andreabont/Project-Riddle
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

breeder ++

Browse source
This commit is contained in:
Andrea Bontempi 2012-06-15 12:37:20 +02:00
commit 9020807749
11 changed files with 161 additions and 132 deletions
Download patch file Download diff file Expand all files Collapse all files

18
Breeder.cpp
View file

@ -32,6 +32,8 @@
#include <boost/regex.hpp>
#include <boost/program_options.hpp>
#include "./commons/classPacket.h"
#include "./commons/classFlow.h"
#include "./commons/libDump.h"
using namespace std;
using namespace boost::program_options;
@ -66,11 +68,23 @@ int main ( int argc, char **argv ) {
while ( 1 ) {
try {
string r_flux;
string r_flux, a_flux, b_flux;
getline ( cin,r_flux );
if ( cin.eof() ) break;
// TODO
stream * flow = new stream();
flow->factory ( r_flux );
a_flux = libDump::decodeHexText ( flow->getFirstCharStream() );
b_flux = libDump::decodeHexText ( flow->getSecondCharStream() );
//boost::regex reg ("HTTP.*", boost::regex_constants::icase, boost::regex_constants::perl);
// if(boost::regex_search(a_flux, reg, boost::regex_constants::format_perl) || boost::regex_search(b_flux, reg, boost::regex_constants::format_perl)) {
cout << flow->exportFlow() << endl;
// }
delete flow;
} catch ( packet::Overflow ) {
std::cerr<<"Overflow! :-P"<<std::endl;

6
CMakeLists.txt
View file

@ -30,7 +30,7 @@ find_package(Curses)
target_link_libraries(riddle ${Boost_LIBRARIES})
target_link_libraries(riddle ${LIBPCAP})
target_link_libraries(cigarette libDump)
target_link_libraries(riddle libDump)
target_link_libraries(cigarette ${Boost_LIBRARIES})
target_link_libraries(cigarette ${CMAKE_THREAD_LIBS_INIT})
@ -45,7 +45,9 @@ target_link_libraries(ranging libNetwork)
target_link_libraries(pursuer ${Boost_LIBRARIES})
target_link_libraries(pursuer ${CMAKE_THREAD_LIBS_INIT})
target_link_libraries(pursuer libNetwork)
target_link_libraries(pursuer libDump)
target_link_libraries(breeder ${Boost_LIBRARIES})
target_link_libraries(breeder ${CMAKE_THREAD_LIBS_INIT})
target_link_libraries(breeder libNetwork)
target_link_libraries(breeder libNetwork)
target_link_libraries(breeder libDump)

