Reformat code

This commit is contained in:
maride 2023-09-02 23:49:02 +02:00
parent 1989ae996f
commit 21c956c545
26 changed files with 102 additions and 101 deletions

View File

@ -2,10 +2,11 @@ package analyze
import (
"fmt"
"log"
"github.com/google/gopacket"
"github.com/maride/pancap/output"
"github.com/maride/pancap/protocol"
"github.com/google/gopacket"
"log"
)
var (
@ -71,4 +72,3 @@ func handleErr(err error) {
log.Printf("Encountered error while examining packets, continuing anyway. Error: %s", err.Error())
}
}

View File

@ -23,10 +23,10 @@ func GenerateTree(strarr []string) string {
// iterate over each element
for iter, elem := range strarr {
// check if we got the last element
if iter < len(strarr) - 1 {
if iter < len(strarr)-1 {
tmpstr = fmt.Sprintf("%s├ %s\n", tmpstr, elem)
} else {
tmpstr = fmt.Sprintf( "%s╰ %s\n", tmpstr, elem)
tmpstr = fmt.Sprintf("%s╰ %s\n", tmpstr, elem)
}
}

View File

@ -3,29 +3,30 @@ package main
import (
"flag"
"fmt"
"github.com/google/gopacket"
"github.com/google/gopacket/layers"
"github.com/google/gopacket/pcap"
)
var (
filenameFlag *string
filenameFlag string
)
// Registers the flag --file
func registerFileFlags() {
filenameFlag = flag.String("file", "", "PCAP file to base analysis on")
flag.StringVar(&filenameFlag, "file", "", "PCAP file to base analysis on")
}
// Opens the PCAP, returns its packets and the link type or an error
func openPCAP() (*gopacket.PacketSource, layers.LinkType, error) {
// Check if we even got a file.
if *filenameFlag == "" {
if filenameFlag == "" {
return nil, 0, fmt.Errorf("missing file to analyze. Please specifiy it with --file")
}
// Open specified file
handle, openErr := pcap.OpenOffline(*filenameFlag)
handle, openErr := pcap.OpenOffline(filenameFlag)
if openErr != nil {
// There were some problems opening the file
return nil, 0, openErr

View File

@ -3,11 +3,12 @@ package main
import (
"flag"
"fmt"
"github.com/maride/pancap/analyze"
"github.com/maride/pancap/output"
"log"
"math/rand"
"time"
"github.com/maride/pancap/analyze"
"github.com/maride/pancap/output"
)
func main() {

View File

@ -46,12 +46,12 @@ func StoreFiles() {
var filesToExtract []File
// Check different flag scenarios
if *targetAllFiles {
if targetAllFiles {
// We should extract all files.
filesToExtract = registeredFiles
} else {
// We should extract only a given set of files
fileList := strings.Split(*targetFiles, ",")
fileList := strings.Split(targetFiles, ",")
for _, f := range fileList {
// Iterate over desired files
found := false
@ -80,7 +80,7 @@ func StoreFiles() {
// Writes the given file object to disk, along with a stats file placed next to it.
func writeOut(f File) {
targetName := fmt.Sprintf("%s%c%s", *targetOutput, os.PathSeparator, f.hash)
targetName := fmt.Sprintf("%s%c%s", targetOutput, os.PathSeparator, f.hash)
targetDescName := fmt.Sprintf("%s.info", targetName)
targetDescription := fmt.Sprintf("Filename: %s\nHash: %s\nOrigin: %s\nSize: %d", f.name, f.hash, f.origin, len(f.content))

View File

@ -3,19 +3,19 @@ package output
import "flag"
var (
fullOutput *bool
printEmptyBlocks *bool
targetFiles *string
targetAllFiles *bool
targetOutput *string
graphOutput *string
fullOutput bool
printEmptyBlocks bool
targetFiles string
targetAllFiles bool
targetOutput string
graphOutput string
)
func RegisterFlags() {
fullOutput = flag.Bool("full-output", false, "Show full output instead of limiting submodule output")
printEmptyBlocks = flag.Bool("print-empty-blocks", false, "Prints blocks (submodule output) even if the submodule doesn't have any content to print.")
targetFiles = flag.String("extract-these", "", "Comma-separated list of files to extract.")
targetAllFiles = flag.Bool("extract-all", false, "Extract all files found.")
targetOutput = flag.String("extract-to", "./extracted", "Directory to store extracted files in.")
graphOutput = flag.String("create-graph", "", "Create a Graphviz graph out of collected communication")
flag.BoolVar(&fullOutput, "full-output", false, "Show full output instead of limiting submodule output")
flag.BoolVar(&printEmptyBlocks, "print-empty-blocks", false, "Prints blocks (submodule output) even if the submodule doesn't have any content to print.")
flag.StringVar(&targetFiles, "extract-these", "", "Comma-separated list of files to extract.")
flag.BoolVar(&targetAllFiles, "extract-all", false, "Extract all files found.")
flag.StringVar(&targetOutput, "extract-to", "./extracted", "Directory to store extracted files in.")
flag.StringVar(&graphOutput, "create-graph", "", "Create a Graphviz graph out of collected communication")
}

