diff --git a/Modules/rodrigo_thierry_joaovitor/Parser.py b/Modules/rodrigo_thierry_joaovitor/Parser.py
index 5dcaddd..0717dbe 100644
--- a/Modules/rodrigo_thierry_joaovitor/Parser.py
+++ b/Modules/rodrigo_thierry_joaovitor/Parser.py
@@ -23,6 +23,7 @@ def int_to_ip4(addr: int) -> str:
class Packet:
+ ts: float = 0.
uniqueId: uuid.UUID = None
'''
@@ -42,18 +43,43 @@ def setInternalPDU(self, pkt: 'Packet') -> None:
def __init__(self):
self.uniqueId = uuid.uuid4()
+ def setTimestamp(pkg: 'Packet' | List['Packet'], ts):
+ if type(pkg) == list:
+ for i in pkg:
+ Packet.setTimestamp(i, ts)
+ else:
+ pkg.ts = ts
+
def convert(pkg) -> 'Packet' | List['Packet'] | None:
'''
Converte o esquema de pacote do dpkt para IPPacket
'''
if isinstance(pkg, dpkt.ip.IP):
- return IPPacket.convert(pkg)
+ pkgs: 'Packet' | List['Packet'] = IPPacket.convert(pkg)
+ Packet.setTimestamp(pkgs, Packet.ts)
+ return pkgs
elif isinstance(pkg, dpkt.ip6.IP6):
- return IP6Packet.convert(pkg)
+ pkgs: 'Packet' | List['Packet'] = IP6Packet.convert(pkg)
+ Packet.setTimestamp(pkgs, Packet.ts)
+ return pkgs
elif isinstance(pkg, dpkt.arp.ARP):
- return ARPPacket.convert(pkg)
+ pkgs: 'Packet' | List['Packet'] = ARPPacket.convert(pkg)
+ Packet.setTimestamp(pkgs, Packet.ts)
+ return pkgs
elif isinstance(pkg, dpkt.udp.UDP):
- return UDPPacket.convert(pkg)
+ pkgs: 'Packet' | List['Packet'] = UDPPacket.convert(pkg)
+ Packet.setTimestamp(pkgs, Packet.ts)
+ return pkgs
+ elif isinstance(pkg, dpkt.tcp.TCP):
+ pkgs: 'Packet' | List['Packet'] = TCPPacket.convert(pkg)
+ Packet.setTimestamp(pkgs, Packet.ts)
+ return pkgs
+ elif isinstance(pkg, dpkt.http.Request) or isinstance(pkg, dpkt.http.Response):
+ pkgs: 'Packet' | List['Packet'] = HTTPPacket.convert(pkg)
+ Packet.setTimestamp(pkgs, Packet.ts)
+ return pkgs
+ elif isinstance(pkg, dpkt.icmp.ICMP) or isinstance(pkg, dpkt.igmp.IGMP):
+ return None
else:
print("Tipo de pacote não tratado! Tipo:" + str(type(pkg)))
return None
@@ -233,8 +259,7 @@ def convert(ip: dpkt.ip6.IP6) -> 'IP6Packet' | List[Packet]:
class RIPPacket(Packet):
command: int
- metrics: List[Dict[str, Any]] | None= []
-
+ metrics: List[Dict[str, Any]] | None = []
def __init__(self):
self.metrics = []
@@ -247,7 +272,6 @@ def convert(rip: dpkt.rip.RIP) -> 'RIPPacket':
pkt.command = rip.cmd
for item in rip.rtes:
-
pkt.metrics.append(
{"address": int_to_ip4(item.addr),
"mask": int_to_ip4(item.subnet),
@@ -301,6 +325,105 @@ def convert(pkt: dpkt.udp.UDP) -> 'UDPPacket' | List[Packet]:
return packet
+class TCPPacket(Packet):
+ '''
+ Classe para encapsular dpkt.tcp.TCP e printar
+ certinho na fastAPI
+ '''
+
+ srcIp: str
+ dstIp: str
+ srcPort: int
+ dstPort: int
+ seq: int
+ ack: int
+ data_offset: int
+ flags: int
+ window: int
+ checksum: int
+ urgent_pointer: int
+
+ def convert(pkt: dpkt.tcp.TCP) -> 'TCPPacket' | List[Packet]:
+ packet = TCPPacket()
+
+ packet.dstPort = pkt.dport
+ packet.srcPort = pkt.sport
+ packet.seq = pkt.seq
+ packet.ack = pkt.ack
+ packet.data_offset = pkt.off
+ packet.flags = pkt.flags
+ packet.window = pkt.win
+ packet.checksum = pkt.sum
+ packet.urgent_pointer = pkt.urp
+
+ data: Packet | List[Packet] | None = None
+ if len(pkt.data) > 0 and pkt.data != b'':
+ if packet.dstPort == 80:
+ try:
+ dpktpacket = dpkt.http.Request(pkt.data)
+ data = HTTPPacket.convert(dpktpacket)
+ except dpkt.dpkt.UnpackError:
+ pass
+ elif packet.srcPort == 80:
+ try:
+ dpktpacket = dpkt.http.Response(pkt.data)
+ data = HTTPPacket.convert(dpktpacket)
+ except dpkt.dpkt.UnpackError:
+ pass
+ elif packet.dstPort == 53:
+ # data = DNSPacket.convert(pkt.data) # FIXME Há necessidade de analisar DNS sobre UDP?
