Skip to content

Commit

Permalink
Merge pull request #51 from Srinivas11789/2_9
Browse files Browse the repository at this point in the history
PcapXray v2.9
Srinivas11789 authored Aug 15, 2019
2 parents 2161276 + 066e3b3 commit 204e37d
Showing 8 changed files with 88 additions and 14 deletions.
25 changes: 19 additions & 6 deletions Dockerfile
100644 → 100755
Original file line number Diff line number Diff line change
@@ -7,24 +7,37 @@ FROM ubuntu:latest
MAINTAINER Srinivas Piskala Ganesh Babu "spg349@nyu.edu"

# Apt update and install - nginx and git
#RUN apt-get update && apt-get upgrade -y
RUN apt-get update
ENV DEBIAN_FRONTEND=noninteractive
RUN apt-get install -y graphviz
RUN apt-get install -y python-tk
RUN apt-get install -y python-pip
RUN apt-get install -y python3-tk
RUN apt-get install -y python3-pip
RUN apt-get install -y python3-pil
RUN apt-get install -y python3-pil.imagetk
RUN apt-get install -y nginx
RUN apt-get install -y git-core
RUN apt-get install -y sudo
RUN apt-get install -y libx11-dev

# Fetching the latest source code from the github repo of devOps
RUN apt-get install -y libnss3
RUN apt-get install -y libx11-xcb1
RUN apt-get update && \
apt-get install -yq --no-install-recommends \
libasound2 libatk1.0-0 libc6 libcairo2 libcups2 libdbus-1-3 \
libexpat1 libfontconfig1 libgcc1 libgconf-2-4 libgdk-pixbuf2.0-0 libglib2.0-0 libgtk-3-0 libnspr4 \
libpango-1.0-0 libpangocairo-1.0-0 libstdc++6 libx11-6 libx11-xcb1 libxcb1 \
libxcursor1 libxdamage1 libxext6 libxfixes3 libxi6 libxrandr2 libxrender1 libxss1 libxtst6 \
libnss3
RUN apt-get install -y libgtk2.0-0

# Fetching the latest source code from the github repo of pcapxray
RUN git clone https://github.com/srinivas11789/PcapXray

### Master branch changes - srinivas11789/pcapxray
RUN pip install -r PcapXray/requirements.txt
RUN pip3 install --upgrade -r PcapXray/requirements.txt

WORKDIR PcapXray/Source
CMD python main.py
CMD python3 main.py

### Develop/Beta branch changes - srinivas11789/pcapxray-beta
#WORKDIR PcapXray
5 changes: 5 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
@@ -50,6 +50,11 @@ python3 Source/main.py
```
( Make sure to escalate privilege to allow file creations - Run with `sudo` )

For MAC:
```
brew install graphviz
```

* Python 2

```bash
16 changes: 15 additions & 1 deletion Source/Module/communication_details_fetch.py
Original file line number Diff line number Diff line change
@@ -2,7 +2,7 @@

# Library Import
import ipwhois
from dns import reversename, resolver
#from dns import reversename, resolver
import socket
# Module Import
#import pcap_reader
@@ -26,6 +26,20 @@ def whois_info_fetch(self, ip):
except:
whois_info = "NoWhoIsInfo"
return whois_info

"""
@staticmethod
def dns_using_library(ip):
try:
reverse_query = reversename.from_address(ip)
resolve_bot = resolve.Resolver()
resolve_bot.timeout = 1
resolve_bot.lifetime = 1
dns_info = str(resolve_bot.query(reverse_query,"PTR")[0])
except:
dns_info = "NotResolvable"
return dns_info
"""

@staticmethod
def dns(ip):
28 changes: 27 additions & 1 deletion Source/Module/pcap_reader.py
Original file line number Diff line number Diff line change
@@ -10,6 +10,9 @@
import malicious_traffic_identifier
import communication_details_fetch

# Feature toggle
tls_view_feature = False

class PcapEngine():
"""
PcapEngine: To support different pcap parser backend engine to operate reading pcap
@@ -50,6 +53,17 @@ def __init__(self, pcap_file_name, pcap_parser_engine="scapy"):
except:
logging.error("Cannot import selected pcap engine: Scapy!")
sys.exit()

try:
from scapy.all import load_layer
global tls_view_feature
tls_view_feature = True
logging.info("tls view feature enabled")
except:
logging.info("tls view feature not enabled")

if tls_view_feature:
load_layer("tls")

# Scapy sessions and other types use more O(N) iterations so just
# - use rdpcap + our own iteration (create full duplex streams)
@@ -305,8 +319,20 @@ def analyse_packet_data(self):
payload = "reverse"

# Payload
global tls_view_feature
if "TCP" in packet:
memory.packet_db[source_private_ip]["Payload"][payload].append(str(packet["TCP"].payload))
if tls_view_feature:
if "TLS" in packet:
memory.packet_db[source_private_ip]["Payload"][payload].append(str(packet["TLS"].msg))
elif "SSLv2" in packet:
memory.packet_db[source_private_ip]["Payload"][payload].append(str(packet["SSLv2"].msg))
elif "SSLv3" in packet:
memory.packet_db[source_private_ip]["Payload"][payload].append(str(packet["SSLv3"].msg))
else:
memory.packet_db[source_private_ip]["Payload"][payload].append(str(packet["TCP"].payload))
else:
# TODO: clean this payload dump
memory.packet_db[source_private_ip]["Payload"][payload].append(str(packet["TCP"].payload))
payload_string = packet["TCP"].payload
elif "UDP" in packet:
memory.packet_db[source_private_ip]["Payload"][payload].append(str(packet["UDP"].payload))
5 changes: 4 additions & 1 deletion Source/Module/plot_lan_network.py
Original file line number Diff line number Diff line change
@@ -41,7 +41,10 @@ def __init__(self, filename, path, option="Tor", to_ip="All", from_ip="All"):
'fontcolor': 'black',
'color': ' black',
'style': 'filled',
'fillcolor': 'yellow'
'fillcolor': 'yellow',
'fixedsize': 'true',
'width': '3',
'height': '3'
}
}

