This repository has been archived by the owner on Jan 5, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 5
/
Copy pathparse.py
61 lines (43 loc) · 1.55 KB
/
parse.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
import json, codecs, re, logging
from lmdirect.aescipher import AESCipher
_LOGGER = logging.getLogger(__name__)
_LOGGER.setLevel(logging.DEBUG)
PHONE_IP = "192.168.1.150"
LM_IP = "192.168.1.215"
CONFIG_FILE = "config.json"
try:
with open(CONFIG_FILE) as config_file:
data = json.load(config_file)
key = data["key"]
filename = data["filename"]
except Exception as err:
print(err)
exit(1)
cipher = AESCipher(key)
SOURCE_MAP = {PHONE_IP: "\nApp", LM_IP: "Machine"}
def checksum(buffer):
"""Compute check byte"""
buffer = bytes(buffer, "utf-8")
return "%0.2X" % (sum(buffer) % 256)
# Opening JSON file
with open(filename) as json_file:
data = json.load(json_file)
print(f"Parsing {filename}")
for item in data:
layers = item["_source"]["layers"]
ip_src = layers["ip"]["ip.src"]
try:
packet_data = layers["data"]["data.data"].replace(":", "")
decoded_data = codecs.decode(packet_data, "hex").decode("utf-8")
_LOGGER.debug("Parsed: {}".format(decoded_data))
ciphertext = re.sub("[@%]", "", decoded_data)
plaintext = cipher.decrypt(ciphertext)
_LOGGER.debug(plaintext)
# plaintest = plaintext.partition(b'\0')[0].decode('utf-8')
print("{}: {} ".format(SOURCE_MAP[ip_src], plaintext[0]), end="")
for i in range(1, len(plaintext), 2):
chars = plaintext[i : i + 2]
print(chars, end=" ")
print("")
except KeyError:
pass