28
commons/classFlow.cpp
View file

@ -87,8 +87,8 @@ void libNetwork::stream::factory ( std::string newflow ) {
ipAddress[1] = ; */
port[0] = boost::lexical_cast<uint16_t> ( section[6] );
port[1] = boost::lexical_cast<uint16_t> ( section[7] );
flow[0] = section[8];
flow[1] = section[9];
charStream[0] = section[8];
charStream[1] = section[9];
}
@ -116,7 +116,7 @@ bool libNetwork::stream::addPacket ( libNetwork::TCPv4packet *newPacket ) {
if ( newPacket->isACK() ) { // Se c'è ACK setto il flag sul pacchetto corrispondente, se c'è.
for ( std::list<libNetwork::TCPv4packet*>::iterator it = buffer[a].begin(); it != buffer[a].end(); it++ ) {
for ( std::list<libNetwork::TCPv4packet*>::iterator it = packetBuffer[a].begin(); it != packetBuffer[a].end(); it++ ) {
if ( ( *it )->getSequenceNumber() == newPacket->getAcknowledgmentNumber() - ( ( *it )->getPayLoad().size() /2 ) ) {
( *it )->public_flag = true;
@ -127,7 +127,7 @@ bool libNetwork::stream::addPacket ( libNetwork::TCPv4packet *newPacket ) {
}
if ( newPacket->getPayLoad().size() != 0 ) { // Salvo il pacchetto solo se ha del payload.
buffer[b].push_back ( newPacket );
packetBuffer[b].push_back ( newPacket );
}
return true;
@ -144,12 +144,12 @@ void libNetwork::stream::flushBuffer ( int number ) {
isFound = false;
for ( std::list<libNetwork::TCPv4packet*>::iterator it = buffer[number].begin(); it != buffer[number].end(); it++ ) {
for ( std::list<libNetwork::TCPv4packet*>::iterator it = packetBuffer[number].begin(); it != packetBuffer[number].end(); it++ ) {
if ( sequenceNumber[number] + 1 == ( *it )->getSequenceNumber() && ( *it )->public_flag ) {
std::string payload = ( *it )->getPayLoad();
flow[number] += payload;
charStream[number] += payload;
sequenceNumber[number] += payload.size() /2; // unsigned, si azzera come avviene nel tcp.
buffer[number].remove ( *it );
packetBuffer[number].remove ( *it );
isFound = true;
break;
}
@ -174,7 +174,7 @@ std::string libNetwork::stream::exportFlow() {
stdstring << macAddress[0].to_string() << "!" << macAddress[1].to_string() << "!";
stdstring << ipAddress[0].to_string() << "!" << ipAddress[1].to_string() << "!";
stdstring << port[0] << "!" << port[1] << "!";
stdstring << flow[0] << "!" << flow[1];
stdstring << charStream[0] << "!" << charStream[1];
return stdstring.str();;
}
@ -184,7 +184,7 @@ uint64_t libNetwork::stream::getBufferLength() {
for ( int i = 0; i <= 1; i++ ) {
for ( std::list<libNetwork::TCPv4packet*>::iterator it = buffer[i].begin(); it != buffer[i].end(); it++ ) {
for ( std::list<libNetwork::TCPv4packet*>::iterator it = packetBuffer[i].begin(); it != packetBuffer[i].end(); it++ ) {
bufferlenght += ( *it )->getPayloadLength();
@ -196,7 +196,7 @@ uint64_t libNetwork::stream::getBufferLength() {
}
uint64_t libNetwork::stream::getFlowLength() {
return ( flow[0].length() + flow[1].length() ) /2;
return ( charStream[0].length() + charStream[1].length() ) /2;
}
uint64_t libNetwork::stream::getTimeEpoch() {
@ -243,10 +243,10 @@ bool libNetwork::stream::isFIN() {
return flagFirstFIN && flagSecondFIN;
}
std::string libNetwork::stream::getFirstBuffer() {
return flow[0];
std::string libNetwork::stream::getFirstCharStream() {
return charStream[0];
}
std::string libNetwork::stream::getSecondBuffer() {
return flow[1];
std::string libNetwork::stream::getSecondCharStream() {
return charStream[1];
}

32
commons/classFlow.h
View file

@ -53,27 +53,49 @@ namespace libNetwork {
boost::asio::ip::address ipAddress[2];
uint16_t port[2];
std::list<libNetwork::TCPv4packet*> buffer[2];
std::list<libNetwork::TCPv4packet*> packetBuffer[2];
uint32_t sequenceNumber[2];
std::string flow[2];
std::string charStream[2];
void flushBuffer ( int number );
public:
/** Initialize flow with the first packet of the TCP handshake (SYN) */
bool factory ( libNetwork::TCPv4packet *packet );
/** Initialize flow with string (classFlow protocol) */
void factory ( std::string flow );
/** Put new packet in the flow */
bool addPacket ( libNetwork::TCPv4packet *newPacket );
/**
* Read the first packet buffer and save the payload in the first char stream.
* Stop if the flow is interrupted.
*/
void flushFirstBuffer();
std::string getFirstBuffer();
/**
* Read the second packet buffer and save the payload in the second char stream.
* Stop if the flow is interrupted.
*/
void flushSecondBuffer();
std::string getSecondBuffer();
/**
* Return the first char stream.
*/
std::string getFirstCharStream();
/**
* Return the second char stream.
*/
std::string getSecondCharStream();
/** return epoch */
uint64_t getTimeEpoch();
/** return milliseconds after epoch */
uint32_t getTimeMillis();
libNetwork::mac_address getFirstMacAddress();
libNetwork::mac_address getSecondMacAddress();

18
commons/libDump.cpp
View file

@ -35,6 +35,7 @@
#include <stdint.h>
#include "libDump.h"
std::string libDump::classicDump ( std::string input ) {
std::stringstream out;
@ -104,3 +105,20 @@ std::string libDump::classicDump ( std::string input ) {
return out.str();
}
std::string libDump::decodeHexText ( std::string raw ) {
std::string text;
for ( int i = 0; i <= raw.size(); i += 2 ) {
std::string comp;
comp += ( char ) raw[i];
comp += ( char ) raw[i+1];
std::stringstream convert ( comp );
int temp;
convert >> std::hex >> temp;
text += ( char ) temp;
}
return text;
}

