PyPI - xbase-util - Versions diffs - 0.9.0__tar.gz → 0.9.2__tar.gz - Mend

xbase-util 0.9.0tar.gz → 0.9.2tar.gz

Files changed (35) hide show

{xbase_util-0.9.0 → xbase_util-0.9.2}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: xbase_util
-Version: 0.9.0
+Version: 0.9.2
 Summary: 网络安全基础工具
 Home-page: https://gitee.com/jimonik/xbase_util.git
 Author: xyt

{xbase_util-0.9.0 → xbase_util-0.9.2}/setup.py RENAMED Viewed

@@ -3,7 +3,7 @@ from distutils.core import setup
 from setuptools import find_packages
 setup(name="xbase_util",
-      version="0.9.0",
+      version="0.9.2",
       description="网络安全基础工具",
       long_description="包含提取，预测，训练的基础工具",
       author="xyt",

{xbase_util-0.9.0 → xbase_util-0.9.2}/xbase_util/common_util.py RENAMED Viewed

@@ -26,7 +26,7 @@ def filter_visible_chars(data):
     return ''.join(chr(b) for b in data if 32 <= b <= 126 or b in (9, 10, 13))
-def parse_chunked_body(data: bytes, need_un_gzip=False,session_id="none") -> bytes:
+def parse_chunked_body(data: bytes,need_un_gzip=False,session_id="none",skey='') -> bytes:
     try:
         body = b''
         while True:
@@ -51,7 +51,7 @@ def parse_chunked_body(data: bytes, need_un_gzip=False,session_id="none") -> byt
             return body
     except Exception as e:
         traceback.print_exc()
-        print(f"其他错误:session:{session_id}")
+        print(f"其他错误:session:{skey}  {session_id}")
         return b''

{xbase_util-0.9.0 → xbase_util-0.9.2}/xbase_util/pcap_util.py RENAMED Viewed

@@ -4,6 +4,7 @@ import math
 import os
 import struct
 import time
+import traceback
 import zlib
 from functools import cmp_to_key
@@ -274,7 +275,7 @@ def process_session_id_disk_simple(id, node, packet_pos, esdb, pcap_path_prefix)
     return get_file_and_read_pos(id, file, pos_list)
-def parse_body(data,session_id='none'):
+def parse_body(data, skey='', session_id='none'):
     if data.find(b"\r\n\r\n") != -1:
         res = data.split(b"\r\n\r\n", 1)
         header = res[0]
@@ -284,31 +285,27 @@ def parse_body(data,session_id='none'):
         body = b''
     chunked_pattern = pattern_chuncked.search(header)
     gzip_pattern = pattern_gzip.search(header)
-    need_gzip = gzip_pattern and b'gzip' in gzip_pattern.group()
+    need_unzip = gzip_pattern and b'gzip' in gzip_pattern.group()
     if chunked_pattern and b'chunked' in chunked_pattern.group():
-        body = parse_chunked_body(body, need_un_gzip=need_gzip,session_id=session_id)
-    elif need_gzip:
+        body = parse_chunked_body(body, need_un_gzip=need_unzip, session_id=session_id, skey=skey)
+    elif need_unzip:
         try:
             body = gzip.decompress(body)
-        except:
-            print(f"解压失败:{session_id}")
-            pass
-    result_body_str = filter_visible_chars(body)
-    return filter_visible_chars(header), result_body_str
+        except Exception as e:
+            traceback.print_exc()
+            print(f"解压失败:{skey} {session_id}")
+            body = b''
+    return filter_visible_chars(header), filter_visible_chars(body)
 def reassemble_session_pcap(reassemble_tcp_res, skey, session_id='none'):
-    my_map = None  # 初始化为 None
+    my_map = None
     packet_list = []
     for packet in reassemble_tcp_res:
-        header, body = parse_body(packet['data'], session_id=session_id)
-        # 如果当前数据包是请求
+        header, body = parse_body(packet['data'], skey=skey, session_id=session_id)
         if packet['key'] == skey:
-            # 如果 my_map 已经存在（即已经有一个未完成的请求-响应对），先将其添加到 packet_list
             if my_map is not None:
                 packet_list.append(copy.deepcopy(my_map))
-            # 初始化一个新的 my_map，并填充请求数据
             my_map = {
                 'key': packet['key'],
                 'req_header': header,
@@ -320,19 +317,14 @@ def reassemble_session_pcap(reassemble_tcp_res, skey, session_id='none'):
                 'res_time': 0,
                 'res_size': 0,
             }
-        # 如果当前数据包是响应
         else:
-            # 如果 my_map 存在（即已经有一个请求），则填充响应数据
             if my_map is not None:
                 my_map['res_header'] = header
                 my_map['res_body'] = body
                 my_map['res_time'] = packet['ts']
                 my_map['res_size'] = len(packet['data'])
-                # 将完整的请求-响应对添加到 packet_list
                 packet_list.append(copy.deepcopy(my_map))
-                my_map = None  # 重置 my_map
-    # 如果最后一个 my_map 未完成（只有请求没有响应），也将其添加到 packet_list
+                my_map = None
     if my_map is not None:
         packet_list.append(copy.deepcopy(my_map))
     return packet_list
@@ -411,8 +403,6 @@ def reassemble_tcp_pcap(p):
         return a_ack - (b_seq + len(b_data) - 1)
     packets2.sort(key=cmp_to_key(compare_packets))
-    # del packets[num_packets:]
-    # Now divide up conversation
     clientSeq = 0
     hostSeq = 0
     previous = 0

