xbase-util 0.7.3__tar.gz → 0.7.4__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (35) hide show
  1. {xbase_util-0.7.3 → xbase_util-0.7.4}/PKG-INFO +1 -1
  2. {xbase_util-0.7.3 → xbase_util-0.7.4}/setup.py +1 -1
  3. {xbase_util-0.7.3 → xbase_util-0.7.4}/xbase_util/packet_util.py +2 -33
  4. {xbase_util-0.7.3 → xbase_util-0.7.4}/xbase_util/segment.py +6 -4
  5. {xbase_util-0.7.3 → xbase_util-0.7.4}/xbase_util.egg-info/PKG-INFO +1 -1
  6. {xbase_util-0.7.3 → xbase_util-0.7.4}/README.md +0 -0
  7. {xbase_util-0.7.3 → xbase_util-0.7.4}/setup.cfg +0 -0
  8. {xbase_util-0.7.3 → xbase_util-0.7.4}/xbase_util/__init__.py +0 -0
  9. {xbase_util-0.7.3 → xbase_util-0.7.4}/xbase_util/add_column_util.py +0 -0
  10. {xbase_util-0.7.3 → xbase_util-0.7.4}/xbase_util/dangerous_util.py +0 -0
  11. {xbase_util-0.7.3 → xbase_util-0.7.4}/xbase_util/db/__init__.py +0 -0
  12. {xbase_util-0.7.3 → xbase_util-0.7.4}/xbase_util/db/bean/ConfigBean.py +0 -0
  13. {xbase_util-0.7.3 → xbase_util-0.7.4}/xbase_util/db/bean/CurrentConfigBean.py +0 -0
  14. {xbase_util-0.7.3 → xbase_util-0.7.4}/xbase_util/db/bean/FlowBean.py +0 -0
  15. {xbase_util-0.7.3 → xbase_util-0.7.4}/xbase_util/db/bean/TaskTemplateBean.py +0 -0
  16. {xbase_util-0.7.3 → xbase_util-0.7.4}/xbase_util/db/bean/__init__.py +0 -0
  17. {xbase_util-0.7.3 → xbase_util-0.7.4}/xbase_util/db/dao/ConfigDao.py +0 -0
  18. {xbase_util-0.7.3 → xbase_util-0.7.4}/xbase_util/db/dao/CurrentConfigDao.py +0 -0
  19. {xbase_util-0.7.3 → xbase_util-0.7.4}/xbase_util/db/dao/FlowDao.py +0 -0
  20. {xbase_util-0.7.3 → xbase_util-0.7.4}/xbase_util/db/dao/TaskTemplateDao.py +0 -0
  21. {xbase_util-0.7.3 → xbase_util-0.7.4}/xbase_util/db/dao/__init__.py +0 -0
  22. {xbase_util-0.7.3 → xbase_util-0.7.4}/xbase_util/db/initsqlite3.py +0 -0
  23. {xbase_util-0.7.3 → xbase_util-0.7.4}/xbase_util/es_db_util.py +0 -0
  24. {xbase_util-0.7.3 → xbase_util-0.7.4}/xbase_util/esreq.py +0 -0
  25. {xbase_util-0.7.3 → xbase_util-0.7.4}/xbase_util/geo_util.py +0 -0
  26. {xbase_util-0.7.3 → xbase_util-0.7.4}/xbase_util/handle_features_util.py +0 -0
  27. {xbase_util-0.7.3 → xbase_util-0.7.4}/xbase_util/pcap_util.py +0 -0
  28. {xbase_util-0.7.3 → xbase_util-0.7.4}/xbase_util/xbase_constant.py +0 -0
  29. {xbase_util-0.7.3 → xbase_util-0.7.4}/xbase_util/xbase_util.py +0 -0
  30. {xbase_util-0.7.3 → xbase_util-0.7.4}/xbase_util.egg-info/SOURCES.txt +0 -0
  31. {xbase_util-0.7.3 → xbase_util-0.7.4}/xbase_util.egg-info/dependency_links.txt +0 -0
  32. {xbase_util-0.7.3 → xbase_util-0.7.4}/xbase_util.egg-info/not-zip-safe +0 -0
  33. {xbase_util-0.7.3 → xbase_util-0.7.4}/xbase_util.egg-info/top_level.txt +0 -0
  34. {xbase_util-0.7.3 → xbase_util-0.7.4}/xbase_util_assets/GeoLite2-City.mmdb +0 -0
  35. {xbase_util-0.7.3 → xbase_util-0.7.4}/xbase_util_assets/arkimeparse.js +0 -0
{xbase_util-0.7.3 → xbase_util-0.7.4}/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.1
2
2
  Name: xbase_util
3
- Version: 0.7.3
3
+ Version: 0.7.4
4
4
  Summary: 网络安全基础工具
5
5
  Home-page: https://gitee.com/jimonik/xbase_util.git
6
6
  Author: xyt
{xbase_util-0.7.3 → xbase_util-0.7.4}/setup.py RENAMED
@@ -3,7 +3,7 @@ from distutils.core import setup
3
3
  from setuptools import find_packages
4
4
 
