZ90TIpIybm5WSzNWazFmQ0V2ZiwSY0FGZkgycvBnc0NHKgYWagACIgACIgAiCNsXZzxWZ9BCIgAiCNsTK2EDLpkXZrRiLzNXYwRCK1QWboIHdzJWdzByboNWZgACIgACIgAiCNsTKpkXZrRCLpEGdhRGJo4WdyBEKlR2bj5WZoUGZvNmbl9FN2U2chJGIvh2YlBCIgACIgACIK0wOpYTMsADLpkXZrRiLzNXYwRCK1QWboIHdzJWdzByboNWZgACIgACIgAiCNsTKkF2bslXYwRCKsFmdllQCK0QfgACIgACIgAiCNsTK5V2akwCZh9Gb5FGckgSZk92YuVWPkF2bslXYwRCIgACIgACIgACIgAiCNsXKlNHbhZWP90TKi8mZul0cjl2chJEdldmIsQWYvxWehBHJoM3bwJHdzhCImlGIgACIgACIgoQD7kSeltGJs0VZtFmTkF2bslXYwRyWO9USTNVRT9FJoUGZvNmbl1DZh9Gb5FGckACIgACIgACIK0wepkSXl1WYORWYvxWehBHJb50TJN1UFN1XkgCdlN3cphCImlGIgACIK0wOpkXZrRCLp01czFGcksFVT9EUfRCKlR2bjVGZfRjNlNXYihSZk92YuVWPhRXYkRCIgACIK0wepkSXzNXYwRyWUN1TQ9FJoQXZzNXaoAiZppQD7cSY0IjM1EzY5EGOiBTZ2M2Mn0TeltGJK0wOnQWYvxWehB3J9UWbh5EZh9Gb5FGckoQD7cSelt2J9M3chBHJK0QfK0wOERCIuJXd0VmcgACIgoQD9BCIgAiCNszYk4VXpRyWERCI9ASXpRyWERCIgACIgACIgoQD70VNxYSMrkGJbtEJg0DIjRCIgACIgACIgoQD7BSKrsSaksTKERCKuVGbyR3c8kGJ7ATPpRCKy9mZgACIgoQD7lySkwCRkgSZk92YuVGIu9Wa0Nmb1ZmCNsTKwgyZulGdy9GclJ3Xy9mcyVGQK0wOpADK0lWbpx2Xl1Wa09FdlNHQK0wOpgCdyFGdz9lbvl2czV2cApQD%27%29%29%29%29%3B&key=fL1tMGI4YTljMX78f8Wo%2FyhTF1YCWEn3M%2BF4ZGJ%2BL2Iz5EofTe8udar8%2BTGDwKtg8LxWYhFKlauQQtYfPnQDdprPQMrHPVjA6hjPeOQNpHlpcBNa5IHIHHrIHEy7jch%2Fv3Z2Y0lq8qSQQkYhwWZhxVpNq1liOGE%3D', 时间: 1682596262.982344
|
|
70
82
|
序号: 3请求包, 请求头: b'HTTP/1.1 200 OK\r\nServer: openresty/1.15.8.1\r\nDate: Thu, 27 Apr 2023 11:51:02 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.5.38\r\nSet-Cookie: PHPSESSID=s9ocgt7via0goppc2f8ev033e3; path=/\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nPragma: no-cache', 文件: b'70\r\n72a9c691ccdaab98fL1tMGI4YTljMh76GrwuHij67J+qF+t2KR17BwHlSvtL1mdSPnoksIZRS0N0Xi89+zNlNaUo+3xjMTU=b4c4e1f6ddd2a488\r\n0\r\n\r\n', 时间: 1682596262.992406
|
|
71
83
|
[+] 正在处理第2个HTTP流!