{xbase_util-0.9.0 → xbase_util-0.9.2}/xbase_util/test.py RENAMED Viewed

@@ -4,6 +4,6 @@ from xbase_util.pcap_util import reassemble_tcp_pcap, reassemble_session_pcap
 if __name__ == '__main__':
     packets_scapy = reassemble_tcp_pcap(rdpcap("test.pcap"))
-    skey = '10.28.7.13:52631'
-    all_packets = reassemble_session_pcap(packets_scapy, skey=skey,session_id='enn')
+    skey = '10.28.7.6:53867'
+    all_packets = reassemble_session_pcap(packets_scapy, skey=skey,session_id='emmmmm')
     print(all_packets)

{xbase_util-0.9.0 → xbase_util-0.9.2}/xbase_util.egg-info/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: xbase-util
-Version: 0.9.0
+Version: 0.9.2
 Summary: 网络安全基础工具
 Home-page: https://gitee.com/jimonik/xbase_util.git
 Author: xyt

{xbase_util-0.9.0 → xbase_util-0.9.2}/README.md RENAMED Viewed

File without changes

{xbase_util-0.9.0 → xbase_util-0.9.2}/setup.cfg RENAMED Viewed

File without changes

{xbase_util-0.9.0 → xbase_util-0.9.2}/xbase_util/__init__.py RENAMED Viewed

File without changes

{xbase_util-0.9.0 → xbase_util-0.9.2}/xbase_util/add_column_util.py RENAMED Viewed

File without changes

{xbase_util-0.9.0 → xbase_util-0.9.2}/xbase_util/dangerous_util.py RENAMED Viewed

File without changes

{xbase_util-0.9.0 → xbase_util-0.9.2}/xbase_util/db/__init__.py RENAMED Viewed

File without changes

{xbase_util-0.9.0 → xbase_util-0.9.2}/xbase_util/db/bean/ConfigBean.py RENAMED Viewed

File without changes

{xbase_util-0.9.0 → xbase_util-0.9.2}/xbase_util/db/bean/CurrentConfigBean.py RENAMED Viewed

File without changes

{xbase_util-0.9.0 → xbase_util-0.9.2}/xbase_util/db/bean/FlowBean.py RENAMED Viewed

File without changes

{xbase_util-0.9.0 → xbase_util-0.9.2}/xbase_util/db/bean/TaskTemplateBean.py RENAMED Viewed

File without changes

{xbase_util-0.9.0 → xbase_util-0.9.2}/xbase_util/db/bean/__init__.py RENAMED Viewed

File without changes

{xbase_util-0.9.0 → xbase_util-0.9.2}/xbase_util/db/dao/ConfigDao.py RENAMED Viewed

File without changes

{xbase_util-0.9.0 → xbase_util-0.9.2}/xbase_util/db/dao/CurrentConfigDao.py RENAMED Viewed

File without changes

{xbase_util-0.9.0 → xbase_util-0.9.2}/xbase_util/db/dao/FlowDao.py RENAMED Viewed

File without changes

{xbase_util-0.9.0 → xbase_util-0.9.2}/xbase_util/db/dao/TaskTemplateDao.py RENAMED Viewed

File without changes

{xbase_util-0.9.0 → xbase_util-0.9.2}/xbase_util/db/dao/__init__.py RENAMED Viewed

File without changes

{xbase_util-0.9.0 → xbase_util-0.9.2}/xbase_util/db/initsqlite3.py RENAMED Viewed

File without changes

{xbase_util-0.9.0 → xbase_util-0.9.2}/xbase_util/es_db_util.py RENAMED Viewed

File without changes

{xbase_util-0.9.0 → xbase_util-0.9.2}/xbase_util/esreq.py RENAMED Viewed

File without changes

{xbase_util-0.9.0 → xbase_util-0.9.2}/xbase_util/geo_util.py RENAMED Viewed

File without changes

{xbase_util-0.9.0 → xbase_util-0.9.2}/xbase_util/handle_features_util.py RENAMED Viewed

File without changes

{xbase_util-0.9.0 → xbase_util-0.9.2}/xbase_util/packet_util.py RENAMED Viewed

File without changes

{xbase_util-0.9.0 → xbase_util-0.9.2}/xbase_util/xbase_constant.py RENAMED Viewed

File without changes

{xbase_util-0.9.0 → xbase_util-0.9.2}/xbase_util.egg-info/SOURCES.txt RENAMED Viewed

File without changes

{xbase_util-0.9.0 → xbase_util-0.9.2}/xbase_util.egg-info/dependency_links.txt RENAMED Viewed

File without changes

{xbase_util-0.9.0 → xbase_util-0.9.2}/xbase_util.egg-info/not-zip-safe RENAMED Viewed

File without changes

{xbase_util-0.9.0 → xbase_util-0.9.2}/xbase_util.egg-info/top_level.txt RENAMED Viewed

File without changes

{xbase_util-0.9.0 → xbase_util-0.9.2}/xbase_util_assets/GeoLite2-City.mmdb RENAMED Viewed

File without changes

{xbase_util-0.9.0 → xbase_util-0.9.2}/xbase_util_assets/arkimeparse.js RENAMED Viewed

File without changes

xbase-util 0.9.0__tar.gz → 0.9.2__tar.gz

xbase-util 0.9.0tar.gz → 0.9.2tar.gz