xbase-util 0.6.4__tar.gz → 0.6.6__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (35) hide show
  1. {xbase_util-0.6.4 → xbase_util-0.6.6}/PKG-INFO +1 -1
  2. {xbase_util-0.6.4 → xbase_util-0.6.6}/setup.py +1 -1
  3. {xbase_util-0.6.4 → xbase_util-0.6.6}/xbase_util/packet_util.py +13 -26
  4. {xbase_util-0.6.4 → xbase_util-0.6.6}/xbase_util.egg-info/PKG-INFO +1 -1
  5. {xbase_util-0.6.4 → xbase_util-0.6.6}/xbase_util.egg-info/SOURCES.txt +0 -1
  6. xbase_util-0.6.4/test/test.py +0 -9
  7. {xbase_util-0.6.4 → xbase_util-0.6.6}/README.md +0 -0
  8. {xbase_util-0.6.4 → xbase_util-0.6.6}/setup.cfg +0 -0
  9. {xbase_util-0.6.4 → xbase_util-0.6.6}/xbase_util/__init__.py +0 -0
  10. {xbase_util-0.6.4 → xbase_util-0.6.6}/xbase_util/add_column_util.py +0 -0
  11. {xbase_util-0.6.4 → xbase_util-0.6.6}/xbase_util/dangerous_util.py +0 -0
  12. {xbase_util-0.6.4 → xbase_util-0.6.6}/xbase_util/db/__init__.py +0 -0
  13. {xbase_util-0.6.4 → xbase_util-0.6.6}/xbase_util/db/bean/ConfigBean.py +0 -0
  14. {xbase_util-0.6.4 → xbase_util-0.6.6}/xbase_util/db/bean/CurrentConfigBean.py +0 -0
  15. {xbase_util-0.6.4 → xbase_util-0.6.6}/xbase_util/db/bean/FlowBean.py +0 -0
  16. {xbase_util-0.6.4 → xbase_util-0.6.6}/xbase_util/db/bean/TaskTemplateBean.py +0 -0
  17. {xbase_util-0.6.4 → xbase_util-0.6.6}/xbase_util/db/bean/__init__.py +0 -0
  18. {xbase_util-0.6.4 → xbase_util-0.6.6}/xbase_util/db/dao/ConfigDao.py +0 -0
  19. {xbase_util-0.6.4 → xbase_util-0.6.6}/xbase_util/db/dao/CurrentConfigDao.py +0 -0
  20. {xbase_util-0.6.4 → xbase_util-0.6.6}/xbase_util/db/dao/FlowDao.py +0 -0
  21. {xbase_util-0.6.4 → xbase_util-0.6.6}/xbase_util/db/dao/TaskTemplateDao.py +0 -0
  22. {xbase_util-0.6.4 → xbase_util-0.6.6}/xbase_util/db/dao/__init__.py +0 -0
  23. {xbase_util-0.6.4 → xbase_util-0.6.6}/xbase_util/db/initsqlite3.py +0 -0
  24. {xbase_util-0.6.4 → xbase_util-0.6.6}/xbase_util/es_db_util.py +0 -0
  25. {xbase_util-0.6.4 → xbase_util-0.6.6}/xbase_util/esreq.py +0 -0
  26. {xbase_util-0.6.4 → xbase_util-0.6.6}/xbase_util/geo_util.py +0 -0
  27. {xbase_util-0.6.4 → xbase_util-0.6.6}/xbase_util/handle_features_util.py +0 -0
  28. {xbase_util-0.6.4 → xbase_util-0.6.6}/xbase_util/pcap_util.py +0 -0
  29. {xbase_util-0.6.4 → xbase_util-0.6.6}/xbase_util/xbase_constant.py +0 -0
  30. {xbase_util-0.6.4 → xbase_util-0.6.6}/xbase_util/xbase_util.py +0 -0
  31. {xbase_util-0.6.4 → xbase_util-0.6.6}/xbase_util.egg-info/dependency_links.txt +0 -0
  32. {xbase_util-0.6.4 → xbase_util-0.6.6}/xbase_util.egg-info/not-zip-safe +0 -0
  33. {xbase_util-0.6.4 → xbase_util-0.6.6}/xbase_util.egg-info/top_level.txt +0 -0
  34. {xbase_util-0.6.4 → xbase_util-0.6.6}/xbase_util_assets/GeoLite2-City.mmdb +0 -0
  35. {xbase_util-0.6.4 → xbase_util-0.6.6}/xbase_util_assets/arkimeparse.js +0 -0
{xbase_util-0.6.4 → xbase_util-0.6.6}/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.1
2
2
  Name: xbase_util
3
- Version: 0.6.4
3
+ Version: 0.6.6
4
4
  Summary: 网络安全基础工具
5
5
  Home-page: https://gitee.com/jimonik/xbase_util.git
6
6
  Author: xyt
{xbase_util-0.6.4 → xbase_util-0.6.6}/setup.py RENAMED
@@ -3,7 +3,7 @@ from distutils.core import setup
3
3
  from setuptools import find_packages
4
4
 
