xbase-util 0.8.6__tar.gz → 0.8.7__tar.gz

Sign up to get free protection for your applications and to get access to all the features.
Files changed (35) hide show
  1. {xbase_util-0.8.6 → xbase_util-0.8.7}/PKG-INFO +1 -1
  2. {xbase_util-0.8.6 → xbase_util-0.8.7}/setup.py +1 -1
  3. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util/common_util.py +26 -22
  4. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util/pcap_util.py +4 -4
  5. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util/test.py +1 -1
  6. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util.egg-info/PKG-INFO +1 -1
  7. {xbase_util-0.8.6 → xbase_util-0.8.7}/README.md +0 -0
  8. {xbase_util-0.8.6 → xbase_util-0.8.7}/setup.cfg +0 -0
  9. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util/__init__.py +0 -0
  10. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util/add_column_util.py +0 -0
  11. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util/dangerous_util.py +0 -0
  12. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util/db/__init__.py +0 -0
  13. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util/db/bean/ConfigBean.py +0 -0
  14. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util/db/bean/CurrentConfigBean.py +0 -0
  15. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util/db/bean/FlowBean.py +0 -0
  16. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util/db/bean/TaskTemplateBean.py +0 -0
  17. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util/db/bean/__init__.py +0 -0
  18. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util/db/dao/ConfigDao.py +0 -0
  19. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util/db/dao/CurrentConfigDao.py +0 -0
  20. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util/db/dao/FlowDao.py +0 -0
  21. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util/db/dao/TaskTemplateDao.py +0 -0
  22. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util/db/dao/__init__.py +0 -0
  23. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util/db/initsqlite3.py +0 -0
  24. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util/es_db_util.py +0 -0
  25. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util/esreq.py +0 -0
  26. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util/geo_util.py +0 -0
  27. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util/handle_features_util.py +0 -0
  28. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util/packet_util.py +0 -0
  29. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util/xbase_constant.py +0 -0
  30. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util.egg-info/SOURCES.txt +0 -0
  31. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util.egg-info/dependency_links.txt +0 -0
  32. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util.egg-info/not-zip-safe +0 -0
  33. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util.egg-info/top_level.txt +0 -0
  34. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util_assets/GeoLite2-City.mmdb +0 -0
  35. {xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util_assets/arkimeparse.js +0 -0
{xbase_util-0.8.6 → xbase_util-0.8.7}/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.1
2
2
  Name: xbase_util
3
- Version: 0.8.6
3
+ Version: 0.8.7
4
4
  Summary: 网络安全基础工具
5
5
  Home-page: https://gitee.com/jimonik/xbase_util.git
6
6
  Author: xyt
{xbase_util-0.8.6 → xbase_util-0.8.7}/setup.py RENAMED
@@ -3,7 +3,7 @@ from distutils.core import setup
3
3
  from setuptools import find_packages
4
4
 
5
5
  setup(name="xbase_util",
6
- version="0.8.6",
6
+ version="0.8.7",
7
7
  description="网络安全基础工具",
8
8
  long_description="包含提取,预测,训练的基础工具",
9
9
  author="xyt",
{xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util/common_util.py RENAMED
@@ -25,28 +25,33 @@ def filter_visible_chars(data):
25
25
  return ''.join(chr(b) for b in data if 32 <= b <= 126 or b in (9, 10, 13))
26
26
 
27
27
 
28
- def parse_chunked_body(data: bytes, need_un_gzip=False) -> bytes:
29
- body = b''
30
- while True:
31
- chunk_size_end = data.find(b"\r\n")
32
- if chunk_size_end == -1:
33
- break
34
- chunk_size_hex = data[:chunk_size_end]
35
- chunk_size = int(chunk_size_hex, 16)
36
- if chunk_size == 0:
37
- break
38
- chunk_start = chunk_size_end + 2
39
- chunk_end = chunk_start + chunk_size
40
- body += data[chunk_start:chunk_end]
41
- data = data[chunk_end + 2:]
42
- if need_un_gzip:
43
- try:
44
- return gzip.decompress(body)
45
- except gzip.BadGzipFile:
46
- print("解压错误")
28
+ def parse_chunked_body(data: bytes, need_un_gzip=False,session_id="none") -> bytes:
29
+ try:
30
+ body = b''
31
+ while True:
32
+ chunk_size_end = data.find(b"\r\n")
33
+ if chunk_size_end == -1:
34
+ break
35
+ chunk_size_hex = data[:chunk_size_end]
36
+ print(f"chunk_size_hex:{chunk_size_hex}")
37
+ chunk_size = int(chunk_size_hex, 16)
38
+ if chunk_size == 0:
39
+ break
40
+ chunk_start = chunk_size_end + 2
41
+ chunk_end = chunk_start + chunk_size
42
+ body += data[chunk_start:chunk_end]
43
+ data = data[chunk_end + 2:]
44
+ if need_un_gzip:
45
+ try:
46
+ return gzip.decompress(body)
47
+ except gzip.BadGzipFile:
48
+ print("解压错误")
49
+ return body
50
+ else:
47
51
  return body
48
- else:
49
- return body
52
+ except Exception as e:
53
+ print(f"parse_chunked_body失败,session:{session_id}")
54
+ return b''
50
55
 
