0xb00b5/0xb00b5-packmate
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/master' into parse-pcap

Browse Source 
# Conflicts:
#	src/main/java/ru/serega6531/packmate/model/enums/SubscriptionMessageType.java
This commit is contained in:
serega6531
2020-04-10 22:02:55 +03:00
parent 4e0cfd1447 fc46e36eab
commit f32ed5eedd
9 changed files with 43 additions and 46 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
src/main/java/ru/serega6531/packmate/controller/PatternController.java
View File

@@ -23,13 +23,14 @@ public class PatternController {
return service.findAll();
}
@DeleteMapping("/{id}")
public void deletePattern(@PathVariable int id) {
service.deleteById(id);
@PostMapping("/{id}")
public void enable(@PathVariable int id, @RequestParam boolean enabled) {
service.enable(id, enabled);
}
@PostMapping
public Pattern addPattern(@RequestBody Pattern pattern) {
pattern.setEnabled(true);
return service.save(pattern);
}

2
src/main/java/ru/serega6531/packmate/model/CtfService.java
View File

@@ -22,6 +22,6 @@ public class CtfService {
private boolean mergeAdjacentPackets;
private boolean inflateWebSockets;
private boolean parseWebSockets;
}

2
src/main/java/ru/serega6531/packmate/model/Packet.java
View File

@@ -53,7 +53,7 @@ public class Packet {
private boolean ungzipped;
private boolean webSocketInflated;
private boolean webSocketParsed;
private byte[] content;

2
src/main/java/ru/serega6531/packmate/model/Pattern.java
View File

@@ -28,6 +28,8 @@ public class Pattern {
@GeneratedValue(generator = "pattern_generator")
private int id;
private boolean enabled;
private String name;
private String value;

1
src/main/java/ru/serega6531/packmate/model/enums/SubscriptionMessageType.java
View File

@@ -5,5 +5,6 @@ public enum SubscriptionMessageType {
DELETE_SERVICE, DELETE_PATTERN,
NEW_STREAM,
COUNTERS_UPDATE,
ENABLE_PATTERN, DISABLE_PATTERN,
PCAP_STARTED, PCAP_STOPPED
}

32
src/main/java/ru/serega6531/packmate/service/PatternService.java
View File

@@ -3,10 +3,8 @@ package ru.serega6531.packmate.service;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import ru.serega6531.packmate.model.FoundPattern;
import ru.serega6531.packmate.model.Pattern;
import ru.serega6531.packmate.model.Stream;
import ru.serega6531.packmate.model.enums.PatternDirectionType;
import ru.serega6531.packmate.model.enums.PatternSearchType;
import ru.serega6531.packmate.model.enums.SubscriptionMessageType;
@@ -46,34 +44,32 @@ public class PatternService {
public Set<FoundPattern> findMatches(byte[] bytes, boolean incoming) {
final List<Pattern> list = patterns.values().stream()
.filter(Pattern::isEnabled)
.filter(p -> p.getDirectionType() == (incoming ? PatternDirectionType.INPUT : PatternDirectionType.OUTPUT)
|| p.getDirectionType() == PatternDirectionType.BOTH)
.collect(Collectors.toList());
return new PatternMatcher(bytes, list).findMatches();
}
@Transactional
public void deleteById(int id) {
final Optional<Pattern> optional = repository.findById(id);
if (optional.isPresent()) {
final Pattern pattern = optional.get();
log.info("Removed pattern {} with value {}", pattern.getName(), pattern.getValue());
public void enable(int id, boolean enabled) {
final Pattern pattern = find(id);
if (pattern != null) {
pattern.setEnabled(enabled);
final Pattern saved = repository.save(pattern);
patterns.put(id, saved);
for (Stream stream : pattern.getMatchedStreams()) {
stream.getFoundPatterns().remove(pattern);
stream.getPackets().forEach(p ->
p.getMatches().removeIf(m ->
m.getPatternId() == pattern.getId()));
if (enabled) {
log.info("Включен паттерн {} со значением {}", pattern.getName(), pattern.getValue());
subscriptionService.broadcast(new SubscriptionMessage(SubscriptionMessageType.ENABLE_PATTERN, id));
} else {
log.info("Выключен паттерн {} со значением {}", pattern.getName(), pattern.getValue());
subscriptionService.broadcast(new SubscriptionMessage(SubscriptionMessageType.DISABLE_PATTERN, id));
}
patterns.remove(id);
repository.delete(pattern);
subscriptionService.broadcast(new SubscriptionMessage(SubscriptionMessageType.DELETE_PATTERN, id));
}
}
public Pattern save(Pattern pattern) {
if(pattern.getSearchType() == PatternSearchType.REGEX) {
if (pattern.getSearchType() == PatternSearchType.REGEX) {
try {
PatternMatcher.compilePattern(pattern);
} catch (PatternSyntaxException e) {