122
commons/libDump.cpp~
View file

@ -35,87 +35,93 @@
#include <stdint.h>
#include "libDump.h"
std::string libDump::classicDump(std::string input)
{
namespace libDump {
std::stringstream out;
int stringlen = input.length();
int stringtodo = input.length();
std::string libDump::classicDump ( std::string input ) {
for(uint16_t address = 0; address < stringlen; address += LINE*2)
{
out << "0x" << std::setfill('0') << std::setw(5) << std::hex << address/2 << " | ";
std::stringstream out;
int stringlen = input.length();
int stringtodo = input.length();
for(int i = 0; i < LINE*2; i+=2)
{
for ( uint16_t address = 0; address < stringlen; address += LINE*2 ) {
out << "0x" << std::setfill ( '0' ) << std::setw ( 5 ) << std::hex << address/2 << " | ";
if(i < stringtodo)
{
for ( int i = 0; i < LINE*2; i+=2 ) {
out << std::hex << input[address + i];
out << std::hex << input [address + i + 1] << " ";
if ( i < stringtodo ) {
}
else
{
out << std::hex << input[address + i];
out << std::hex << input [address + i + 1] << " ";
out << " ";
} else {
}
out << " ";
if(i == LINE-2)
{
out << " ";
}
}
out << "| ";
for(int i = 0; i < LINE*2; i+=2)
{
if(i < stringtodo)
{
std::string comp;
comp += (char)input[address + i];
comp += (char)input[address + i + 1];
std::stringstream convert(comp);
int temp;
convert >> std::hex >> temp;
if((temp>32)&&(temp<128))
{
out << (char)temp;
}
else
{
out << ".";
if ( i == LINE-2 ) {
out << " ";
}
}
else
{
out << " ";
out << "| ";
for ( int i = 0; i < LINE*2; i+=2 ) {
if ( i < stringtodo ) {
std::string comp;
comp += ( char ) input[address + i];
comp += ( char ) input[address + i + 1];
std::stringstream convert ( comp );
int temp;
convert >> std::hex >> temp;
if ( ( temp>32 ) && ( temp<128 ) ) {
out << ( char ) temp;
} else {
out << ".";
}
} else {
out << " ";
}
if ( i == LINE-2 ) {
out << " ";
}
}
if(i == LINE-2)
{
out << " ";
}
out << std::endl;
stringtodo = stringtodo - LINE*2;
}
out << std::endl;
return out.str();
}
stringtodo = stringtodo - LINE*2;
std::string decodeHexText ( std::string raw ) {
std::string text;
for ( int i = 0; i <= raw.size(); i += 2 ) {
std::string comp;
comp += ( char ) raw[i];
comp += ( char ) raw[i+1];
std::stringstream convert ( comp );
int temp;
convert >> std::hex >> temp;
text += ( char ) temp;
}
return text;
}
return out.str();
}

1
commons/libDump.h
View file

@ -36,6 +36,7 @@
namespace libDump {
std::string classicDump ( std::string input );
std::string decodeHexText ( std::string raw );
}

17
commons/libDump.h~
View file

@ -1,13 +1,13 @@
/**
* - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * -
*
*
* Name : Project Riddle
* Author : Andrea Bontempi
* Version : 0.1 aplha
* Description : Modular Network Sniffer
*
*
* - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * -
*
*
* This file is part of the project Riddle.
*
* The project Riddle is free software: you can redistribute it and/or modify
@ -22,7 +22,7 @@
*
* You should have received a copy of the GNU General Public License
* along with this project. If not, see <http://www.gnu.org/licenses/>.
*
*
* - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * - * -
*/
@ -34,9 +34,10 @@
#include <sstream>
namespace libDump {
std::string classicDump(std::string input);
std::string classicDump ( std::string input );
std::string decodeHexText ( std::string raw );
}
#endif //LIBDUMP_H
#endif //LIBDUMP_H

