PyPI - xbase-util - Versions diffs - 0.4.7__tar.gz → 0.4.9__tar.gz - Mend

xbase-util 0.4.7tar.gz → 0.4.9tar.gz

Files changed (34) hide show

{xbase_util-0.4.7 → xbase_util-0.4.9}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: xbase_util
-Version: 0.4.7
+Version: 0.4.9
 Summary: 网络安全基础工具
 Home-page: https://gitee.com/jimonik/xbase_util.git
 Author: xyt

{xbase_util-0.4.7 → xbase_util-0.4.9}/setup.py RENAMED Viewed

@@ -3,7 +3,7 @@ from distutils.core import setup
 from setuptools import find_packages
 setup(name="xbase_util",
-      version="0.4.7",
+      version="0.4.9",
       description="网络安全基础工具",
       long_description="包含提取，预测，训练的基础工具",
       author="xyt",

{xbase_util-0.4.7 → xbase_util-0.4.9}/xbase_util/packet_util.py RENAMED Viewed

@@ -59,12 +59,10 @@ def get_all_columns(
 def get_all_packets_by_reg(packets):
-    req_pattern = re.compile(r"(GET|POST|HEAD|PUT|DELETE|OPTIONS|PATCH) \/[^\s]* HTTP\/\d\.\d[\s\S]*?\r\n\r\n",
-                             re.DOTALL)
+    req_pattern = re.compile(r"(GET|POST|HEAD|PUT|DELETE|OPTIONS|PATCH) \/[^\s]* HTTP\/\d\.\d[\s\S]*?\r\n\r\n",re.DOTALL)
     req_res_pattern = re.compile(
-        r"(GET|POST|HEAD|PUT|DELETE|OPTIONS|PATCH) \/[^\s]* HTTP\/\d\.\d[\s\S]*?(?=HTTP/\d\.\d \d{3} [a-zA-Z]+|$)",
-        re.DOTALL)
-    res_pattern = re.compile(r"HTTP/\d\.\d \d{3} [a-zA-Z]+.*", re.DOTALL)
+        r"(GET|POST|HEAD|PUT|DELETE|OPTIONS|PATCH) \/[^\s]* HTTP\/\d\.\d[\s\S]*?(?=HTTP/\d\.\d \d{3} [a-zA-Z]+|$)",re.DOTALL)
+    res_pattern = re.compile(r"HTTP/\d\.\d \d{3} [a-zA-Z]+.*",re.DOTALL)
     tcp_packet_map = {}
     for packet in packets:
         if packet.haslayer(TCP) and packet.haslayer(Raw):
@@ -97,6 +95,7 @@ def get_all_packets_by_reg(packets):
         next_ack = f"{data_set['last_len'] + data_set['last_seq']}"
         packet_data = data_set['data']
         request_time = data_set['time']
+        response_time=[]
         req_len = len(packet_data)
         res_len = 0
         while True:
@@ -111,15 +110,18 @@ def get_all_packets_by_reg(packets):
             res_match = re.search(res_pattern, filter_visible_chars(new_packet['data']))
             if res_match is None:
                 req_len += len(new_packet['data'])
+                request_time += new_packet['time']
             else:
                 print("匹配到响应")
                 res_len += len(new_packet['data'])
+                response_time += new_packet['time']
             # 判断新的包是不是第二个请求包
             if re.search(req_pattern, new_packet['data'].decode("utf-8", errors="ignore")):
                 print("这个包是个新的请求包的开头，停止查找")
                 break
             packet_data += new_packet['data']
-            request_time += new_packet['time']
+            # request_time += new_packet['time']
             next_ack = f"{new_packet['last_len'] + new_packet['last_seq']}"
         map = {}
         data = filter_visible_chars(packet_data)
@@ -130,15 +132,15 @@ def get_all_packets_by_reg(packets):
         map['data'] = packet_data
         map['req_len'] = req_len
         map['res_len'] = res_len
-        map['time'] = request_time
+        map['request_time'] = request_time
+        map['response_time'] = response_time
         map['req'] = match_req.group() if match_req is not None else ""
         map['res'] = match_res.group() if match_res is not None else ""
         packet_list.append(map)
     return packet_list
-def get_body(param, is_src):
-    body = param.split("\r\n\r\n")[1].strip()
+def get_body(param):
+    body = "".join([item.strip() for item in param.split("\r\n\r\n") if item.strip() != "" and "HTTP/" not in param])
     return "" if body is None else body
@@ -186,9 +188,9 @@ def get_detail_by_package(packets_from_pcap, publicField, use_regx):
         res_field['plain_body_src'] = ""
         res_field['plain_body_dst'] = ""
         if content_type_is_plain(req):
-            res_field['plain_body_src'] = get_body(req, is_src=True)
+            res_field['plain_body_src'] = get_body(req)
         if content_type_is_plain(res):
-            res_field['plain_body_dst'] = get_body(res, is_src=False)
+            res_field['plain_body_dst'] = get_body(res)
     response_lines = res.strip().split("\n")
     http_response_lines = [item for item in response_lines if "HTTP" in item]

