mirror of
https://github.com/maride/pancap.git
synced 2024-12-11 16:34:26 +00:00
Reformat code
This commit is contained in:
parent
1989ae996f
commit
21c956c545
@ -2,10 +2,11 @@ package analyze
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"log"
|
||||
|
||||
"github.com/google/gopacket"
|
||||
"github.com/maride/pancap/output"
|
||||
"github.com/maride/pancap/protocol"
|
||||
"github.com/google/gopacket"
|
||||
"log"
|
||||
)
|
||||
|
||||
var (
|
||||
@ -71,4 +72,3 @@ func handleErr(err error) {
|
||||
log.Printf("Encountered error while examining packets, continuing anyway. Error: %s", err.Error())
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -23,10 +23,10 @@ func GenerateTree(strarr []string) string {
|
||||
// iterate over each element
|
||||
for iter, elem := range strarr {
|
||||
// check if we got the last element
|
||||
if iter < len(strarr) - 1 {
|
||||
if iter < len(strarr)-1 {
|
||||
tmpstr = fmt.Sprintf("%s├ %s\n", tmpstr, elem)
|
||||
} else {
|
||||
tmpstr = fmt.Sprintf( "%s╰ %s\n", tmpstr, elem)
|
||||
tmpstr = fmt.Sprintf("%s╰ %s\n", tmpstr, elem)
|
||||
}
|
||||
}
|
||||
|
||||
|
9
file.go
9
file.go
@ -3,29 +3,30 @@ package main
|
||||
import (
|
||||
"flag"
|
||||
"fmt"
|
||||
|
||||
"github.com/google/gopacket"
|
||||
"github.com/google/gopacket/layers"
|
||||
"github.com/google/gopacket/pcap"
|
||||
)
|
||||
|
||||
var (
|
||||
filenameFlag *string
|
||||
filenameFlag string
|
||||
)
|
||||
|
||||
// Registers the flag --file
|
||||
func registerFileFlags() {
|
||||
filenameFlag = flag.String("file", "", "PCAP file to base analysis on")
|
||||
flag.StringVar(&filenameFlag, "file", "", "PCAP file to base analysis on")
|
||||
}
|
||||
|
||||
// Opens the PCAP, returns its packets and the link type or an error
|
||||
func openPCAP() (*gopacket.PacketSource, layers.LinkType, error) {
|
||||
// Check if we even got a file.
|
||||
if *filenameFlag == "" {
|
||||
if filenameFlag == "" {
|
||||
return nil, 0, fmt.Errorf("missing file to analyze. Please specifiy it with --file")
|
||||
}
|
||||
|
||||
// Open specified file
|
||||
handle, openErr := pcap.OpenOffline(*filenameFlag)
|
||||
handle, openErr := pcap.OpenOffline(filenameFlag)
|
||||
if openErr != nil {
|
||||
// There were some problems opening the file
|
||||
return nil, 0, openErr
|
||||
|
5
main.go
5
main.go
@ -3,11 +3,12 @@ package main
|
||||
import (
|
||||
"flag"
|
||||
"fmt"
|
||||
"github.com/maride/pancap/analyze"
|
||||
"github.com/maride/pancap/output"
|
||||
"log"
|
||||
"math/rand"
|
||||
"time"
|
||||
|
||||
"github.com/maride/pancap/analyze"
|
||||
"github.com/maride/pancap/output"
|
||||
)
|
||||
|
||||
func main() {
|
||||
|
@ -46,12 +46,12 @@ func StoreFiles() {
|
||||
var filesToExtract []File
|
||||
|
||||
// Check different flag scenarios
|
||||
if *targetAllFiles {
|
||||
if targetAllFiles {
|
||||
// We should extract all files.
|
||||
filesToExtract = registeredFiles
|
||||
} else {
|
||||
// We should extract only a given set of files
|
||||
fileList := strings.Split(*targetFiles, ",")
|
||||
fileList := strings.Split(targetFiles, ",")
|
||||
for _, f := range fileList {
|
||||
// Iterate over desired files
|
||||
found := false
|
||||
@ -80,7 +80,7 @@ func StoreFiles() {
|
||||
|
||||
// Writes the given file object to disk, along with a stats file placed next to it.
|
||||
func writeOut(f File) {
|
||||
targetName := fmt.Sprintf("%s%c%s", *targetOutput, os.PathSeparator, f.hash)
|
||||
targetName := fmt.Sprintf("%s%c%s", targetOutput, os.PathSeparator, f.hash)
|
||||
targetDescName := fmt.Sprintf("%s.info", targetName)
|
||||
targetDescription := fmt.Sprintf("Filename: %s\nHash: %s\nOrigin: %s\nSize: %d", f.name, f.hash, f.origin, len(f.content))
|
||||
|
||||
|
@ -3,19 +3,19 @@ package output
|
||||
import "flag"
|
||||
|
||||
var (
|
||||
fullOutput *bool
|
||||
printEmptyBlocks *bool
|
||||
targetFiles *string
|
||||
targetAllFiles *bool
|
||||
targetOutput *string
|
||||
graphOutput *string
|
||||
fullOutput bool
|
||||
printEmptyBlocks bool
|
||||
targetFiles string
|
||||
targetAllFiles bool
|
||||
targetOutput string
|
||||
graphOutput string
|
||||
)
|
||||
|
||||
func RegisterFlags() {
|
||||
fullOutput = flag.Bool("full-output", false, "Show full output instead of limiting submodule output")
|
||||
printEmptyBlocks = flag.Bool("print-empty-blocks", false, "Prints blocks (submodule output) even if the submodule doesn't have any content to print.")
