breeder ++
This commit is contained in:
parent
093d50da51
commit
9e122addfb
4 changed files with 80 additions and 19 deletions
30
Breeder.cpp
30
Breeder.cpp
|
|
@ -30,8 +30,6 @@
|
|||
#include <string>
|
||||
#include <vector>
|
||||
#include <boost/regex.hpp>
|
||||
#include <boost/algorithm/string/split.hpp>
|
||||
#include <boost/algorithm/string/classification.hpp>
|
||||
#include <boost/property_tree/ptree.hpp>
|
||||
#include <boost/program_options.hpp>
|
||||
#include "./libraries/libBreeder.h"
|
||||
|
|
@ -86,11 +84,9 @@ int main ( int argc, char **argv ) {
|
|||
boost::property_tree::ptree config = breederConfig::load();
|
||||
|
||||
vector< string > pselect = vm["filters"].as< vector< string > >();
|
||||
vector< string > pavailable;
|
||||
string temp = config.get< string >("global.protocols");
|
||||
boost::algorithm::split ( pavailable, temp, boost::algorithm::is_any_of ( " " ) );
|
||||
vector< string > pavailable = breederConfig::getProtocolsAvailable( config );
|
||||
|
||||
list< string > filters = breederConfig::protocolsValidation( pselect, pavailable );
|
||||
list< string > filters = breederTools::protocolsValidation( pselect, pavailable );
|
||||
|
||||
if ( filters.empty() ) {
|
||||
std::cerr<<"ERROR >> You have not selected any protocol!"<<std::endl;
|
||||
|
|
@ -109,23 +105,29 @@ int main ( int argc, char **argv ) {
|
|||
a_flux = libDump::decodeHexText ( flow->getFirstCharStream() );
|
||||
b_flux = libDump::decodeHexText ( flow->getSecondCharStream() );
|
||||
|
||||
bool ok = false;
|
||||
|
||||
for (list< string >::iterator it = filters.begin(); it != filters.end(); ++it) {
|
||||
|
||||
string regexp = config.get< string >( *it + ".regexp" );
|
||||
int score = 0;
|
||||
|
||||
string regexp = config.get< string >( *it + ".regexp_content" );
|
||||
|
||||
boost::regex pattern (regexp, boost::regex_constants::icase|boost::regex_constants::perl);
|
||||
|
||||
if(boost::regex_search (a_flux, pattern, boost::regex_constants::format_perl) || boost::regex_search (b_flux, pattern, boost::regex_constants::format_perl)) {
|
||||
ok = true;
|
||||
score += config.get< int >( *it + ".regexp_score" );
|
||||
}
|
||||
|
||||
vector< int > ports = breederConfig::getPortsAvailable( config, *it );
|
||||
|
||||
if(breederTools::portsValidation( flow->getFirstPort(), ports ) || breederTools::portsValidation( flow->getSecondPort(), ports ) ) {
|
||||
score += config.get< int >( *it + ".ports_score" );
|
||||
}
|
||||
|
||||
if( score >= config.get< int >( "global.threshold" ) ) {
|
||||
cout << flow->exportFlow() << endl;
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
if(ok) {
|
||||
cout << flow->exportFlow() << endl;
|
||||
}
|
||||
|
||||
delete flow;
|
||||
|
|
|
|||
|
|
@ -84,10 +84,14 @@ void libNetwork::stream::factory ( std::string newflow ) {
|
|||
|
||||
timeEpoch = boost::lexical_cast<uint64_t> ( section[0] );
|
||||
timeMillis = boost::lexical_cast<uint64_t> ( section[1] );
|
||||
|
||||
// TODO URGENTE
|
||||
|
||||
/* macAddress[0] = new libNetwork::mac_address ( section[2] );
|
||||
macAddress[1] = new libNetwork::mac_address ( section[3] );
|
||||
ipAddress[0] = ;
|
||||
ipAddress[1] = ; */
|
||||
|
||||
port[0] = boost::lexical_cast<uint16_t> ( section[6] );
|
||||
port[1] = boost::lexical_cast<uint16_t> ( section[7] );
|
||||
charStream[0] = section[8];
|
||||
|
|
|
|||
|
|
@ -32,6 +32,9 @@
|
|||
#include <fstream>
|
||||
#include <boost/property_tree/ptree.hpp>
|
||||
#include <boost/property_tree/ini_parser.hpp>
|
||||
#include <boost/algorithm/string/split.hpp>
|
||||
#include <boost/algorithm/string/classification.hpp>
|
||||
#include <boost/lexical_cast.hpp>
|
||||
|
||||
#include "libBreeder.h"
|
||||
|
||||
|
|
@ -49,9 +52,13 @@ void breederConfig::init()
|
|||
);
|
||||
|
||||
boost::property_tree::ptree http;
|
||||
http.put( "description", "..." );
|
||||
http.put( "regexp", "HTTP/[0-9]\\.[0-9]" );
|
||||
http.put( "ports", "80 8080" );
|
||||
http.put( "description", "The Hypertext Transfer Protocol (HTTP) is an application protocol for distributed, collaborative, hypermedia information systems. HTTP is the foundation of data communication for the World Wide Web." );
|
||||
http.put( "regexp_content", "HTTP/[0-9]\\.[0-9]" );
|
||||
http.put( "regexp_score", "80" );
|
||||
http.put( "ports_content", "80 8080" );
|
||||
http.put( "ports_score", "20" );
|
||||
|
||||
// TODO Aggiungi protocolli.
