xbase-util 0.7.1__tar.gz → 0.7.3__tar.gz

{xbase_util-0.7.1 → xbase_util-0.7.3}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: xbase_util
-Version: 0.7.1
+Version: 0.7.3
 Summary: 网络安全基础工具
 Home-page: https://gitee.com/jimonik/xbase_util.git
 Author: xyt

{xbase_util-0.7.1 → xbase_util-0.7.3}/setup.py

@@ -3,7 +3,7 @@ from distutils.core import setup
 from setuptools import find_packages
 
 setup(name="xbase_util",
-      version="0.7.1",
+      version="0.7.3",
       description="网络安全基础工具",
       long_description="包含提取，预测，训练的基础工具",
       author="xyt",

{xbase_util-0.7.1 → xbase_util-0.7.3}/xbase_util/packet_util.py

@@ -22,7 +22,6 @@ def content_type_is_plain(packet):
             if ":" not in item:
                 continue
             content_type = item.split(":")[1].replace("\r", "").strip()
-            print(content_type)
             return content_type in plain_content_type_columns
     return False
 
@@ -140,9 +139,9 @@ def get_detail_by_package(publicField, req_header, req_body, res_header, res_bod
     res_field['plain_body_src'] = ""
     res_field['plain_body_dst'] = ""
     if content_type_is_plain(req_header):
-        res_field['plain_body_src'] = f"{req_body}"
+        res_field['plain_body_src'] = filter_visible_chars(f'{req_body}')
     if content_type_is_plain(res_header):
-        res_field['plain_body_dst'] = f"{res_body}"
+        res_field['plain_body_dst'] = filter_visible_chars(f'{res_body}')
 
     http_server_version_res = http_version.findall(res_header)
     res_field['http.serverVersion'] = http_server_version_res[0] if len(http_server_version_res) > 0 else ""

{xbase_util-0.7.1 → xbase_util-0.7.3}/xbase_util/segment.py

@@ -1,5 +1,8 @@
 import copy
+import gzip
 import re
+import zlib
+from io import BytesIO
 
 import numpy as np
 from scapy.all import *
@@ -50,7 +53,8 @@ def read_packets(packets):
         tmp_packets.clear()
     return packet_list
 
-
+pattern_chuncked = re.compile(rb"Transfer-Encoding:\s*chunked", re.IGNORECASE)
+pattern_gzip = re.compile(rb"Content-Encoding:\s*gzip", re.IGNORECASE)
 def parse_req_or_res(data, pkts):
     if data.find(b"\r\n\r\n") != -1:
         res = data.split(b"\r\n\r\n", 1)
@@ -59,8 +63,6 @@ def parse_req_or_res(data, pkts):
     else:
         header = data
         body = b''
-    pattern_chuncked = re.compile(rb"Transfer-Encoding:\s*chunked", re.IGNORECASE)
-    pattern_gzip = re.compile(rb"Content-Encoding:\s*gzip", re.IGNORECASE)
     chuncked_pattern = pattern_chuncked.search(header)
     gzip_pattern = pattern_gzip.search(header)
     if chuncked_pattern and b'chunked' in chuncked_pattern.group():
@@ -99,6 +101,7 @@ def parse_req_or_res(data, pkts):
             result_body = body
     if gzip_pattern and b'gzip' in gzip_pattern.group():
         try:
+
             decompressed = gzip.decompress(result_body)
             result_body_str = "\n".join(
                 [line.strip() for line in decompressed.decode("utf-8", errors="replace").splitlines() if
@@ -126,6 +129,8 @@ def get_all_packets_by_segment(packets):
         response = [item for item in response_packets if item['first_seq'] == ack]
         # print(f"找到对应的响应：{len(response)}")
         # print(f"请求：{request['data'].decode('utf-8', errors='replace')}")
+        # gzip.decompress(response[0]['data'].split(b'\r\n\r\n')[1])
+        # decompressed_data = zlib.decompress((response[0]['data'].split(b'\r\n\r\n')[1])[10:], wbits=zlib.MAX_WBITS | 16)
         if len(response) > 0:
             res_header, res_body, res_times = parse_req_or_res(response[0]['data'], response[0]['pkts'])
             req_header, req_body, req_times = parse_req_or_res(request['data'], request['pkts'])

{xbase_util-0.7.1 → xbase_util-0.7.3}/xbase_util.egg-info/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: xbase-util
-Version: 0.7.1
+Version: 0.7.3
 Summary: 网络安全基础工具
 Home-page: https://gitee.com/jimonik/xbase_util.git
 Author: xyt