|
||||
targetFiles = flag.String("extract-these", "", "Comma-separated list of files to extract.")
|
||||
targetAllFiles = flag.Bool("extract-all", false, "Extract all files found.")
|
||||
targetOutput = flag.String("extract-to", "./extracted", "Directory to store extracted files in.")
|
||||
graphOutput = flag.String("create-graph", "", "Create a Graphviz graph out of collected communication")
|
||||
flag.BoolVar(&fullOutput, "full-output", false, "Show full output instead of limiting submodule output")
|
||||
flag.BoolVar(&printEmptyBlocks, "print-empty-blocks", false, "Prints blocks (submodule output) even if the submodule doesn't have any content to print.")
|
||||
flag.StringVar(&targetFiles, "extract-these", "", "Comma-separated list of files to extract.")
|
||||
flag.BoolVar(&targetAllFiles, "extract-all", false, "Extract all files found.")
|
||||
flag.StringVar(&targetOutput, "extract-to", "./extracted", "Directory to store extracted files in.")
|
||||
flag.StringVar(&graphOutput, "create-graph", "", "Create a Graphviz graph out of collected communication")
|
||||
}
|
||||
|
@ -1,11 +1,10 @@
|
||||
package output
|
||||
|
||||
import (
|
||||
"crypto/sha256"
|
||||
"fmt"
|
||||
"io/ioutil"
|
||||
|
||||
"crypto/sha256"
|
||||
|
||||
"github.com/google/gopacket"
|
||||
)
|
||||
|
||||
@ -40,13 +39,13 @@ func AddPkgToGraph(pkg gopacket.Packet) {
|
||||
|
||||
// CreateGraph writes out a Graphviz digraph
|
||||
func CreateGraph() {
|
||||
if *graphOutput == "" {
|
||||
if graphOutput == "" {
|
||||
// No graph requested
|
||||
return
|
||||
}
|
||||
|
||||
// Start with the Graphviz-specific header
|
||||
dot := fmt.Sprintf("# Compile with `neato -Tpng %s > %s.png`\n", *graphOutput, *graphOutput)
|
||||
dot := fmt.Sprintf("# Compile with `neato -Tpng %s > %s.png`\n", graphOutput, graphOutput)
|
||||
dot += "digraph pancap {\n\toverlap = false;\n"
|
||||
|
||||
// First, gather all nodes as-is and write them out
|
||||
@ -61,7 +60,7 @@ func CreateGraph() {
|
||||
dot += "}\n"
|
||||
|
||||
// Write out
|
||||
ioutil.WriteFile(*graphOutput, []byte(dot), 0644)
|
||||
ioutil.WriteFile(graphOutput, []byte(dot), 0644)
|
||||
}
|
||||
|
||||
// Creates a list of distinct nodes, Graphviz-compatible
|
||||
|
@ -25,7 +25,7 @@ func Finalize() {
|
||||
}
|
||||
|
||||
// Check if something graph-worthy was collected
|
||||
if *graphOutput == "" && len(graphPkgs) > 0 {
|
||||
if graphOutput == "" && len(graphPkgs) > 0 {
|
||||
// User didn't want a graph
|
||||
printer.Println("To summarize the communcation flow with a Graphviz graph, specify --create-graph <out.dot>.")
|
||||
}
|
||||
|
@ -2,8 +2,9 @@ package output
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"github.com/fatih/color"
|
||||
"strings"
|
||||
|
||||
"github.com/fatih/color"
|
||||
)
|
||||
|
||||
const (
|
||||
@ -21,7 +22,7 @@ var (
|
||||
// If the content is longer than MaxContentLines, content is cut.
|
||||
func PrintBlock(headline string, content string) {
|
||||
// Avoid printing empty blocks - at least if user didn't specify it otherwise
|
||||
if len(content) == 0 && !*printEmptyBlocks {
|
||||
if len(content) == 0 && !printEmptyBlocks {
|
||||
// No content and we are not forced to print empty blocks, return
|
||||
DidAvoidEmptyBlock = true
|
||||
return
|
||||
@ -38,7 +39,7 @@ func PrintBlock(headline string, content string) {
|
||||
}
|
||||
|
||||
// Cut to MaxContentLines if required
|
||||
if !(*fullOutput) {
|
||||
if !(fullOutput) {
|
||||
// User states that they don't want to see the whole output - cut content.