|
||||
|
||||
root.push_back(
|
||||
boost::property_tree::ptree::value_type( "http", http )
|
||||
|
|
@ -79,7 +86,30 @@ bool breederConfig::fexists()
|
|||
|
||||
}
|
||||
|
||||
std::list< std::string > breederConfig::protocolsValidation(std::vector< std::string > select, std::vector< std::string > available)
|
||||
std::vector< std::string > breederConfig::getProtocolsAvailable(boost::property_tree::ptree config)
|
||||
{
|
||||
std::vector< std::string > pavailable;
|
||||
std::string temp = config.get< std::string >("global.protocols");
|
||||
boost::algorithm::split ( pavailable, temp, boost::algorithm::is_any_of ( " " ) );
|
||||
return pavailable;
|
||||
}
|
||||
|
||||
std::vector< int > breederConfig::getPortsAvailable(boost::property_tree::ptree config, std::string filter)
|
||||
{
|
||||
std::string temp = config.get< std::string >(filter+".ports_content");
|
||||
std::vector< std::string > sports;
|
||||
boost::algorithm::split ( sports, temp, boost::algorithm::is_any_of ( " " ) );
|
||||
std::vector< int > ports( sports.size() );
|
||||
|
||||
for(int i = 0; i < sports.size(); i++) {
|
||||
ports[i] = boost::lexical_cast<int> ( sports[i] );
|
||||
}
|
||||
|
||||
return ports;
|
||||
|
||||
}
|
||||
|
||||
std::list< std::string > breederTools::protocolsValidation(std::vector< std::string > select, std::vector< std::string > available)
|
||||
{
|
||||
|
||||
std::list< std::string > out;
|
||||
|
|
@ -101,3 +131,19 @@ std::list< std::string > breederConfig::protocolsValidation(std::vector< std::st
|
|||
|
||||
}
|
||||
|
||||
bool breederTools::portsValidation(int select, std::vector< int > available)
|
||||
{
|
||||
|
||||
for (std::vector< int >::iterator it = available.begin(); it != available.end(); ++it) {
|
||||
|
||||
if(*it == select) {
|
||||
|
||||
return true;
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
return false;
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -29,7 +29,7 @@
|
|||
#ifndef LIBBREEDER_H
|
||||
#define LIBBREEDER_H
|
||||
|
||||
#define FILECONFIG "breeder.conf"
|
||||
#define FILECONFIG "/tmp/breeder.conf"
|
||||
|
||||
#include <string>
|
||||
#include <list>
|
||||
|
|
@ -41,7 +41,16 @@ namespace breederConfig {
|
|||
void init();
|
||||
boost::property_tree::ptree load();
|
||||
bool fexists();
|
||||
|
||||
std::vector< std::string > getProtocolsAvailable(boost::property_tree::ptree config);
|
||||
std::vector< int > getPortsAvailable(boost::property_tree::ptree config, std::string filter);
|
||||
|
||||
}
|
||||
|
||||
namespace breederTools {
|
||||
|
||||
std::list<std::string> protocolsValidation(std::vector<std::string> select, std::vector<std::string> available);
|
||||
bool portsValidation(int select, std::vector< int > available);
|
||||
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue