xbase-util 0.8.6__tar.gz → 0.8.7__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (35) hide show
  1. {xbase_util-0.8.6 → xbase_util-0.8.7}/PKG-INFO +1 -1
  2. {xbase_util-0.8.6 → xbase_util-0.8.7}/setup.py +1 -1
  3. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util/common_util.py +26 -22
  4. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util/pcap_util.py +4 -4
  5. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util/test.py +1 -1
  6. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util.egg-info/PKG-INFO +1 -1
  7. {xbase_util-0.8.6 → xbase_util-0.8.7}/README.md +0 -0
  8. {xbase_util-0.8.6 → xbase_util-0.8.7}/setup.cfg +0 -0
  9. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util/__init__.py +0 -0
  10. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util/add_column_util.py +0 -0
  11. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util/dangerous_util.py +0 -0
  12. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util/db/__init__.py +0 -0
  13. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util/db/bean/ConfigBean.py +0 -0
  14. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util/db/bean/CurrentConfigBean.py +0 -0
  15. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util/db/bean/FlowBean.py +0 -0
  16. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util/db/bean/TaskTemplateBean.py +0 -0
  17. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util/db/bean/__init__.py +0 -0
  18. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util/db/dao/ConfigDao.py +0 -0
  19. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util/db/dao/CurrentConfigDao.py +0 -0
  20. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util/db/dao/FlowDao.py +0 -0
  21. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util/db/dao/TaskTemplateDao.py +0 -0
  22. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util/db/dao/__init__.py +0 -0
  23. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util/db/initsqlite3.py +0 -0
  24. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util/es_db_util.py +0 -0
  25. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util/esreq.py +0 -0
  26. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util/geo_util.py +0 -0
  27. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util/handle_features_util.py +0 -0
  28. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util/packet_util.py +0 -0
  29. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util/xbase_constant.py +0 -0
  30. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util.egg-info/SOURCES.txt +0 -0
  31. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util.egg-info/dependency_links.txt +0 -0
  32. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util.egg-info/not-zip-safe +0 -0
  33. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util.egg-info/top_level.txt +0 -0
  34. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util_assets/GeoLite2-City.mmdb +0 -0
  35. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util_assets/arkimeparse.js +0 -0
{xbase_util-0.8.6 → xbase_util-0.8.7}/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.1
2
2
  Name: xbase_util
3
- Version: 0.8.6
3
+ Version: 0.8.7
4
4
  Summary: 网络安全基础工具
5
5
  Home-page: https://gitee.com/jimonik/xbase_util.git
6
6
  Author: xyt
{xbase_util-0.8.6 → xbase_util-0.8.7}/setup.py RENAMED
@@ -3,7 +3,7 @@ from distutils.core import setup
3
3
  from setuptools import find_packages
4
4
 
5
5
  setup(name="xbase_util",
6
- version="0.8.6",
6
+ version="0.8.7",
7
7
  description="网络安全基础工具",
8
8
  long_description="包含提取,预测,训练的基础工具",
9
9
  author="xyt",
{xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util/common_util.py RENAMED
@@ -25,28 +25,33 @@ def filter_visible_chars(data):
25
25
  return ''.join(chr(b) for b in data if 32 <= b <= 126 or b in (9, 10, 13))
26
26
 
27
27
 
28
- def parse_chunked_body(data: bytes, need_un_gzip=False) -> bytes:
29
- body = b''
30
- while True:
31
- chunk_size_end = data.find(b"\r\n")
32
- if chunk_size_end == -1:
33
- break
34
- chunk_size_hex = data[:chunk_size_end]
35
- chunk_size = int(chunk_size_hex, 16)
36
- if chunk_size == 0:
37
- break
38
- chunk_start = chunk_size_end + 2
39
- chunk_end = chunk_start + chunk_size
40
- body += data[chunk_start:chunk_end]
41
- data = data[chunk_end + 2:]
42
- if need_un_gzip:
43
- try:
44
- return gzip.decompress(body)
45
- except gzip.BadGzipFile:
46
- print("解压错误")
28
+ def parse_chunked_body(data: bytes, need_un_gzip=False,session_id="none") -> bytes:
29
+ try:
30
+ body = b''
31
+ while True:
32
+ chunk_size_end = data.find(b"\r\n")
33
+ if chunk_size_end == -1:
34
+ break
35
+ chunk_size_hex = data[:chunk_size_end]
36
+ print(f"chunk_size_hex:{chunk_size_hex}")
37
+ chunk_size = int(chunk_size_hex, 16)
38
+ if chunk_size == 0:
39
+ break
40
+ chunk_start = chunk_size_end + 2
41
+ chunk_end = chunk_start + chunk_size
42
+ body += data[chunk_start:chunk_end]
43
+ data = data[chunk_end + 2:]
44
+ if need_un_gzip:
45
+ try:
46
+ return gzip.decompress(body)
47
+ except gzip.BadGzipFile:
48
+ print("解压错误")
49
+ return body
50
+ else:
47
51
  return body
48
- else:
49
- return body
52
+ except Exception as e:
53
+ print(f"parse_chunked_body失败,session:{session_id}")
54
+ return b''
50
55
 