|
||||
content = cutContent(content)
|
||||
}
|
||||
|
@ -2,10 +2,10 @@ package arp
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"github.com/maride/pancap/common"
|
||||
"github.com/maride/pancap/output"
|
||||
"github.com/google/gopacket"
|
||||
"github.com/google/gopacket/layers"
|
||||
"github.com/maride/pancap/common"
|
||||
"github.com/maride/pancap/output"
|
||||
"log"
|
||||
"net"
|
||||
)
|
||||
@ -19,7 +19,7 @@ var (
|
||||
}
|
||||
)
|
||||
|
||||
type Protocol struct {}
|
||||
type Protocol struct{}
|
||||
|
||||
// Checks if the given packet is an ARP packet we can process
|
||||
func (p *Protocol) CanAnalyze(packet gopacket.Packet) bool {
|
||||
|
@ -1,9 +1,9 @@
|
||||
package dhcpv4
|
||||
|
||||
import (
|
||||
"github.com/maride/pancap/output"
|
||||
"github.com/google/gopacket"
|
||||
"github.com/google/gopacket/layers"
|
||||
"github.com/maride/pancap/output"
|
||||
)
|
||||
|
||||
type Protocol struct {
|
||||
|
@ -6,4 +6,3 @@ type dhcpResponse struct {
|
||||
serverMACAddr string
|
||||
askedFor bool
|
||||
}
|
||||
|
||||
|
@ -2,8 +2,8 @@ package dhcpv4
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"github.com/maride/pancap/common"
|
||||
"github.com/google/gopacket/layers"
|
||||
"github.com/maride/pancap/common"
|
||||
"log"
|
||||
)
|
||||
|
||||
|
@ -2,8 +2,8 @@ package dhcpv4
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"github.com/maride/pancap/common"
|
||||
"github.com/google/gopacket/layers"
|
||||
"github.com/maride/pancap/common"
|
||||
)
|
||||
|
||||
// Processes the DHCP request packet handed over
|
||||
|
@ -2,8 +2,8 @@ package dhcpv4
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"github.com/maride/pancap/common"
|
||||
"github.com/google/gopacket/layers"
|
||||
"github.com/maride/pancap/common"
|
||||
"log"
|
||||
)
|
||||
|
||||
|
@ -2,8 +2,8 @@ package dns
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"github.com/maride/pancap/common"
|
||||
"github.com/google/gopacket/layers"
|
||||
"github.com/maride/pancap/common"
|
||||
"golang.org/x/net/publicsuffix"
|
||||
"log"
|
||||
)
|
||||
|
@ -58,7 +58,7 @@ func (p *Protocol) generateDNSTypeSummary(typearr map[layers.DNSType]int) string
|
||||
if iter == 0 {
|
||||
// We don't need to append yet
|
||||
answerstr = elem
|
||||
} else if iter == len(answerarr) - 1 {
|
||||
} else if iter == len(answerarr)-1 {
|
||||
// Last element, use "and" instead of a comma
|
||||
answerstr = fmt.Sprintf("%s and %s", answerstr, elem)
|
||||
} else {
|
||||
|
@ -1,12 +1,12 @@
|
||||
package dns
|
||||
|
||||
import (
|
||||
"github.com/maride/pancap/output"
|
||||
"github.com/google/gopacket"
|
||||
"github.com/google/gopacket/layers"
|
||||
"github.com/maride/pancap/output"
|
||||
)
|
||||
|
||||
type Protocol struct {}
|
||||
type Protocol struct{}
|
||||
|
||||
func (p *Protocol) CanAnalyze(packet gopacket.Packet) bool {
|
||||
return packet.Layer(layers.LayerTypeDNS) != nil
|
||||
|
@ -2,8 +2,8 @@ package dns
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"github.com/maride/pancap/common"
|
||||
"github.com/google/gopacket/layers"
|
||||
"github.com/maride/pancap/common"
|
||||
"golang.org/x/net/publicsuffix"
|
||||
"log"
|
||||
)
|
||||
|
@ -1,11 +1,11 @@
|
||||
package http
|
||||
|
||||
import (
|
||||
"github.com/maride/pancap/common"
|
||||
"github.com/maride/pancap/output"
|
||||
"github.com/google/gopacket"
|
||||
"github.com/google/gopacket/layers"
|
||||
"github.com/google/gopacket/tcpassembly"
|
||||
"github.com/maride/pancap/common"
|
||||
"github.com/maride/pancap/output"
|
||||
)
|
||||
|
||||
type Protocol struct {
|
||||
|
@ -3,10 +3,10 @@ package http
|
||||
import (
|
||||
"bufio"
|
||||
"fmt"
|
||||
"github.com/maride/pancap/output"
|
||||
"github.com/google/gopacket"
|
||||
"github.com/google/gopacket/tcpassembly"
|
||||
"github.com/google/gopacket/tcpassembly/tcpreader"
|
||||
"github.com/maride/pancap/output"
|
||||
"io"
|
||||
"io/ioutil"
|
||||
"net/http"
|
||||
|
Loading…
Reference in New Issue
Block a user