Merge pull request #30 from Srinivas11789/bigRevamp

The Revamp - Phase 1
Srinivas11789 · May 1, 2019 · 7ca68ae · 7ca68ae
2 parents de860a5 + 0aeb5db
commit 7ca68ae
Show file tree

Hide file tree

Showing 28 changed files with 1,803 additions and 85 deletions.
diff --git a/.DS_Store b/.DS_Store
diff --git a/.travis.yml b/.travis.yml
@@ -1,16 +1,31 @@
 language: python
+
+os:
+  - linux
+
+addons:
+  apt:
+    packages:
+      - graphviz
+      - python-tk
+      - tshark
+
 python:
   - "2.7"
   - "3.6"
+
 matrix:
   allow_failures:
-    - python: "3.6"
+    - python: "2.7"
+
 before_install:
-    - pip install -U pytest pytest-cov
-    - pip install codecov
-    - pip install flake8
+  - pip install -U pytest pytest-cov
+  - pip install codecov
+  - pip install flake8
+
 install:
   - pip install -r requirements.txt
+
 before_script:
   # stop the build if there are Python syntax errors or undefined names
   - flake8 . --count --select=E901,E999,F821,F822,F823 --show-source --statistics

diff --git a/LICENSE b/LICENSE
diff --git a/Source/Module/communication_details_fetch.py b/Source/Module/communication_details_fetch.py
@@ -0,0 +1,43 @@
+import memory 
+
+# Library Import
+import ipwhois
+from dns import reversename, resolver
+import socket
+# Module Import
+import pcap_reader
+import netaddr
+
+# Class Communication or Traffic Details Fetch
+
+class trafficDetailsFetch():
+
+    def __init__(self, option):
+        for host in memory.destination_hosts:
+            if not memory.destination_hosts[host]:
+                if option == "whois":
+                    memory.destination_hosts[host] = self.whois_info_fetch(host)
+                else:
+                    memory.destination_hosts[host] = self.dns(host)
+
+    def whois_info_fetch(self, ip):
+        try:
+           whois_info = ipwhois.IPWhois(ip).lookup_rdap()
+        except:
+           whois_info = "NoWhoIsInfo"
+        return whois_info
+
+    def dns(self, ip):
+        try:
+            dns_info = socket.gethostbyaddr(ip)[0]
+        except:
+            dns_info = "NotResolvable"
+        return dns_info
+
+def main():
+    capture = pcap_reader.PcapEngine('examples/test.pcap', "scapy")
+    details = trafficDetailsFetch("sock")
+    print(memory.destination_hosts)
+    print("\n")
+
+#main()
diff --git a/Source/Module/device_details_fetch.py b/Source/Module/device_details_fetch.py
@@ -0,0 +1,66 @@
+"""
+Module device_details
+"""
+# Library Import
+import urllib#.request
+import json
+import logging
+# Module Import
+import pcap_reader
+import memory
+import threading
+from netaddr import *
+
+class fetchDeviceDetails:
+
+    def __init__(self, option="ieee"):
+        """
+        Init
+        """
+        self.target_oui_database = option
+
+    def fetch_info(self):
+        for ip in memory.lan_hosts:
+            if self.target_oui_database == "api":
+                memory.lan_hosts[ip]["device_vendor"] = self.oui_identification_via_api(memory.lan_hosts[ip]["mac"])  
+            else:
+                memory.lan_hosts[ip]["device_vendor"], memory.lan_hosts[ip]["vendor_address"] = self.oui_identification_via_ieee(memory.lan_hosts[ip]["mac"])
+            mac = memory.lan_hosts[ip]["mac"].replace(":",".")
+            if ":" in ip:
+                ip_san = ip.replace(":",".")
+            else:
+                ip_san = ip
+            memory.lan_hosts[ip]["node"] = ip_san+"\n"+mac+"\n"+memory.lan_hosts[ip]['device_vendor']
+
+    def oui_identification_via_api(self, mac):
+        url = "http://macvendors.co/api/" + mac
+        api_request = urllib.request.Request(url, headers={'User-Agent':'PcapXray'})
+        try:
+            apiResponse = urllib.request.urlopen(api_request)
+            details = json.loads(apiResponse.read())
+            #reportThread = threading.Thread(target=reportGen.reportGen().deviceDetailsReport,args=(details,))
+            #reportThread.start()
+            return details["result"]["company"], details["result"]["address"]
+        except Exception as e:
+            logging.info("device_details module: oui identification failure via api" + str(e))
+            return "Unknown", "Unknown"
+
+    def oui_identification_via_ieee(self, mac):
+        try:
+            mac_obj = EUI(mac)
+            mac_oui = mac_obj.oui
+            return mac_oui.registration().org, mac_oui.registration().address
+        except Exception as e:
+            logging.info("device_details module: oui identification failure via ieee " + str(e))
+            return "Unknown", "Unknown"
+
+def main():
+    filename = "test.pcap"
+    pcap_reader.PcapEngine('examples/test.pcap', "scapy")
+    fetchDeviceDetails("ieee").fetch_info()
+    print(memory.lan_hosts)
+
+#main()
+
+# MAC Oui Identification Module
+# LAN IP and Getway Identification
diff --git a/Source/Module/examples/tamu_drivebyinc_0_intrusion.pcap b/Source/Module/examples/tamu_drivebyinc_0_intrusion.pcap
diff --git a/Source/Module/examples/tamu_microservice_0_intrusion.pcap b/Source/Module/examples/tamu_microservice_0_intrusion.pcap
diff --git a/Source/Module/examples/tamu_readingrainbow_0_network_enumeration.pcap b/Source/Module/examples/tamu_readingrainbow_0_network_enumeration.pcap