25
libraries/libPursuer.cpp
View file

@ -37,26 +37,9 @@
#include "../commons/classPacket.h"
#include "../commons/classMacAddress.h"
#include "../commons/classFlow.h"
#include "../commons/libDump.h"
#include "libPursuer.h"
std::string decodeHexText ( std::string raw ) {
std::string text;
for ( int i = 0; i <= raw.size(); i += 2 ) {
std::string comp;
comp += ( char ) raw[i];
comp += ( char ) raw[i+1];
std::stringstream convert ( comp );
int temp;
convert >> std::hex >> temp;
text += ( char ) temp;
}
return text;
}
void writeout ( libNetwork::stream* stream, bool tofile ) {
if ( tofile ) {
std::stringstream filename;
@ -71,7 +54,7 @@ void writeout ( libNetwork::stream* stream, bool tofile ) {
myfile.close();
}
} else {
std::cout << exportFormattedRawFlow ( stream ) << std::endl;
std::cout << stream->exportFlow() << std::endl;
}
}
@ -83,8 +66,8 @@ std::string exportFormattedRawFlow ( libNetwork::stream* stream ) {
std::stringstream stdstring;
stdstring << ">> Two-way flow between " << stream->getFirstIpAddress().to_string() << ":" << first_port << " and " << stream->getSecondIpAddress().to_string() << ":" << second_port << std::endl;
stdstring << ">> " << stream->getFirstIpAddress().to_string() << ":" << first_port << " -> " << stream->getSecondIpAddress().to_string() << ":" << second_port << std::endl;
stdstring << decodeHexText ( stream->getFirstBuffer() ) << std::endl;
stdstring << libDump::decodeHexText ( stream->getFirstCharStream() ) << std::endl;
stdstring << ">> " << stream->getSecondIpAddress().to_string() << ":" << second_port << " -> " << stream->getFirstIpAddress().to_string() << ":" << first_port << std::endl;
stdstring << decodeHexText ( stream->getSecondBuffer() ) << std::endl;
stdstring << libDump::decodeHexText ( stream->getSecondCharStream() ) << std::endl;
return stdstring.str();
}

25
libraries/libPursuer.cpp~
View file

@ -37,26 +37,9 @@
#include "../commons/classPacket.h"
#include "../commons/classMacAddress.h"
#include "../commons/classFlow.h"
#include "./commons/libDump.h"
#include "libPursuer.h"
std::string decodeHexText ( std::string raw ) {
std::string text;
for ( int i = 0; i <= raw.size(); i += 2 ) {
std::string comp;
comp += ( char ) raw[i];
comp += ( char ) raw[i+1];
std::stringstream convert ( comp );
int temp;
convert >> std::hex >> temp;
text += ( char ) temp;
}
return text;
}
void writeout ( libNetwork::stream* stream, bool tofile ) {
if ( tofile ) {
std::stringstream filename;
@ -71,7 +54,7 @@ void writeout ( libNetwork::stream* stream, bool tofile ) {
myfile.close();
}
} else {
std::cout << exportFormattedRawFlow ( stream ) << std::endl;
std::cout << stream->exportFlow() << std::endl;
}
}
@ -83,8 +66,8 @@ std::string exportFormattedRawFlow ( libNetwork::stream* stream ) {
std::stringstream stdstring;
stdstring << ">> Two-way flow between " << stream->getFirstIpAddress().to_string() << ":" << first_port << " and " << stream->getSecondIpAddress().to_string() << ":" << second_port << std::endl;
stdstring << ">> " << stream->getFirstIpAddress().to_string() << ":" << first_port << " -> " << stream->getSecondIpAddress().to_string() << ":" << second_port << std::endl;
stdstring << decodeHexText ( stream->getFirstPort() ) << std::endl;
stdstring << libDump::decodeHexText ( stream->getFirstCharStream() ) << std::endl;
stdstring << ">> " << stream->getSecondIpAddress().to_string() << ":" << second_port << " -> " << stream->getFirstIpAddress().to_string() << ":" << first_port << std::endl;
stdstring << decodeHexText ( stream->getSecondPort() ) << std::endl;
stdstring << libDump::decodeHexText ( stream->getSecondCharStream() ) << std::endl;
return stdstring.str();
}

1
libraries/libPursuer.h
View file

@ -35,7 +35,6 @@
#include "../commons/classPacket.h"
#include "../commons/classFlow.h"
std::string decodeHexText ( std::string raw );
void writeout ( libNetwork::stream* stream, bool tofile );
std::string exportFormattedRawFlow ( libNetwork::stream* stream );