+ pass
+ if data is not None:
+ if type(data) == list:
+ packet.payload = data[0].uniqueId
+ packet.setInternalPDU(data[0])
+ data[0].setExternalPDU(packet)
+ return [packet, *data]
+ else:
+ packet.payload = data.uniqueId
+ packet.setInternalPDU(data)
+ data.setExternalPDU(packet)
+ return [packet, data]
+
+ return packet
+
+
+class HTTPPacket(Packet):
+ '''
+ Classe para encapsular pacotes HTTP
+ '''
+
+ isResponse: bool
+ status: int
+ method: str
+ uri: str
+ version: str
+ headers: Dict[str, str]
+ body: str
+
+ def convert(pkt: dpkt.http.Request | dpkt.http.Response) -> 'HTTPPacket':
+
+ if not isinstance(pkt, dpkt.http.Request) and not isinstance(pkt, dpkt.http.Response):
+ print("Tentando converter um pacote HTTP que não é HTTP(", type(pkt), ")")
+ return None
+
+ packet = HTTPPacket()
+ packet.isResponse = isinstance(pkt, dpkt.http.Response)
+ packet.version = pkt.version
+ packet.headers = pkt.headers
+ packet.body = pkt.body
+ if packet.isResponse:
+ packet.status = pkt.status
+ print("HTTPPacket", packet.status, "convertido")
+ else:
+ packet.method = pkt.method
+ packet.status = 0
+ packet.uri = pkt.uri
+ print("HTTPPacket", packet.method, "convertido")
+
+ return packet
+
+
class PacketSource:
'''
Classe que junta logica de captura e leitura de pacotes.
@@ -317,7 +440,7 @@ class PacketSource:
para lidar melhtos com pacotes aninhados. ex.: IP(UDP(RIP))'''
allPacketsDict: Dict[type, List[Packet]]
- def readPackets(self, filePath: str) -> list:
+ def readPackets(filePath: str) -> list:
'''
Le um arquivo pcap e retorna uma lista de pacotes IP
'''
@@ -340,10 +463,10 @@ def readPackets(self, filePath: str) -> list:
eth = dpkt.ethernet.Ethernet(buf)
if eth.type == ETH_TYPE_IPv4 or eth.type == ETH_TYPE_IPv6:
ip = eth.data
- packets.append(ip)
+ packets.append((ts, ip))
elif eth.type == ETH_TYPE_ARP:
arp = eth.data
- packets.append(arp)
+ packets.append((ts, arp))
else:
print("Ethernet type não tratado.")
@@ -360,8 +483,9 @@ def readAll(self) -> Tuple[List[Packet], Dict[type, List[Packet]]]:
outputDict: Dict[type, List[Packet]] = {}
for arquivo in arquivos:
print("Lendo arquivo: ", arquivo)
- packets = self.readPackets(f'./pcaps/{arquivo}')
- for packet in packets:
+ packets = PacketSource.readPackets(f'./pcaps/{arquivo}')
+ for ts, packet in packets:
+ Packet.ts = ts # Os pacotes usarão esta variavel estatica para definir seu timestamp
pkt: Packet | List[Packet] = Packet.convert(packet)
if pkt is None:
# print("um pacote nao foi convertido")
@@ -383,13 +507,52 @@ def readAll(self) -> Tuple[List[Packet], Dict[type, List[Packet]]]:
for pkt_unit in pkt:
self.packetData[pkt_unit.uniqueId] = packet.data
output.append(pkt_unit)
+ print(arquivo, "tinha um total de", len(packets), "pacotes")
+ print("li um total de", len(output), "pacotes")
+ return output, outputDict
+
+ def read(file: str) -> Tuple[List[Packet], Dict[type, List[Packet]]]:
+ '''
+ Le todos os pcap da pasta captures e retorna uma lista de pacotes IP
+ '''
+
+
+ output = []
+ outputDict: Dict[type, List[Packet]] = {}
+
+ print("Lendo arquivo: ", file)
+ packets = PacketSource.readPackets(f'./pcaps/{file}')
