2024-11-24 01:34:26 +00:00
19 changed files with 71 additions and 38 deletions
--- a/README.md
+++ b/README.md
@ -1,7 +1,5 @@
 # pancap
 <img alt="pancap logo" src="pancap.png" width="250px" height="250px">
 ## Idea
 If you get access to a [PCAP](https://en.wikipedia.org/wiki/Pcap) file, for example during a CTF or captured on your own, you usually have the problem of overlooking all the relevant information to get a basic idea of the capture file. This gets worse if the capture file includes lots of white noise or irrelevant traffic - often included in the capture file to cloak *interesting* packets in a bunch of packets to YouTube, Reddit, Twitter and others.
@ -12,7 +10,7 @@ If you get access to a [PCAP](https://en.wikipedia.org/wiki/Pcap) file, for exam
 Simply run
-`go get github.com/maride/pancap`
+`go get git.darknebu.la/maride/pancap`
 This will also build `pancap` and place it into your `GOBIN` directory - means you can directly execute it!
--- a/analyze/analyzer.go
+++ b/analyze/analyzer.go
@ -2,8 +2,8 @@ package analyze
 import (
 	"fmt"
-	"github.com/maride/pancap/output"
+	"git.darknebu.la/maride/pancap/output"
-	"github.com/maride/pancap/protocol"
+	"git.darknebu.la/maride/pancap/protocol"
 	"github.com/google/gopacket"
 	"log"
 )
--- a/analyzer_test.go
+++ b/analyzer_test.go
@ -0,0 +1,42 @@
 package main
 import (
 	"github.com/google/gopacket"
 	"github.com/google/gopacket/layers"
 	"testing"
 )
 func Test_analyzePCAP(t *testing.T) {
 	type args struct {
 		source   *gopacket.PacketSource
 		linkType layers.LinkType
 	}
 	tests := []struct {
 		name    string
 		args    args
 		wantErr bool
 	}{
 		{
 			name: "Faulty link type",
 			args: args{
 				source: &gopacket.PacketSource{
 					DecodeOptions: gopacket.DecodeOptions{
 						Lazy:                     false,
 						NoCopy:                   false,
 						SkipDecodeRecovery:       false,
 						DecodeStreamsAsDatagrams: false,
 					},
 				},
 				linkType: 2,
 			},
 			wantErr: true,
 		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			if err := analyzePCAP(tt.args.source, tt.args.linkType); (err != nil) != tt.wantErr {
 				t.Errorf("analyzePCAP() error = %v, wantErr %v", err, tt.wantErr)
 			}
 		})
 	}
 }
--- a/go.mod
+++ b/go.mod
@ -1,4 +1,4 @@
-module github.com/maride/pancap
+module git.darknebu.la/maride/pancap
 go 1.13
--- a/main.go
+++ b/main.go
@ -3,8 +3,8 @@ package main
 import (
 	"flag"
 	"fmt"
-	"github.com/maride/pancap/analyze"
+	"git.darknebu.la/maride/pancap/analyze"
-	"github.com/maride/pancap/output"
+	"git.darknebu.la/maride/pancap/output"
 	"log"
 	"math/rand"
 	"time"
@ -53,13 +53,13 @@ func printMOTD() {
 		"PanCAP: Analyzer for pancake files",
 		"You want some syrup with these packets?",
 		"Check out CONTRIBUTORS.md!",
-		"Push your commits to github.com/maride/pancap",
+		"Push your commits to git.darknebu.la/maride/pancap",
 		"Don't let the white noise traffic confuse you.",
 		"Grab a Club Mate if you don't have one yet.",
 		"In Soviet Russia, traffic analyzes you.",
 		"Who captures the captors?",
 		"Respect other's privacy. Always.",
-		"Make public data available, protect private data.",   // https://www.ccc.de/en/hackerethik
+		"Make public data available, protect private data.", // https://www.ccc.de/en/hackerethik
 		"Most traffic is just there to confuse the russians.", // hat-tip to twitter.com/_harryr_
 	}
--- a/output/filemanager.go
+++ b/output/filemanager.go
@ -2,18 +2,17 @@ package output
 import (
 	"fmt"
 	"git.darknebu.la/maride/pancap/common"
 	"io/ioutil"
 	"log"
 	"os"
 	"strings"
 	"github.com/maride/pancap/common"
 )
 var (
 	registeredFiles []File
-	notFound        []string
+	notFound []string
-	extractedFiles  int
+	extractedFiles int
 )
 // Registers a file with the given name and content.
@ -21,18 +20,12 @@ var (
 // This means that a module should _always_ call this function when a file is encountered.