12
src/main/java/ru/serega6531/packmate/service/StreamOptimizer.java
View File

@@ -36,8 +36,8 @@ public class StreamOptimizer {
unpackGzip();
}
if (service.isInflateWebSockets()) {
inflateWebSocket();
if (service.isParseWebSockets()) {
parseWebSockets();
}
if (service.isUrldecodeHttpRequests()) {
@@ -89,7 +89,7 @@ public class StreamOptimizer {
final List<Packet> cut = packets.subList(start, end);
final long timestamp = cut.get(0).getTimestamp();
final boolean ungzipped = cut.stream().anyMatch(Packet::isUngzipped);
final boolean webSocketInflated = cut.stream().anyMatch(Packet::isWebSocketInflated);
final boolean webSocketParsed = cut.stream().anyMatch(Packet::isWebSocketParsed);
boolean incoming = cut.get(0).isIncoming();
//noinspection OptionalGetWithoutIsPresent
final byte[] content = cut.stream()
@@ -102,7 +102,7 @@ public class StreamOptimizer {
.incoming(incoming)
.timestamp(timestamp)
.ungzipped(ungzipped)
.webSocketInflated(webSocketInflated)
.webSocketParsed(webSocketParsed)
.content(content)
.build());
}
@@ -227,7 +227,7 @@ public class StreamOptimizer {
.incoming(false)
.timestamp(cut.get(0).getTimestamp())
.ungzipped(true)
.webSocketInflated(false)
.webSocketParsed(false)
.content(newContent)
.build();
} catch (ZipException e) {
@@ -239,7 +239,7 @@ public class StreamOptimizer {
return null;
}
private void inflateWebSocket() {
private void parseWebSockets() {
if (!packets.get(0).getContentString().contains("HTTP/")) {
return;
}

29
src/main/java/ru/serega6531/packmate/service/WebSocketsParser.java
View File

@@ -31,8 +31,6 @@ public class WebSocketsParser {
private static final java.util.regex.Pattern WEBSOCKET_ACCEPT_PATTERN =
java.util.regex.Pattern.compile("Sec-WebSocket-Accept: (.+)\\r\\n");
private static final String WEBSOCKET_EXTENSION_HEADER = "Sec-WebSocket-Extension: permessage-deflate";
private static final String WEBSOCKET_EXTENSIONS_HEADER = "Sec-WebSocket-Extensions: permessage-deflate";
private static final String WEBSOCKET_UPGRADE_HEADER = "upgrade: websocket\r\n";
private static final String WEBSOCKET_CONNECTION_HEADER = "connection: upgrade\r\n";
@@ -103,7 +101,6 @@ public class WebSocketsParser {
final List<Packet> handshakes = packets.subList(0, httpEnd);
parse(wsPackets, handshakes, draft);
parsed = true;
}
private void parse(final List<Packet> wsPackets, final List<Packet> handshakes, Draft_6455 draft) {
@@ -136,12 +133,14 @@ public class WebSocketsParser {
.timestamp(lastPacket.getTimestamp())
.ttl(lastPacket.getTtl())
.ungzipped(lastPacket.isUngzipped())
.webSocketInflated(true)
.webSocketParsed(true)
.build()
);
}
}
}
parsed = true;
}
public List<Packet> getParsedPackets() {
@@ -190,11 +189,6 @@ public class WebSocketsParser {
return null;
}
if (!handshake.contains(WEBSOCKET_EXTENSION_HEADER) &&
!handshake.contains(WEBSOCKET_EXTENSIONS_HEADER)) {
return null;
}
return handshake;
}
@@ -212,10 +206,10 @@ public class WebSocketsParser {
String key = matcher.group(1);
matcher = WEBSOCKET_EXTENSIONS_PATTERN.matcher(clientHandshake);
if (!matcher.find()) {
return null;
String extensions = null;
if (matcher.find()) {
extensions = matcher.group(1);
}
String extensions = matcher.group(1);
HandshakeImpl1Client clientHandshakeImpl = new HandshakeImpl1Client();
@@ -223,7 +217,10 @@ public class WebSocketsParser {
clientHandshakeImpl.put("Connection", "Upgrade");
clientHandshakeImpl.put("Sec-WebSocket-Version", version);
clientHandshakeImpl.put("Sec-WebSocket-Key", key);
clientHandshakeImpl.put("Sec-WebSocket-Extensions", extensions);
if(extensions != null) {
clientHandshakeImpl.put("Sec-WebSocket-Extensions", extensions);
}
return clientHandshakeImpl;
}
@@ -236,10 +233,10 @@ public class WebSocketsParser {
String accept = matcher.group(1);
matcher = WEBSOCKET_EXTENSIONS_PATTERN.matcher(serverHandshake);
if (!matcher.find()) {
return null;
String extensions = null;
if (matcher.find()) {
extensions = matcher.group(1);
}
String extensions = matcher.group(1);
HandshakeImpl1Server serverHandshakeImpl = new HandshakeImpl1Server();