|
|
72
84
|
序号: 5请求包, 请求头: b'POST /upload/php_eval_xor_base64.php HTTP/1.1\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:84.0) Gecko/20100101 Firefox/84.0\r\nCookie: PHPSESSID=s9ocgt7via0goppc2f8ev033e3;\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\r\nAccept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2\r\nHost: 192.168.225.129\r\nConnection: keep-alive\r\nContent-type: application/x-www-form-urlencoded\r\nContent-Length: 1409', 文件: b'pass=eval%28base64_decode%28strrev%28urldecode%28%27K0QfK0QfgACIgoQD9BCIgACIgACIK0wOpkXZrRCLhRXYkRCKlR2bj5WZ90VZtFmTkF2bslXYwRyWO9USTNVRT9FJgACIgACIgACIgACIK0wepU2csFmZ90TIpIybm5WSzNWazFmQ0V2ZiwSY0FGZkgycvBnc0NHKgYWagACIgACIgAiCNsXZzxWZ9BCIgAiCNsTK2EDLpkXZrRiLzNXYwRCK1QWboIHdzJWdzByboNWZgACIgACIgAiCNsTKpkXZrRCLpEGdhRGJo4WdyBEKlR2bj5WZoUGZvNmbl9FN2U2chJGIvh2YlBCIgACIgACIK0wOpYTMsADLpkXZrRiLzNXYwRCK1QWboIHdzJWdzByboNWZgACIgACIgAiCNsTKkF2bslXYwRCKsFmdllQCK0QfgACIgACIgAiCNsTK5V2akwCZh9Gb5FGckgSZk92YuVWPkF2bslXYwRCIgACIgACIgACIgAiCNsXKlNHbhZWP90TKi8mZul0cjl2chJEdldmIsQWYvxWehBHJoM3bwJHdzhCImlGIgACIgACIgoQD7kSeltGJs0VZtFmTkF2bslXYwRyWO9USTNVRT9FJoUGZvNmbl1DZh9Gb5FGckACIgACIgACIK0wepkSXl1WYORWYvxWehBHJb50TJN1UFN1XkgCdlN3cphCImlGIgACIK0wOpkXZrRCLp01czFGcksFVT9EUfRCKlR2bjVGZfRjNlNXYihSZk92YuVWPhRXYkRCIgACIK0wepkSXzNXYwRyWUN1TQ9FJoQXZzNXaoAiZppQD7cSY0IjM1EzY5EGOiBTZ2M2Mn0TeltGJK0wOnQWYvxWehB3J9UWbh5EZh9Gb5FGckoQD7cSelt2J9M3chBHJK0QfK0wOERCIuJXd0VmcgACIgoQD9BCIgAiCNszYk4VXpRyWERCI9ASXpRyWERCIgACIgACIgoQD70VNxYSMrkGJbtEJg0DIjRCIgACIgACIgoQD7BSKrsSaksTKERCKuVGbyR3c8kGJ7ATPpRCKy9mZgACIgoQD7lySkwCRkgSZk92YuVGIu9Wa0Nmb1ZmCNsTKwgyZulGdy9GclJ3Xy9mcyVGQK0wOpADK0lWbpx2Xl1Wa09FdlNHQK0wOpgCdyFGdz9lbvl2czV2cApQD%27%29%29%29%29%3B&key=fL1tMGI4YTljMX78f8Wo%2FyhTF1cCWEn3M%2BF4ZGJ%2BL2Iz5EofTe8udar8%2BTGDwKtg8LxWYhFKlauQQtYfPnQDdprPQMrHPVjA6hjPeOTReMrqj%2Fx6aH4XU%2BWInBcrzUhN6o%2FMfL54MmpIY6avwUcSIJBkZUuq7rVUYzE1', 时间: 1682596266.652869
|
|
73
85
|
序号: 6请求包, 请求头: b'HTTP/1.1 200 OK\r\nServer: openresty/1.15.8.1\r\nDate: Thu, 27 Apr 2023 11:51:06 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.5.38\r\nSet-Cookie: PHPSESSID=s9ocgt7via0goppc2f8ev033e3; path=/\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nPragma: no-cache', 文件: b'40\r\n72a9c691ccdaab98fL1tMGI4YTljMh4dHdNjM6AJ3DZmOGE5b4c4e1f6ddd2a488\r\n0\r\n\r\n', 时间: 1682596266.661427
|
|
74
|
-
|
|
75
|
-