 // origin is a descriptive string where the file comes from, e.g. the module name.
 func RegisterFile(filename string, content []byte, origin string) {
 	// Check if there even is anything to register
 	if len(content) == 0 {
 		// File is empty, won't register the void
 		log.Printf("Avoided registering file from %s because it is empty.", origin)
 		return
 	}
 	thisFile := NewFile(filename, content, origin)
 	// To avoid doubles, we need to check if that hash is already present
 	for _, f := range registeredFiles {
 		if f.hash == thisFile.hash {
 			// Found - stop here
-			log.Printf("Avoided registering file from %s because it has the same content as an already registered file ", origin)
+			log.Printf("Avoided registering file '%s' because it has the same content as an already registered file ", f.name)
 			return
 		}
 	}
--- a/pancap.png
+++ b/pancap.png
--- a/protocol/arp/arp.go
+++ b/protocol/arp/arp.go
@ -2,8 +2,8 @@ package arp
 import (
 	"fmt"
-	"github.com/maride/pancap/common"
+	"git.darknebu.la/maride/pancap/common"
-	"github.com/maride/pancap/output"
+	"git.darknebu.la/maride/pancap/output"
 	"github.com/google/gopacket"
 	"github.com/google/gopacket/layers"
 	"log"
--- a/protocol/dhcpv4/dhcp.go
+++ b/protocol/dhcpv4/dhcp.go
@ -1,7 +1,7 @@
 package dhcpv4
 import (
-	"github.com/maride/pancap/output"
+	"git.darknebu.la/maride/pancap/output"
 	"github.com/google/gopacket"
 	"github.com/google/gopacket/layers"
 )
--- a/protocol/dhcpv4/hostnames.go
+++ b/protocol/dhcpv4/hostnames.go
@ -2,7 +2,7 @@ package dhcpv4
 import (
 	"fmt"
-	"github.com/maride/pancap/common"
+	"git.darknebu.la/maride/pancap/common"
 	"github.com/google/gopacket/layers"
 	"log"
 )
--- a/protocol/dhcpv4/request.go
+++ b/protocol/dhcpv4/request.go
@ -2,7 +2,7 @@ package dhcpv4
 import (
 	"fmt"
-	"github.com/maride/pancap/common"
+	"git.darknebu.la/maride/pancap/common"
 	"github.com/google/gopacket/layers"
 )
--- a/protocol/dhcpv4/response.go
+++ b/protocol/dhcpv4/response.go
@ -2,7 +2,7 @@ package dhcpv4
 import (
 	"fmt"
-	"github.com/maride/pancap/common"
+	"git.darknebu.la/maride/pancap/common"
 	"github.com/google/gopacket/layers"
 	"log"
 )
--- a/protocol/dns/answer.go
+++ b/protocol/dns/answer.go
@ -2,7 +2,7 @@ package dns
 import (
 	"fmt"
-	"github.com/maride/pancap/common"
+	"git.darknebu.la/maride/pancap/common"
 	"github.com/google/gopacket/layers"
 	"golang.org/x/net/publicsuffix"
 	"log"
--- a/protocol/dns/dns.go
+++ b/protocol/dns/dns.go
@ -1,7 +1,7 @@
 package dns
 import (
-	"github.com/maride/pancap/output"
+	"git.darknebu.la/maride/pancap/output"
 	"github.com/google/gopacket"
 	"github.com/google/gopacket/layers"
 )
--- a/protocol/dns/question.go
+++ b/protocol/dns/question.go
@ -2,7 +2,7 @@ package dns
 import (
 	"fmt"
-	"github.com/maride/pancap/common"
+	"git.darknebu.la/maride/pancap/common"
 	"github.com/google/gopacket/layers"
 	"golang.org/x/net/publicsuffix"
 	"log"
--- a/protocol/http/http.go
+++ b/protocol/http/http.go
@ -1,8 +1,8 @@
 package http
 import (
-	"github.com/maride/pancap/common"
+	"git.darknebu.la/maride/pancap/common"
-	"github.com/maride/pancap/output"
+	"git.darknebu.la/maride/pancap/output"
 	"github.com/google/gopacket"
 	"github.com/google/gopacket/layers"
 	"github.com/google/gopacket/tcpassembly"
--- a/protocol/http/httpResponseFactory.go
+++ b/protocol/http/httpResponseFactory.go
@ -3,7 +3,7 @@ package http
 import (
 	"bufio"
 	"fmt"
-	"github.com/maride/pancap/output"
+	"git.darknebu.la/maride/pancap/output"
 	"github.com/google/gopacket"
 	"github.com/google/gopacket/tcpassembly"
 	"github.com/google/gopacket/tcpassembly/tcpreader"
--- a/protocol/index.go
+++ b/protocol/index.go
@ -1,10 +1,10 @@
 package protocol
 import (
-	"github.com/maride/pancap/protocol/arp"
+	"git.darknebu.la/maride/pancap/protocol/arp"
-	"github.com/maride/pancap/protocol/dhcpv4"
+	"git.darknebu.la/maride/pancap/protocol/dhcpv4"
-	"github.com/maride/pancap/protocol/dns"
+	"git.darknebu.la/maride/pancap/protocol/dns"
-	"github.com/maride/pancap/protocol/http"
+	"git.darknebu.la/maride/pancap/protocol/http"
 )
 var (
`@ -1,4 +1,4 @@`
	`module github.com/maride/pancap`	`module git.darknebu.la/maride/pancap`

	`go 1.13`	`go 1.13`