5
5
  setup(name="xbase_util",
6
- version="0.6.4",
6
+ version="0.6.6",
7
7
  description="网络安全基础工具",
8
8
  long_description="包含提取,预测,训练的基础工具",
9
9
  author="xyt",
{xbase_util-0.6.4 → xbase_util-0.6.6}/xbase_util/packet_util.py RENAMED
@@ -96,14 +96,6 @@ def get_all_packets_by_reg(packets):
96
96
  return packet_list
97
97
 
98
98
 
99
- def get_body(packet):
100
- try:
101
- return "".join([item for item in packet.split("\r\n\r\n") if "HTTP/" not in item])
102
- except Exception:
103
- traceback.print_exc()
104
- return ""
105
-
106
-
107
99
  def get_header_value(header_set, value):
108
100
  result = [item for item in header_set if value in item]
109
101
  if len(result) != 0:
@@ -112,23 +104,20 @@ def get_header_value(header_set, value):
112
104
  return ""
113
105
 
114
106
 
115
- def get_detail_by_package(packets_from_pcap, publicField, use_regx):
107
+ def get_detail_by_package(publicField, req_header, req_body, res_header, res_body):
116
108
  """
117
109
  通过pcap的数量分离session并完善相关字段
118
- :param packets_from_pcap: 通过PcAp解析出的包
119
110
  :param publicField: 原始的session单条数据
111
+ :param req_header:请求头
112
+ :param req_body:请求体
113
+ :param res_header:响应头
114
+ :param res_body:响应体
120
115
  :return: 完整的单条数据
121
116
  """
122
117
  res_field = publicField.copy()
123
- if use_regx:
124
- req = packets_from_pcap['req_text']
125
- res = packets_from_pcap['res_text']
126
- else:
127
- res = packets_from_pcap["response"]
128
- req = packets_from_pcap["request"]
129
118
  res_field["initRTT"] = firstOrZero(res_field.get("initRTT", 0))
130
119
  res_field["length"] = firstOrZero(res_field.get("length", 0))
131
- request_lines = req.strip().split("\n")
120
+ request_lines = req_header.strip().split("\n")
132
121
  http_request_lines = [item for item in request_lines if "HTTP" in item]
133
122
  if len(http_request_lines) != 0:
134
123
  first_line = http_request_lines[0].split(" ")
@@ -144,15 +133,13 @@ def get_detail_by_package(packets_from_pcap, publicField, use_regx):
144
133
  value="Content-Type")
145
134
  res_field['http.hostTokens'] = get_header_value(header_set=request_lines, value="Host")
146
135
 
147
- if use_regx:
148
- res_field['plain_body_src'] = ""
149
- res_field['plain_body_dst'] = ""
150
- if content_type_is_plain(req):
151
- res_field['plain_body_src'] = get_body(req)
152
- if content_type_is_plain(res):
153
- res_field['plain_body_dst'] = get_body(res)
154
-
155
- response_lines = res.strip().split("\n")
136
+ res_field['plain_body_src'] = ""
137
+ res_field['plain_body_dst'] = ""
138
+ if content_type_is_plain(req_header):
139
+ res_field['plain_body_src'] = req_body
140
+ if content_type_is_plain(res_header):
141
+ res_field['plain_body_dst'] = res_body
142
+ response_lines = res_body.strip().split("\n")
156
143
  http_response_lines = [item for item in response_lines if "HTTP" in item]
157
144
  if len(http_response_lines) != 0:
158
145
  first_line = http_response_lines[0].strip().split(" ")
{xbase_util-0.6.4 → xbase_util-0.6.6}/xbase_util.egg-info/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.1
2
2
  Name: xbase-util
3
- Version: 0.6.4
3
+ Version: 0.6.6
4
4
  Summary: 网络安全基础工具
5
5
  Home-page: https://gitee.com/jimonik/xbase_util.git
6
6
  Author: xyt
{xbase_util-0.6.4 → xbase_util-0.6.6}/xbase_util.egg-info/SOURCES.txt RENAMED
@@ -1,6 +1,5 @@
1
1
  README.md
2
2
  setup.py
3
- test/test.py
4
3
  xbase_util/__init__.py
5
4
  xbase_util/add_column_util.py
6
5
  xbase_util/dangerous_util.py
xbase_util-0.6.4/test/test.py DELETED
@@ -1,9 +0,0 @@
1
- from scapy.utils import rdpcap
2
-
3
- from xbase_util.packet_util import get_all_packets_by_reg, get_body
4
-
5
- if __name__ == '__main__':
6
- p = get_all_packets_by_reg(rdpcap("t1.pcap"))
7
- for packet in p:
8
- print( packet['req_text'])
9
- print(get_body(packet,is_req=True))
{xbase_util-0.6.4 → xbase_util-0.6.6}/README.md RENAMED
File without changes
{xbase_util-0.6.4 → xbase_util-0.6.6}/setup.cfg RENAMED
File without changes