xbase-util 0.5.7__tar.gz → 0.5.9__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- {xbase_util-0.5.7 → xbase_util-0.5.9}/PKG-INFO +1 -1
- {xbase_util-0.5.7 → xbase_util-0.5.9}/setup.py +1 -1
- xbase_util-0.5.9/test/test.py +9 -0
- {xbase_util-0.5.7 → xbase_util-0.5.9}/xbase_util/packet_util.py +17 -7
- {xbase_util-0.5.7 → xbase_util-0.5.9}/xbase_util.egg-info/PKG-INFO +1 -1
- {xbase_util-0.5.7 → xbase_util-0.5.9}/xbase_util.egg-info/SOURCES.txt +1 -0
- {xbase_util-0.5.7 → xbase_util-0.5.9}/README.md +0 -0
- {xbase_util-0.5.7 → xbase_util-0.5.9}/setup.cfg +0 -0
- {xbase_util-0.5.7 → xbase_util-0.5.9}/xbase_util/__init__.py +0 -0
- {xbase_util-0.5.7 → xbase_util-0.5.9}/xbase_util/add_column_util.py +0 -0
- {xbase_util-0.5.7 → xbase_util-0.5.9}/xbase_util/dangerous_util.py +0 -0
- {xbase_util-0.5.7 → xbase_util-0.5.9}/xbase_util/db/__init__.py +0 -0
- {xbase_util-0.5.7 → xbase_util-0.5.9}/xbase_util/db/bean/ConfigBean.py +0 -0
- {xbase_util-0.5.7 → xbase_util-0.5.9}/xbase_util/db/bean/CurrentConfigBean.py +0 -0
- {xbase_util-0.5.7 → xbase_util-0.5.9}/xbase_util/db/bean/FlowBean.py +0 -0
- {xbase_util-0.5.7 → xbase_util-0.5.9}/xbase_util/db/bean/TaskTemplateBean.py +0 -0
- {xbase_util-0.5.7 → xbase_util-0.5.9}/xbase_util/db/bean/__init__.py +0 -0
- {xbase_util-0.5.7 → xbase_util-0.5.9}/xbase_util/db/dao/ConfigDao.py +0 -0
- {xbase_util-0.5.7 → xbase_util-0.5.9}/xbase_util/db/dao/CurrentConfigDao.py +0 -0
- {xbase_util-0.5.7 → xbase_util-0.5.9}/xbase_util/db/dao/FlowDao.py +0 -0
- {xbase_util-0.5.7 → xbase_util-0.5.9}/xbase_util/db/dao/TaskTemplateDao.py +0 -0
- {xbase_util-0.5.7 → xbase_util-0.5.9}/xbase_util/db/dao/__init__.py +0 -0
- {xbase_util-0.5.7 → xbase_util-0.5.9}/xbase_util/db/initsqlite3.py +0 -0
- {xbase_util-0.5.7 → xbase_util-0.5.9}/xbase_util/es_db_util.py +0 -0
- {xbase_util-0.5.7 → xbase_util-0.5.9}/xbase_util/esreq.py +0 -0
- {xbase_util-0.5.7 → xbase_util-0.5.9}/xbase_util/geo_util.py +0 -0
- {xbase_util-0.5.7 → xbase_util-0.5.9}/xbase_util/handle_features_util.py +0 -0
- {xbase_util-0.5.7 → xbase_util-0.5.9}/xbase_util/pcap_util.py +0 -0
- {xbase_util-0.5.7 → xbase_util-0.5.9}/xbase_util/xbase_constant.py +0 -0
- {xbase_util-0.5.7 → xbase_util-0.5.9}/xbase_util/xbase_util.py +0 -0
- {xbase_util-0.5.7 → xbase_util-0.5.9}/xbase_util.egg-info/dependency_links.txt +0 -0
- {xbase_util-0.5.7 → xbase_util-0.5.9}/xbase_util.egg-info/not-zip-safe +0 -0
- {xbase_util-0.5.7 → xbase_util-0.5.9}/xbase_util.egg-info/top_level.txt +0 -0
- {xbase_util-0.5.7 → xbase_util-0.5.9}/xbase_util_assets/GeoLite2-City.mmdb +0 -0
- {xbase_util-0.5.7 → xbase_util-0.5.9}/xbase_util_assets/arkimeparse.js +0 -0
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
from scapy.utils import rdpcap
|
|
2
|
+
|
|
3
|
+
from xbase_util.packet_util import get_all_packets_by_reg, get_body
|
|
4
|
+
|
|
5
|
+
if __name__ == '__main__':
|
|
6
|
+
p = get_all_packets_by_reg(rdpcap("t1.pcap"))
|
|
7
|
+
for packet in p:
|
|
8
|
+
print( packet['req_text'])
|
|
9
|
+
print(get_body(packet,is_req=True))
|
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
import re
|
|
2
|
+
import traceback
|
|
2
3
|
|
|
3
4
|
from scapy.layers.inet import TCP, IP
|
|
4
5
|
from scapy.packet import Raw
|
|
@@ -95,11 +96,20 @@ def get_all_packets_by_reg(packets):
|
|
|
95
96
|
return packet_list
|
|
96
97
|
|
|
97
98
|
|
|
98
|
-
def get_body(packet,is_req):
|
|
99
|
-
|
|
100
|
-
|
|
101
|
-
|
|
102
|
-
|
|
99
|
+
def get_body(packet, is_req):
|
|
100
|
+
try:
|
|
101
|
+
if is_req:
|
|
102
|
+
return "".join([item for item in packet['req_text'].split("\r\n\r\n") if "HTTP/" not in item])
|
|
103
|
+
else:
|
|
104
|
+
return "".join([item for item in packet['res_text'].split("\r\n\r\n") if "HTTP/" not in item])
|
|
105
|
+
except Exception as e:
|
|
106
|
+
print("emmmmm")
|
|
107
|
+
if is_req:
|
|
108
|
+
print(packet['req_text'])
|
|
109
|
+
else:
|
|
110
|
+
print(packet['res_text'])
|
|
111
|
+
traceback.print_exc()
|
|
112
|
+
return ""
|
|
103
113
|
|
|
104
114
|
|
|
105
115
|
def get_header_value(header_set, value):
|
|
@@ -146,9 +156,9 @@ def get_detail_by_package(packets_from_pcap, publicField, use_regx):
|
|
|
146
156
|
res_field['plain_body_src'] = ""
|
|
147
157
|
res_field['plain_body_dst'] = ""
|
|
148
158
|
if content_type_is_plain(req):
|
|
149
|
-
res_field['plain_body_src'] = get_body(req)
|
|
159
|
+
res_field['plain_body_src'] = get_body(req, is_req=True)
|
|
150
160
|
if content_type_is_plain(res):
|
|
151
|
-
res_field['plain_body_dst'] = get_body(res)
|
|
161
|
+
res_field['plain_body_dst'] = get_body(res, is_req=False)
|
|
152
162
|
|
|
153
163
|
response_lines = res.strip().split("\n")
|
|
154
164
|
http_response_lines = [item for item in response_lines if "HTTP" in item]
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|