序号: 8请求包, 请求头: b'POST /upload/php_eval_xor_base64.php HTTP/1.1\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:84.0) Gecko/20100101 Firefox/84.0\r\nCookie: PHPSESSID=s9ocgt7via0goppc2f8ev033e3;\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8\r\nAccept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2\r\nHost: 192.168.225.129\r\nConnection: keep-alive\r\nContent-type: application/x-www-form-urlencoded\r\nContent-Length: 1427', 文件: b'pass=eval%28base64_decode%28strrev%28urldecode%28%27K0QfK0QfgACIgoQD9BCIgACIgACIK0wOpkXZrRCLhRXYkRCKlR2bj5WZ90VZtFmTkF2bslXYwRyWO9USTNVRT9FJgACIgACIgACIgACIK0wepU2csFmZ90TIpIybm5WSzNWazFmQ0V2ZiwSY0FGZkgycvBnc0NHKgYWagACIgACIgAiCNsXZzxWZ9BCIgAiCNsTK2EDLpkXZrRiLzNXYwRCK1QWboIHdzJWdzByboNWZgACIgACIgAiCNsTKpkXZrRCLpEGdhRGJo4WdyBEKlR2bj5WZoUGZvNmbl9FN2U2chJGIvh2YlBCIgACIgACIK0wOpYTMsADLpkXZrRiLzNXYwRCK1QWboIHdzJWdzByboNWZgACIgACIgAiCNsTKkF2bslXYwRCKsFmdllQCK0QfgACIgACIgAiCNsTK5V2akwCZh9Gb5FGckgSZk92YuVWPkF2bslXYwRCIgACIgACIgACIgAiCNsXKlNHbhZWP90TKi8mZul0cjl2chJEdldmIsQWYvxWehBHJoM3bwJHdzhCImlGIgACIgACIgoQD7kSeltGJs0VZtFmTkF2bslXYwRyWO9USTNVRT9FJoUGZvNmbl1DZh9Gb5FGckACIgACIgACIK0wepkSXl1WYORWYvxWehBHJb50TJN1UFN1XkgCdlN3cphCImlGIgACIK0wOpkXZrRCLp01czFGcksFVT9EUfRCKlR2bjVGZfRjNlNXYihSZk92YuVWPhRXYkRCIgACIK0wepkSXzNXYwRyWUN1TQ9FJoQXZzNXaoAiZppQD7cSY0IjM1EzY5EGOiBTZ2M2Mn0TeltGJK0wOnQWYvxWehB3J9UWbh5EZh9Gb5FGckoQD7cSelt2J9M3chBHJK0QfK0wOERCIuJXd0VmcgACIgoQD9BCIgAiCNszYk4VXpRyWERCI9ASXpRyWERCIgACIgACIgoQD70VNxYSMrkGJbtEJg0DIjRCIgACIgACIgoQD7BSKrsSaksTKERCKuVGbyR3c8kGJ7ATPpRCKy9mZgACIgoQD7lySkwCRkgSZk92YuVGIu9Wa0Nmb1ZmCNsTKwgyZulGdy9GclJ3Xy9mcyVGQK0wOpADK0lWbpx2Xl1Wa09FdlNHQK0wOpgCdyFGdz9lbvl2czV2cApQD%27%29%29%29%29%3B&key=fL1tMGI4YTljMX78f8Wo%2FyhTL1ACWEn3M%2BF4ZGJ%2BL2Iz5EofTe8udar8%2BTGDwKtg8LxWYhFKlauQQtYfPnQDdprPQMrHPVjA6hjPeOSdqCqaPC9ZW7GI7C2kIPd0MqlXzqT3svOl%2B1gNW3x0TL4%2BUQ0cdgeygrWzt1XSzu7opY93Nvl1tILnOWMx', 时间: 1682596308.573707
|
|
76
|
-
序号: 9请求包, 请求头: b'HTTP/1.1 200 OK\r\nServer: openresty/1.15.8.1\r\nDate: Thu, 27 Apr 2023 11:51:48 GMT\r\nContent-Type: text/html\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nX-Powered-By: PHP/5.5.38\r\nSet-Cookie: PHPSESSID=s9ocgt7via0goppc2f8ev033e3; path=/\r\nExpires: Thu, 19 Nov 1981 08:52:00 GMT\r\nCache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r\nPragma: no-cache', 文件: b'50\r\n72a9c691ccdaab98fL1tMGI4YTljMn75e3jORcmaTQZQeEdS2jE3TKPMeDNjNg==b4c4e1f6ddd2a488\r\n0\r\n\r\n', 时间: 1682596308.582312
|
|
86
|
+
...