{xbase_util-0.4.7 → xbase_util-0.4.9}/xbase_util.egg-info/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: xbase-util
-Version: 0.4.7
+Version: 0.4.9
 Summary: 网络安全基础工具
 Home-page: https://gitee.com/jimonik/xbase_util.git
 Author: xyt

{xbase_util-0.4.7 → xbase_util-0.4.9}/README.md RENAMED Viewed

File without changes

{xbase_util-0.4.7 → xbase_util-0.4.9}/setup.cfg RENAMED Viewed

File without changes

{xbase_util-0.4.7 → xbase_util-0.4.9}/xbase_util/__init__.py RENAMED Viewed

File without changes

{xbase_util-0.4.7 → xbase_util-0.4.9}/xbase_util/add_column_util.py RENAMED Viewed

File without changes

{xbase_util-0.4.7 → xbase_util-0.4.9}/xbase_util/dangerous_util.py RENAMED Viewed

File without changes

{xbase_util-0.4.7 → xbase_util-0.4.9}/xbase_util/db/__init__.py RENAMED Viewed

File without changes

{xbase_util-0.4.7 → xbase_util-0.4.9}/xbase_util/db/bean/ConfigBean.py RENAMED Viewed

File without changes

{xbase_util-0.4.7 → xbase_util-0.4.9}/xbase_util/db/bean/CurrentConfigBean.py RENAMED Viewed

File without changes

{xbase_util-0.4.7 → xbase_util-0.4.9}/xbase_util/db/bean/FlowBean.py RENAMED Viewed

File without changes

{xbase_util-0.4.7 → xbase_util-0.4.9}/xbase_util/db/bean/TaskTemplateBean.py RENAMED Viewed

File without changes

{xbase_util-0.4.7 → xbase_util-0.4.9}/xbase_util/db/bean/__init__.py RENAMED Viewed

File without changes

{xbase_util-0.4.7 → xbase_util-0.4.9}/xbase_util/db/dao/ConfigDao.py RENAMED Viewed

File without changes

{xbase_util-0.4.7 → xbase_util-0.4.9}/xbase_util/db/dao/CurrentConfigDao.py RENAMED Viewed

File without changes

{xbase_util-0.4.7 → xbase_util-0.4.9}/xbase_util/db/dao/FlowDao.py RENAMED Viewed

File without changes

{xbase_util-0.4.7 → xbase_util-0.4.9}/xbase_util/db/dao/TaskTemplateDao.py RENAMED Viewed

File without changes

{xbase_util-0.4.7 → xbase_util-0.4.9}/xbase_util/db/dao/__init__.py RENAMED Viewed

File without changes

{xbase_util-0.4.7 → xbase_util-0.4.9}/xbase_util/db/initsqlite3.py RENAMED Viewed

File without changes

{xbase_util-0.4.7 → xbase_util-0.4.9}/xbase_util/es_db_util.py RENAMED Viewed

File without changes

{xbase_util-0.4.7 → xbase_util-0.4.9}/xbase_util/esreq.py RENAMED Viewed

File without changes

{xbase_util-0.4.7 → xbase_util-0.4.9}/xbase_util/geo_util.py RENAMED Viewed

File without changes

{xbase_util-0.4.7 → xbase_util-0.4.9}/xbase_util/handle_features_util.py RENAMED Viewed

File without changes

{xbase_util-0.4.7 → xbase_util-0.4.9}/xbase_util/pcap_util.py RENAMED Viewed

File without changes

{xbase_util-0.4.7 → xbase_util-0.4.9}/xbase_util/xbase_constant.py RENAMED Viewed

File without changes

{xbase_util-0.4.7 → xbase_util-0.4.9}/xbase_util/xbase_util.py RENAMED Viewed

File without changes

{xbase_util-0.4.7 → xbase_util-0.4.9}/xbase_util.egg-info/SOURCES.txt RENAMED Viewed

File without changes

{xbase_util-0.4.7 → xbase_util-0.4.9}/xbase_util.egg-info/dependency_links.txt RENAMED Viewed

File without changes

{xbase_util-0.4.7 → xbase_util-0.4.9}/xbase_util.egg-info/not-zip-safe RENAMED Viewed

File without changes

{xbase_util-0.4.7 → xbase_util-0.4.9}/xbase_util.egg-info/top_level.txt RENAMED Viewed

File without changes

{xbase_util-0.4.7 → xbase_util-0.4.9}/xbase_util_assets/GeoLite2-City.mmdb RENAMED Viewed

File without changes

{xbase_util-0.4.7 → xbase_util-0.4.9}/xbase_util_assets/arkimeparse.js RENAMED Viewed

File without changes

xbase-util 0.4.7__tar.gz → 0.4.9__tar.gz

xbase-util 0.4.7tar.gz → 0.4.9tar.gz