-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathmain.py
136 lines (106 loc) · 3.71 KB
/
main.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
import argparse
import os
from scapy.all import *
from binascii import *
from modules.filters import analyze_udp as udp, analyze_tcp as tcp, analyze_icmp as icmp, analyze_arp as arp, \
analyze_all as all
from util import consts
PCAP_FILE_NAME = "trace-2.pcap"
PCAP_FILE_PATH = ".\packets\\" + PCAP_FILE_NAME
def main():
"""
main function which is called when program is started
this function takes an argument -p as protocol to indicate which protocol should be analyzed from a pcap file
if no argument is given it analyzes all packets
"""
parser = argparse.ArgumentParser()
parser.add_argument(
"-p",
type=str,
help="Specifies protocol to be parsed",
)
parser.add_argument(
"-f",
type=str,
help="Name of pcap file to be analyzed. If it is not given program analyzes const file defined above"
)
args = parser.parse_args()
if args.f is not None:
global PCAP_FILE_NAME
PCAP_FILE_NAME = args.f
global PCAP_FILE_PATH
PCAP_FILE_PATH = ".\packets\\" + PCAP_FILE_NAME
if PCAP_FILE_NAME[-5:] != ".pcap":
print("Incorrect file type")
print("File need to be a .pcap type")
return
if not os.path.exists(PCAP_FILE_PATH):
print("{} is not in .\\packets".format(PCAP_FILE_NAME))
print("Please add file to directory")
return
if args.p is not None:
if args.p.upper() in consts.CORRECT_PROTOCOLS:
if args.p.upper() == "ICMP":
analyze_icmp()
elif args.p.upper() == "ARP":
analyze_arp()
elif args.p.upper() == "TFTP":
analyze_udp()
else:
analyze_tcp(args.p.upper())
else:
print("{} is a incorrect protocol".format(args.p.upper()))
else:
analyze_all()
def analyze_arp() -> None:
"""
function that is called when parameter for protocol was ARP
starts the analyzation of packet communication with arp protocol
"""
raw_packets = rdpcap(PCAP_FILE_PATH)
packets = []
for packet in raw_packets:
packets.append(hexlify(raw(packet)).decode())
arp.AnalyzeArp(packets, PCAP_FILE_NAME)
def analyze_icmp() -> None:
"""
function that is called when paramater -p was icmp and it starts
the analyzation of communication between packets with icmp protocol
"""
raw_packets = rdpcap(PCAP_FILE_PATH)
packets = []
for packet in raw_packets:
packets.append(hexlify(raw(packet)).decode())
icmp.AnalyzeIcmp(packets, PCAP_FILE_NAME)
def analyze_udp() -> None:
"""
function which is called when parameter -p was tftp
it starts the analyzation of tftp packets and their communications
"""
raw_packets = rdpcap(PCAP_FILE_PATH)
packets = []
for packet in raw_packets:
packets.append(hexlify(raw(packet)).decode())
udp.AnalyzeUdp(packets, PCAP_FILE_NAME)
def analyze_all() -> None:
"""
function which is called when paramter -p was not given
it starts the analyzation of all packets
"""
raw_packets = rdpcap(PCAP_FILE_PATH)
packets = []
for packet in raw_packets:
packets.append(hexlify(raw(packet)).decode())
all.AnalyzeAll(packets, PCAP_FILE_NAME)
def analyze_tcp(protocol: str) -> None:
"""
function which is called when parameter -p had an tcp protocol
it starts the analyzation of given tcp protocol and its communications
"""
raw_packets = rdpcap(PCAP_FILE_PATH)
packets = []
for packet in raw_packets:
packets.append(hexlify(raw(packet)).decode())
tcp.AnalyzeTcp(packets, PCAP_FILE_NAME, protocol)
if __name__ == '__main__':
main()