16 changes: 13 additions & 3 deletions Source/Module/user_interface.py
Original file line number Diff line number Diff line change
@@ -63,7 +63,8 @@ def __init__(self, base):
# Browse button
#self.filename = StringVar()
ttk.Button(InitFrame, text="Browse", command=lambda: self.browse_directory("pcap")).grid(column=2, row=0, padx=10, pady=10,sticky="E")
ttk.Button(InitFrame, text="Analyze!", command=self.pcap_analyse).grid(column=3, row=0, padx=10, pady=10,sticky="E")
self.analyze_button = ttk.Button(InitFrame, text="Analyze!", command=self.pcap_analyse)
self.analyze_button.grid(column=3, row=0, padx=10, pady=10,sticky="E")
self.progressbar.grid(column=4, row=0, padx=10, pady=10, sticky="E")

# First Frame with Report Directory
@@ -88,7 +89,7 @@ def __init__(self, base):
self.engine.set('scapy')

# Zoom
self.zoom = [900,900]
self.zoom = [900,500]
ttk.Button(FirstFrame, text="zoomIn", command=self.zoom_in).grid(row=0,column=10, padx=5, sticky="E")
ttk.Button(FirstFrame, text="zoomOut", command=self.zoom_out).grid(row=0,column=19,padx=10, sticky="E")

@@ -191,6 +192,7 @@ def pcap_analyse(self):
self.ibutton['state'] = 'disabled'
self.to_menu['state'] = 'disabled'
self.from_menu['state'] = 'disabled'
self.analyze_button['state'] = 'disabled'

self.progressbar.start()

@@ -254,8 +256,10 @@ def pcap_analyse(self):

# Enable controls
self.trigger['state'] = 'normal'
self.ibutton['state'] = 'normal'
self.to_menu['state'] = 'normal'
self.from_menu['state'] = 'normal'
self.analyze_button['state'] = 'normal'
else:
mb.showerror("Error","File Not Found !")

@@ -323,7 +327,13 @@ def load_image(self):
def map_select(self, *args):
print(self.option.get())
print(self.to_ip.get(), self.from_ip.get())
self.trigger['state'] = 'disabled'
self.analyze_button['state'] = 'disabled'
self.ibutton['state'] = 'disabled'
self.generate_graph()
self.trigger['state'] = 'normal'
self.ibutton['state'] = 'normal'
self.analyze_button['state'] = 'normal'

def zoom_in(self):
print("zoomin")
@@ -334,7 +344,7 @@ def zoom_in(self):

def zoom_out(self):
print("zoomout")
if self.zoom[0] > 700 and self.zoom[1] > 700:
if self.zoom[0] > 900 and self.zoom[1] > 500:
self.zoom[0] -= 100
self.zoom[1] -= 100
else:
3 changes: 3 additions & 0 deletions requirements.txt
Original file line number Diff line number Diff line change
@@ -29,3 +29,6 @@ matplotlib
cefpython3
pyvis

# Ciphersuites
cryptography

4 changes: 2 additions & 2 deletions run.sh
Original file line number Diff line number Diff line change
@@ -30,7 +30,7 @@ if [[ "$OSTYPE" == "darwin"* ]]; then
# Run Docker Image - Production (Master)
#docker run --rm -d --name pcapxray -e DISPLAY=$IP:0 -v /tmp/.X11-unix:/tmp/.X11-unix srinivas11789/pcapxray
# Run Docker Image - Staging (Develop)
docker run --rm -d --name pcapxray -v ${PWD}/artifacts:/tmp/artifacts -e DISPLAY=$IP:0 -v /tmp/.X11-unix:/tmp/.X11-unix srinivas11789/pcapxray-2.5
docker run --rm -d --name pcapxray -v ${PWD}/artifacts:/tmp/artifacts -e DISPLAY=$IP:0 -v /tmp/.X11-unix:/tmp/.X11-unix srinivas11789/pcapxray-2_9


#elif [[ "$OSTYPE" == "linux-gnu" ]]; then
@@ -44,7 +44,7 @@ else
# Run docker - Production (Master)
#docker run --rm --net=host --env="DISPLAY" --volume="$HOME/.Xauthority:/root/.Xauthority:rw" srinivas11789/pcapxray
# Run docker - Staging (Develop)
docker run --rm -d --name pcapxray -v ${PWD}/artifacts:/tmp/artifacts --net=host --env="DISPLAY" --volume="$HOME/.Xauthority:/root/.Xauthority:rw" srinivas11789/pcapxray-2.5
docker run --rm -d --name pcapxray -v ${PWD}/artifacts:/tmp/artifacts --net=host --env="DISPLAY" --volume="$HOME/.Xauthority:/root/.Xauthority:rw" srinivas11789/pcapxray-2_9
fi

#else

0 comments on commit 204e37d

Please sign in to comment.