5
5
  setup(name="xbase_util",
6
- version="0.7.3",
6
+ version="0.7.4",
7
7
  description="网络安全基础工具",
8
8
  long_description="包含提取,预测,训练的基础工具",
9
9
  author="xyt",
{xbase_util-0.7.3 → xbase_util-0.7.4}/xbase_util/packet_util.py RENAMED
@@ -70,37 +70,6 @@ http_req_method = re.compile(r"(GET|POST|HEAD|PUT|DELETE|OPTIONS|PATCH) \/[^\s]*
70
70
  http_req_path = re.compile(r"(?:GET|POST|HEAD|PUT|DELETE|OPTIONS|PATCH)\s+(\/[^\s]*)\s+HTTP\/\d\.\d")
71
71
  res_status_code_pattern = re.compile(r"HTTP\/\d\.\d\s+(\d{3})\s+.*")
72
72
 
73
-
74
- # def get_all_packets_by_reg(packets):
75
- # http_Req_Raw = {}
76
- # http_methods = ("POST /", "PUT /", "OPTIONS /", "DELETE /", "GET /")
77
- # for packet in packets:
78
- # if TCP in packet and Raw in packet:
79
- # data = packet[Raw].load
80
- # ack = packet[TCP].ack
81
- # next_ack = packet[TCP].seq + len(data)
82
- # if ack not in http_Req_Raw:
83
- # http_Req_Raw[ack] = {"time": [float(packet.time)], "data": data, "next_ack": next_ack}
84
- # else:
85
- # http_Req_Raw[ack]["time"].append(float(packet.time))
86
- # http_Req_Raw[ack]["data"] += data
87
- # http_Req_Raw[ack]["next_ack"] = next_ack
88
- # packet_list = [
89
- # {
90
- # 'req_data': item['data'],
91
- # 'res_data': http_Req_Raw[item['next_ack']]['data'],
92
- # 'req_text': filter_visible_chars(item['data']),
93
- # 'res_text': filter_visible_chars(http_Req_Raw[item['next_ack']]['data']),
94
- # 'req_time': item['time'],
95
- # 'res_time': http_Req_Raw[item['next_ack']]['time']
96
- # }
97
- # for ack, item in http_Req_Raw.items()
98
- # if item['next_ack'] in http_Req_Raw # 检查 next_ack 是否存在
99
- # and any(method in filter_visible_chars(item['data']) for method in http_methods)
100
- # ]
101
- # return packet_list
102
-
103
-
104
73
  def get_header_value(header_set, value):
105
74
  result = [item for item in header_set if value in item]
106
75
  if len(result) != 0:
@@ -139,9 +108,9 @@ def get_detail_by_package(publicField, req_header, req_body, res_header, res_bod
139
108
  res_field['plain_body_src'] = ""
140
109
  res_field['plain_body_dst'] = ""
141
110
  if content_type_is_plain(req_header):
142
- res_field['plain_body_src'] = filter_visible_chars(f'{req_body}')
111
+ res_field['plain_body_src'] = req_body
143
112
  if content_type_is_plain(res_header):
144
- res_field['plain_body_dst'] = filter_visible_chars(f'{res_body}')
113
+ res_field['plain_body_dst'] = res_body
145
114
 
146
115
  http_server_version_res = http_version.findall(res_header)
147
116
  res_field['http.serverVersion'] = http_server_version_res[0] if len(http_server_version_res) > 0 else ""
{xbase_util-0.7.3 → xbase_util-0.7.4}/xbase_util/segment.py RENAMED
@@ -8,6 +8,8 @@ import numpy as np
8
8
  from scapy.all import *
9
9
  from scapy.layers.inet import TCP
10
10
 
11
+ from xbase_util.packet_util import filter_visible_chars
12
+
11
13
  REQUEST_LINE_RE = re.compile(rb"^(GET|POST|PUT|DELETE|OPTIONS|HEAD|PATCH)\s[^\r\n]+\r\n", re.MULTILINE)
12
14
  RESPONSE_LINE_RE = re.compile(rb"^HTTP/\d\.\d\s+\d{3}\s?[^\r\n]*", re.IGNORECASE)
13
15
 
@@ -104,13 +106,13 @@ def parse_req_or_res(data, pkts):
104
106
 
105
107
  decompressed = gzip.decompress(result_body)
106
108
  result_body_str = "\n".join(
107
- [line.strip() for line in decompressed.decode("utf-8", errors="replace").splitlines() if
109
+ [line.strip() for line in filter_visible_chars(decompressed).splitlines() if
108
110
  line.strip() != ""])
109
111
  except Exception as e:
110
- result_body_str = result_body.decode("utf-8", errors="replace")
112
+ result_body_str = filter_visible_chars(result_body)
111
113
  else:
112
- result_body_str = result_body.decode("utf-8", errors="replace")
113
- return header.decode("utf-8", errors="replace"), result_body_str, [float(pkt.time) for pkt in pkts]
114
+ result_body_str = filter_visible_chars(result_body)
115
+ return filter_visible_chars(header), result_body_str, [float(pkt.time) for pkt in pkts]
114
116
 
115
117
 
116
118
  def get_all_packets_by_segment(packets):
{xbase_util-0.7.3 → xbase_util-0.7.4}/xbase_util.egg-info/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.1
2
2
  Name: xbase-util
3
- Version: 0.7.3
3
+ Version: 0.7.4
4
4
  Summary: 网络安全基础工具
5
5
  Home-page: https://gitee.com/jimonik/xbase_util.git
6
6
  Author: xyt
{xbase_util-0.7.3 → xbase_util-0.7.4}/README.md RENAMED
File without changes
{xbase_util-0.7.3 → xbase_util-0.7.4}/setup.cfg RENAMED
File without changes