+ for ts, packet in packets:
+ Packet.ts = ts # Os pacotes usarão esta variavel estatica para definir seu timestamp
+ pkt: Packet | List[Packet] = Packet.convert(packet)
+ if pkt is None:
+ # print("um pacote nao foi convertido")
+ continue
+
+ if type(pkt) != list:
+ # Esta condição não deve ocorrer,
+ # uniqueUuid está sendo definido na inicialização do objeto
+ if pkt.uniqueId is None:
+ pkt.uniqueId = uuid.uuid4()
+ # self.packetData[pkt.uniqueId] = packet.data
+ output.append(pkt)
+
+ if outputDict.get(pkt.__class__) is None:
+ outputDict[pkt.__class__] = []
+ outputDict[pkt.__class__].append(pkt)
+ elif type(pkt) == list:
+ appendPackets(outputDict, pkt)
+ for pkt_unit in pkt:
+ # self.packetData[pkt_unit.uniqueId] = packet.data
+ output.append(pkt_unit)
+ print(file, "tinha um total de", len(packets), "pacotes")
print("li um total de", len(output), "pacotes")
return output, outputDict
+
def __init__(self):
self.packetData = {}
self.allPackets, self.allPacketsDict = self.readAll()
-
-# packetSource = PacketSource()
+packetSource = PacketSource()
diff --git a/Modules/rodrigo_thierry_joaovitor/routers/trabalho1.py b/Modules/rodrigo_thierry_joaovitor/routers/trabalho1.py
index ef0aee6..8b3a6eb 100644
--- a/Modules/rodrigo_thierry_joaovitor/routers/trabalho1.py
+++ b/Modules/rodrigo_thierry_joaovitor/routers/trabalho1.py
@@ -13,12 +13,13 @@ def get_enviados_list():
@router.get("/enviados/{ip}")
def get_enviados(ip: str):
output = [packet for packet in src.allPackets if isinstance(packet, IPPacket) and packet.sourceIp == ip]
- return output
+ return output.sort()
@router.get('/recebidos/list')
def get_recebidos_list():
- output = {packet.destinationIp for packet in src.allPackets if isinstance(packet, IPPacket)}
+ output = [packet.destinationIp for packet in src.allPacketsDict[IPPacket]]
+ output.sort()
return output
@router.get("/recebidos/{ip}")
diff --git a/Modules/rodrigo_thierry_joaovitor/routers/trabalho4.py b/Modules/rodrigo_thierry_joaovitor/routers/trabalho4.py
index 6062f94..3aaf35f 100644
--- a/Modules/rodrigo_thierry_joaovitor/routers/trabalho4.py
+++ b/Modules/rodrigo_thierry_joaovitor/routers/trabalho4.py
@@ -1,16 +1,16 @@
from fastapi import APIRouter
from typing import Dict, List, Any
import json
-from ...rodrigo_thierry_joaovitor.Parser import PacketSource, UDPPacket, IPPacket, packetSource as src
+from ...rodrigo_thierry_joaovitor.Parser import PacketSource, UDPPacket, IPPacket
from ...rodrigo_thierry_joaovitor.PortFinder import findService
router = APIRouter(prefix="/grupo_rodrigo_thierry_joao/udp", tags=[""])
-
+src_allPackets, src_allPacketsDict = PacketSource.read("udp.pcap")
@router.get("/todos")
def get_todos():
''' Retorna todos os pacotes disponiveis'''
- for packet in src.allPackets:
+ for packet in src_allPackets:
if isinstance(packet, UDPPacket):
yield packet
@@ -21,10 +21,43 @@ def get_services(port: int):
return findService(port)
+@router.get("/sugestaoDeivis")
+def get_sugestaoDeivis():
+ '''Retorna os dados para formar o gráfico sugerido pelo Deivis:
+ Sugestão: Listar o volume de tráfego por porta e pegar a lista
+ de aplicações de cada porta dessas.