51
56
 
52
57
  def process_origin_pos(originPos):
@@ -86,7 +91,6 @@ def get_ua_duplicate_count(all_packets):
86
91
  ua_list.extend(lines)
87
92
  counter = Counter(ua_list)
88
93
  pairs = sum(count // 2 for count in counter.values())
89
- print(pairs)
90
94
  return pairs
91
95
 
92
96
 
{xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util/pcap_util.py RENAMED
@@ -274,7 +274,7 @@ def process_session_id_disk_simple(id, node, packet_pos, esdb, pcap_path_prefix)
274
274
  return get_file_and_read_pos(id, file, pos_list)
275
275
 
276
276
 
277
- def parse_body(data):
277
+ def parse_body(data,session_id='none'):
278
278
  if data.find(b"\r\n\r\n") != -1:
279
279
  res = data.split(b"\r\n\r\n", 1)
280
280
  header = res[0]
@@ -286,7 +286,7 @@ def parse_body(data):
286
286
  gzip_pattern = pattern_gzip.search(header)
287
287
  need_gzip = gzip_pattern and b'gzip' in gzip_pattern.group()
288
288
  if chunked_pattern and b'chunked' in chunked_pattern.group():
289
- body = parse_chunked_body(body, need_un_gzip=need_gzip)
289
+ body = parse_chunked_body(body, need_un_gzip=need_gzip,session_id=session_id)
290
290
  elif need_gzip:
291
291
  try:
292
292
  body = gzip.decompress(body)
@@ -297,7 +297,7 @@ def parse_body(data):
297
297
  return filter_visible_chars(header), result_body_str
298
298
 
299
299
 
300
- def reassemble_session_pcap(reassemble_tcp_res, skey):
300
+ def reassemble_session_pcap(reassemble_tcp_res, skey,session_id='none'):
301
301
  my_map = {
302
302
  'key': '',
303
303
  'req_header': '',
@@ -311,7 +311,7 @@ def reassemble_session_pcap(reassemble_tcp_res, skey):
311
311
  }
312
312
  packet_list = []
313
313
  for index, packet in enumerate(reassemble_tcp_res):
314
- header, body = parse_body(packet['data'])
314
+ header, body = parse_body(packet['data'], session_id=session_id)
315
315
  if index == len(reassemble_tcp_res) - 1:
316
316
  packet_list.append(copy.deepcopy(my_map))
317
317
  if packet['key'] == skey:
{xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util/test.py RENAMED
@@ -11,5 +11,5 @@ if __name__ == '__main__':
11
11
  if Raw in pkt:
12
12
  streams += pkt[Raw].load
13
13
  text_data = streams.decode('ascii', errors='ignore')
14
- all_packets = reassemble_session_pcap(packets_scapy, skey=skey)
14
+ all_packets = reassemble_session_pcap(packets_scapy, skey=skey,session_id='enn')
15
15
 
{xbase_util-0.8.6 → xbase_util-0.8.7}/xbase_util.egg-info/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.1
2
2
  Name: xbase-util
3
- Version: 0.8.6
3
+ Version: 0.8.7
4
4
  Summary: 网络安全基础工具
5
5
  Home-page: https://gitee.com/jimonik/xbase_util.git
6
6
  Author: xyt
{xbase_util-0.8.6 → xbase_util-0.8.7}/README.md RENAMED
File without changes
{xbase_util-0.8.6 → xbase_util-0.8.7}/setup.cfg RENAMED
File without changes