51
56
 
52
57
  def process_origin_pos(originPos):
@@ -86,7 +91,6 @@ def get_ua_duplicate_count(all_packets):
86
91
  ua_list.extend(lines)
87
92
  counter = Counter(ua_list)
88
93
  pairs = sum(count // 2 for count in counter.values())
89
- print(pairs)
90
94
  return pairs
91
95
 
92
96
 
{xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util/pcap_util.py RENAMED
@@ -274,7 +274,7 @@ def process_session_id_disk_simple(id, node, packet_pos, esdb, pcap_path_prefix)
274
274
  return get_file_and_read_pos(id, file, pos_list)
275
275
 
276
276
 
277
- def parse_body(data):
277
+ def parse_body(data,session_id='none'):
278
278
  if data.find(b"\r\n\r\n") != -1:
279
279
  res = data.split(b"\r\n\r\n", 1)
280
280
  header = res[0]
@@ -286,7 +286,7 @@ def parse_body(data):
286
286
  gzip_pattern = pattern_gzip.search(header)
287
287
  need_gzip = gzip_pattern and b'gzip' in gzip_pattern.group()
288
288
  if chunked_pattern and b'chunked' in chunked_pattern.group():
289
- body = parse_chunked_body(body, need_un_gzip=need_gzip)
289
+ body = parse_chunked_body(body, need_un_gzip=need_gzip,session_id=session_id)
290
290
  elif need_gzip:
291
291
  try:
292
292
  body = gzip.decompress(body)
@@ -297,7 +297,7 @@ def parse_body(data):
297
297
  return filter_visible_chars(header), result_body_str
298
298
 
299
299
 
300
- def reassemble_session_pcap(reassemble_tcp_res, skey):
300
+ def reassemble_session_pcap(reassemble_tcp_res, skey,session_id='none'):
301
301
  my_map = {
302
302
  'key': '',
303
303
  'req_header': '',
@@ -311,7 +311,7 @@ def reassemble_session_pcap(reassemble_tcp_res, skey):
311
311
  }
312
312
  packet_list = []
313
313
  for index, packet in enumerate(reassemble_tcp_res):
314
- header, body = parse_body(packet['data'])
314
+ header, body = parse_body(packet['data'], session_id=session_id)
315
315
  if index == len(reassemble_tcp_res) - 1:
316
316
  packet_list.append(copy.deepcopy(my_map))
317
317
  if packet['key'] == skey:
{xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util/test.py RENAMED
@@ -11,5 +11,5 @@ if __name__ == '__main__':
11
11
  if Raw in pkt:
12
12
  streams += pkt[Raw].load
13
13
  text_data = streams.decode('ascii', errors='ignore')
14
- all_packets = reassemble_session_pcap(packets_scapy, skey=skey)
14
+ all_packets = reassemble_session_pcap(packets_scapy, skey=skey,session_id='enn')
15
15
 
{xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util.egg-info/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.1
2
2
  Name: xbase-util
3
- Version: 0.8.6
3
+ Version: 0.8.7
4
4
  Summary: 网络安全基础工具
5
5
  Home-page: https://gitee.com/jimonik/xbase_util.git
6
6
  Author: xyt
{xbase_util-0.8.6 → xbase_util-0.8.7}/README.md RENAMED
File without changes
{xbase_util-0.8.6 → xbase_util-0.8.7}/setup.cfg RENAMED
File without changes