xbase-util 0.8.8__tar.gz → 0.9.0__tar.gz

{xbase_util-0.8.8 → xbase_util-0.9.0}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: xbase_util
-Version: 0.8.8
+Version: 0.9.0
 Summary: 网络安全基础工具
 Home-page: https://gitee.com/jimonik/xbase_util.git
 Author: xyt

{xbase_util-0.8.8 → xbase_util-0.9.0}/setup.py

@@ -3,7 +3,7 @@ from distutils.core import setup
 from setuptools import find_packages
 
 setup(name="xbase_util",
-      version="0.8.8",
+      version="0.9.0",
       description="网络安全基础工具",
       long_description="包含提取，预测，训练的基础工具",
       author="xyt",

{xbase_util-0.8.8 → xbase_util-0.9.0}/xbase_util/common_util.py

@@ -3,6 +3,7 @@ import json
 import logging
 import os
 import re
+import traceback
 from collections import Counter
 from datetime import datetime
 from logging.handlers import TimedRotatingFileHandler
@@ -44,12 +45,13 @@ def parse_chunked_body(data: bytes, need_un_gzip=False,session_id="none") -> byt
             try:
                 return gzip.decompress(body)
             except gzip.BadGzipFile:
-                print("解压错误")
+                print(f"解压错误:{session_id}")
                 return body
         else:
             return body
     except Exception as e:
-        print(f"parse_chunked_body失败，session:{session_id}")
+        traceback.print_exc()
+        print(f"其他错误:session:{session_id}")
         return b''
 
 

{xbase_util-0.8.8 → xbase_util-0.9.0}/xbase_util/pcap_util.py

@@ -291,52 +291,50 @@ def parse_body(data,session_id='none'):
         try:
             body = gzip.decompress(body)
         except:
-            print("解压失败")
+            print(f"解压失败:{session_id}")
             pass
     result_body_str = filter_visible_chars(body)
     return filter_visible_chars(header), result_body_str
 
 
-def reassemble_session_pcap(reassemble_tcp_res, skey,session_id='none'):
-    my_map = {
-        'key': '',
-        'req_header': '',
-        'req_body': '',
-        'req_time': 0,
-        'req_size': 0,
-        'res_header': '',
-        'res_body': '',
-        'res_time': 0,
-        'res_size': 0,
-    }
+def reassemble_session_pcap(reassemble_tcp_res, skey, session_id='none'):
+    my_map = None  # 初始化为 None
     packet_list = []
-    for index, packet in enumerate(reassemble_tcp_res):
+    for packet in reassemble_tcp_res:
         header, body = parse_body(packet['data'], session_id=session_id)
-        if index == len(reassemble_tcp_res) - 1:
-            packet_list.append(copy.deepcopy(my_map))
+        # 如果当前数据包是请求
         if packet['key'] == skey:
-            if index != 0:
+            # 如果 my_map 已经存在（即已经有一个未完成的请求-响应对），先将其添加到 packet_list
+            if my_map is not None:
                 packet_list.append(copy.deepcopy(my_map))
-                my_map = {
-                    'key': packet['key'],
-                    'req_header': '',
-                    'req_body': b'',
-                    'req_time': 0,
-                    'req_size': 0,
-                    'res_header': '',
-                    'res_body': b'',
-                    'res_time': 0,
-                    'res_size': 0,
-                }
-            my_map["req_header"] = header
-            my_map["req_body"] = body
-            my_map["req_time"] = packet['ts']
-            my_map["req_size"] = len(packet['data'])
+
+            # 初始化一个新的 my_map，并填充请求数据
+            my_map = {
+                'key': packet['key'],
+                'req_header': header,
+                'req_body': body,
+                'req_time': packet['ts'],
+                'req_size': len(packet['data']),
+                'res_header': '',
+                'res_body': b'',
+                'res_time': 0,
+                'res_size': 0,
+            }
+        # 如果当前数据包是响应
         else:
-            my_map["res_header"] = header
-            my_map["res_body"] = body
-            my_map["res_time"] = packet['ts']
-            my_map["res_size"] = len(packet['data'])
+            # 如果 my_map 存在（即已经有一个请求），则填充响应数据
+            if my_map is not None:
+                my_map['res_header'] = header
+                my_map['res_body'] = body
+                my_map['res_time'] = packet['ts']
+                my_map['res_size'] = len(packet['data'])
+
+                # 将完整的请求-响应对添加到 packet_list
+                packet_list.append(copy.deepcopy(my_map))
+                my_map = None  # 重置 my_map
+    # 如果最后一个 my_map 未完成（只有请求没有响应），也将其添加到 packet_list
+    if my_map is not None:
+        packet_list.append(copy.deepcopy(my_map))
     return packet_list
 
 

xbase_util-0.9.0/xbase_util/test.py

@@ -0,0 +1,9 @@
+from scapy.utils import rdpcap
+
+from xbase_util.pcap_util import reassemble_tcp_pcap, reassemble_session_pcap
+
+if __name__ == '__main__':
+    packets_scapy = reassemble_tcp_pcap(rdpcap("test.pcap"))
+    skey = '10.28.7.13:52631'
+    all_packets = reassemble_session_pcap(packets_scapy, skey=skey,session_id='enn')
+    print(all_packets)

{xbase_util-0.8.8 → xbase_util-0.9.0}/xbase_util.egg-info/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: xbase-util
-Version: 0.8.8
+Version: 0.9.0
 Summary: 网络安全基础工具
 Home-page: https://gitee.com/jimonik/xbase_util.git
 Author: xyt

xbase_util-0.8.8/xbase_util/test.py

@@ -1,15 +0,0 @@
-from scapy.packet import Raw
-from scapy.utils import rdpcap
-
-from xbase_util.pcap_util import reassemble_tcp_pcap, reassemble_session_pcap
-
-if __name__ == '__main__':
-    packets_scapy = reassemble_tcp_pcap(rdpcap("gzip2.pcap"))
-    skey = '10.28.7.16:54398'
-    streams = b""
-    for pkt in packets_scapy:
-        if Raw in pkt:
-            streams += pkt[Raw].load
-    text_data = streams.decode('ascii', errors='ignore')
-    all_packets = reassemble_session_pcap(packets_scapy, skey=skey,session_id='enn')
-