|
|
77
87
|
```
|
|
78
88
|
|
|
79
89
|
# Contributing
|
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
FlowAnalyzer/FlowAnalyzer.py,sha256=SqNqI0aWJRCnobicnca1lXXvhSv7wq2fZKgBkBGGlMo,12077
|
|
2
|
+
FlowAnalyzer/Path.py,sha256=E5VvucTftp8VTQUffFzFWHotQEYtZL-j7IQPOaleiug,130
|
|
3
|
+
FlowAnalyzer/__init__.py,sha256=vfiHONPTrvjUU3MwhjFOEo3sWfzlhkA6gOLn_4UJ7sg,70
|
|
4
|
+
FlowAnalyzer/logging_config.py,sha256=-RntNJhrBiW7ToXIP1WJjZ4Yf9jmZQ1PTX_er3tDxhw,730
|
|
5
|
+
FlowAnalyzer-0.3.6.dist-info/LICENSE,sha256=ybAV0ECduYBZCpjkHyNALVWRRmT_eM0BDgqUszhwEFU,1080
|
|
6
|
+
FlowAnalyzer-0.3.6.dist-info/METADATA,sha256=Wc_cJNb6hYf9xNbLmefwWxqJU2joVbG_0XSss8ZVdCI,8103
|
|
7
|
+
FlowAnalyzer-0.3.6.dist-info/WHEEL,sha256=R0nc6qTxuoLk7ShA2_Y-UWkN8ZdfDBG2B6Eqpz2WXbs,91
|
|
8
|
+
FlowAnalyzer-0.3.6.dist-info/top_level.txt,sha256=2MtvAF6dEe_eHipw_6G5pFLb2uOCbGnlH0bC4iBtm5A,13
|
|
9
|
+
FlowAnalyzer-0.3.6.dist-info/RECORD,,
|
|
@@ -1,9 +0,0 @@
|
|
|
1
|
-
FlowAnalyzer/FlowAnalyzer.py,sha256=O5DAdxJl62gQeDWvrfXcUrwx0Y921w6z44XvSNO-el4,11889
|
|
2
|
-
FlowAnalyzer/Path.py,sha256=E5VvucTftp8VTQUffFzFWHotQEYtZL-j7IQPOaleiug,130
|
|
3
|
-
FlowAnalyzer/__init__.py,sha256=vfiHONPTrvjUU3MwhjFOEo3sWfzlhkA6gOLn_4UJ7sg,70
|
|
4
|
-
FlowAnalyzer/logging_config.py,sha256=-RntNJhrBiW7ToXIP1WJjZ4Yf9jmZQ1PTX_er3tDxhw,730
|
|
5
|
-
FlowAnalyzer-0.3.5.dist-info/LICENSE,sha256=ybAV0ECduYBZCpjkHyNALVWRRmT_eM0BDgqUszhwEFU,1080
|
|
6
|
-
FlowAnalyzer-0.3.5.dist-info/METADATA,sha256=KIwesNmg_yN7DRPWbv49jw2DaYRJIZW_BeL0BoQoTwA,10288
|
|
7
|
-
FlowAnalyzer-0.3.5.dist-info/WHEEL,sha256=R0nc6qTxuoLk7ShA2_Y-UWkN8ZdfDBG2B6Eqpz2WXbs,91
|
|
8
|
-
FlowAnalyzer-0.3.5.dist-info/top_level.txt,sha256=2MtvAF6dEe_eHipw_6G5pFLb2uOCbGnlH0bC4iBtm5A,13
|
|
9
|
-
FlowAnalyzer-0.3.5.dist-info/RECORD,,
|
|
File without changes
|
|
File without changes
|
|
File without changes
|