View File

@ -1,11 +1,10 @@
package output
import (
"crypto/sha256"
"fmt"
"io/ioutil"
"crypto/sha256"
"github.com/google/gopacket"
)
@ -40,13 +39,13 @@ func AddPkgToGraph(pkg gopacket.Packet) {
// CreateGraph writes out a Graphviz digraph
func CreateGraph() {
if *graphOutput == "" {
if graphOutput == "" {
// No graph requested
return
}
// Start with the Graphviz-specific header
dot := fmt.Sprintf("# Compile with `neato -Tpng %s > %s.png`\n", *graphOutput, *graphOutput)
dot := fmt.Sprintf("# Compile with `neato -Tpng %s > %s.png`\n", graphOutput, graphOutput)
dot += "digraph pancap {\n\toverlap = false;\n"
// First, gather all nodes as-is and write them out
@ -61,7 +60,7 @@ func CreateGraph() {
dot += "}\n"
// Write out
ioutil.WriteFile(*graphOutput, []byte(dot), 0644)
ioutil.WriteFile(graphOutput, []byte(dot), 0644)
}
// Creates a list of distinct nodes, Graphviz-compatible

View File

@ -25,7 +25,7 @@ func Finalize() {
}
// Check if something graph-worthy was collected
if *graphOutput == "" && len(graphPkgs) > 0 {
if graphOutput == "" && len(graphPkgs) > 0 {
// User didn't want a graph
printer.Println("To summarize the communcation flow with a Graphviz graph, specify --create-graph <out.dot>.")
}

View File

@ -2,8 +2,9 @@ package output
import (
"fmt"
"github.com/fatih/color"
"strings"
"github.com/fatih/color"
)
const (
@ -21,7 +22,7 @@ var (
// If the content is longer than MaxContentLines, content is cut.
func PrintBlock(headline string, content string) {
// Avoid printing empty blocks - at least if user didn't specify it otherwise
if len(content) == 0 && !*printEmptyBlocks {
if len(content) == 0 && !printEmptyBlocks {
// No content and we are not forced to print empty blocks, return
DidAvoidEmptyBlock = true
return
@ -38,7 +39,7 @@ func PrintBlock(headline string, content string) {
}
// Cut to MaxContentLines if required
if !(*fullOutput) {
if !(fullOutput) {
// User states that they don't want to see the whole output - cut content.
content = cutContent(content)
}

View File

@ -2,10 +2,10 @@ package arp
import (
"fmt"
"github.com/maride/pancap/common"
"github.com/maride/pancap/output"
"github.com/google/gopacket"
"github.com/google/gopacket/layers"
"github.com/maride/pancap/common"
"github.com/maride/pancap/output"
"log"
"net"
)
@ -19,7 +19,7 @@ var (
}
)
type Protocol struct {}
type Protocol struct{}
// Checks if the given packet is an ARP packet we can process
func (p *Protocol) CanAnalyze(packet gopacket.Packet) bool {

View File

@ -1,9 +1,9 @@
package dhcpv4
import (
"github.com/maride/pancap/output"
"github.com/google/gopacket"
"github.com/google/gopacket/layers"
"github.com/maride/pancap/output"
)
type Protocol struct {

View File

@ -6,4 +6,3 @@ type dhcpResponse struct {
serverMACAddr string
askedFor bool
}

View File

@ -2,8 +2,8 @@ package dhcpv4
import (
"fmt"
"github.com/maride/pancap/common"
"github.com/google/gopacket/layers"
"github.com/maride/pancap/common"
"log"
)

View File

@ -2,8 +2,8 @@ package dhcpv4
import (
"fmt"
"github.com/maride/pancap/common"
"github.com/google/gopacket/layers"
"github.com/maride/pancap/common"
)
// Processes the DHCP request packet handed over

View File

@ -2,8 +2,8 @@ package dhcpv4
import (
"fmt"
"github.com/maride/pancap/common"
"github.com/google/gopacket/layers"
"github.com/maride/pancap/common"
"log"
)

View File

@ -2,8 +2,8 @@ package dns
import (
"fmt"
"github.com/maride/pancap/common"
"github.com/google/gopacket/layers"
"github.com/maride/pancap/common"
"golang.org/x/net/publicsuffix"
"log"
)

View File

@ -58,7 +58,7 @@ func (p *Protocol) generateDNSTypeSummary(typearr map[layers.DNSType]int) string
if iter == 0 {
// We don't need to append yet
answerstr = elem
} else if iter == len(answerarr) - 1 {
} else if iter == len(answerarr)-1 {
// Last element, use "and" instead of a comma
answerstr = fmt.Sprintf("%s and %s", answerstr, elem)
} else {

View File

@ -1,12 +1,12 @@
package dns
import (
"github.com/maride/pancap/output"
"github.com/google/gopacket"
"github.com/google/gopacket/layers"
"github.com/maride/pancap/output"
)
type Protocol struct {}
type Protocol struct{}
func (p *Protocol) CanAnalyze(packet gopacket.Packet) bool {
return packet.Layer(layers.LayerTypeDNS) != nil

View File

@ -2,8 +2,8 @@ package dns
import (
"fmt"
"github.com/maride/pancap/common"
"github.com/google/gopacket/layers"
"github.com/maride/pancap/common"
"golang.org/x/net/publicsuffix"
"log"
)

View File

@ -1,11 +1,11 @@
package http
import (
"github.com/maride/pancap/common"
"github.com/maride/pancap/output"
"github.com/google/gopacket"
"github.com/google/gopacket/layers"
"github.com/google/gopacket/tcpassembly"
"github.com/maride/pancap/common"
"github.com/maride/pancap/output"
)
type Protocol struct {

View File

@ -3,10 +3,10 @@ package http
import (
"bufio"
"fmt"
"github.com/maride/pancap/output"
"github.com/google/gopacket"
"github.com/google/gopacket/tcpassembly"
"github.com/google/gopacket/tcpassembly/tcpreader"
"github.com/maride/pancap/output"
"io"
"io/ioutil"
"net/http"