+ '''
+
+ udp_packets: List[UDPPacket] = src_allPacketsDict[UDPPacket]
+
+ dict_return: Dict[Any, Any] = dict()
+
+ dict_return["n_req"]: Dict[int, Any] = dict()
+ dict_return["data"]: Dict[int, Any] = dict()
+
+ for pkt in udp_packets:
+
+ if dict_return["data"].get(pkt.srcPort, None) is None:
+ dict_return["data"][pkt.srcPort] = pkt.length
+ else:
+ dict_return["data"][pkt.srcPort] += pkt.length
+
+ if dict_return["n_req"].get(pkt.dstPort, None) is None:
+ dict_return["n_req"][pkt.dstPort] = 1
+ else:
+ dict_return["n_req"][pkt.dstPort] += 1
+
+
+
+ dict_return["data"] = dict(sorted(dict_return["data"].items(), key=lambda item: item[1]))
+
+ return dict_return
+
+
@router.get("/port/{port}")
def get_in_port(port: int):
''' Retorna todos os pacotes que usam uma porta UDP como destino'''
- for packet in src.allPackets:
+ for packet in src_allPackets:
if not isinstance(packet, UDPPacket):
continue
udpPacket: UDPPacket = packet
@@ -37,7 +70,7 @@ def miserables():
pre_nodes: Dict[str, Dict] = dict()
edges: List[Dict[str, str]] = []
- allUDP: List[UDPPacket] = src.allPacketsDict[UDPPacket]
+ allUDP: List[UDPPacket] = src_allPacketsDict[UDPPacket]
category: List[str] = []
for item in allUDP:
@@ -84,7 +117,6 @@ def miserables():
pre_nodes.get(dst_socket)["value"] += 1
pre_nodes.get(dst_socket)["symbolSize"] += 1
-
retorno: Dict[str, List[Dict[str, Any]]] = {"nodes": list(pre_nodes.values()), "links": edges,
"categories": [{"name": i} for i in category]}
@@ -104,7 +136,7 @@ def miserables():
# @router.get("/enviados/{ip}")
# def get_enviados(ip: str):
# ''' Retorna todos os pacotes UDP que um ip enviou'''
-# for packet in src.allPackets:
+# for packet in src_allPackets:
# if not isinstance(packet, UDPPacket):
# continue
# udpPacket:UDPPacket = packet
@@ -114,7 +146,7 @@ def miserables():
# @router.get("/recebidos/{ip}")
# def get_recebidos(ip: str):
# ''' Retorna todos os pacotes UDP que um ip recebeu'''
-# for packet in src.allPackets:
+# for packet in src_allPackets:
# if not isinstance(packet, UDPPacket):
# continue
# udpPacket:UDPPacket = packet
@@ -125,7 +157,7 @@ def miserables():
# def get_senders():
# ''' Retorna todos os ips que enviaram pacotes UDP'''
# output = []
-# for packet in src.allPackets:
+# for packet in src_allPackets:
# if not isinstance(packet, UDPPacket):
# continue
# udpPacket: UDPPacket = packet
@@ -137,7 +169,7 @@ def miserables():
# def get_receivers():
# ''' Retorna todos os ips que receberam pacotes UDP'''
# output = []
-# for packet in src.allPackets:
+# for packet in src_allPackets:
# if not isinstance(packet, UDPPacket):
# continue
# udpPacket:UDPPacket = packet
diff --git a/Modules/rodrigo_thierry_joaovitor/routers/trabalho5.py b/Modules/rodrigo_thierry_joaovitor/routers/trabalho5.py
new file mode 100644
index 0000000..142ff04
--- /dev/null
+++ b/Modules/rodrigo_thierry_joaovitor/routers/trabalho5.py
@@ -0,0 +1,72 @@
+from fastapi import APIRouter
+from typing import Dict, List, Any
+import json
+from ...rodrigo_thierry_joaovitor.Parser import PacketSource, UDPPacket, IPPacket, TCPPacket
+from ...rodrigo_thierry_joaovitor.PortFinder import findService
+
+router = APIRouter(prefix="/grupo_rodrigo_thierry_joao/tcp", tags=[""])
+src_allPackets, src_allPacketsDict = PacketSource.read("tcp.pcap")
+
+
+@router.get("/conversations")
+def get_conversations():
+ TCP_pkts: List[IPPacket] = src_allPacketsDict[IPPacket]
+
+ set_tcp: set[tuple[str, str]] = set()
+
+ for pkt in TCP_pkts:
+ if (pkt.protocol == "TCP"):
+ tmp: List[str, str] = [pkt.sourceIp, pkt.destinationIp]
+ tmp.sort()
+
+ set_tcp.add(tuple(tmp))
+
+ return sorted(set_tcp)
+
+
+count_src = count_dst = 0
+
+
+@router.get("/info/{src_ip}/{src_port}/{dst_ip}/{dst_port}")
+def get_tcp_info(src_ip: str, src_port: int, dst_ip: str, dst_port: int):
+ TCP_pkts: List[TCPPacket] = src_allPacketsDict[TCPPacket]
+
+ src_ip = src_ip.strip()
+ dst_ip = dst_ip.strip()
+
+ infos: Dict[Any, Any] = dict()
+
+ infos[src_ip] = dict()
+ infos[dst_ip] = dict()
+ infos[src_ip]["n_pkt"] = 0
+ infos[src_ip]["w_size"] = []
+ infos[src_ip]["timestamp"] = []
+ infos[src_ip]["payload_size"] = []
+ infos[src_ip]["bind"] = []
+ infos[dst_ip]["n_pkt"] = 0
+ infos[dst_ip]["w_size"] = []
+ infos[dst_ip]["timestamp"] = []
+ infos[dst_ip]["bind"] = []
+ infos[dst_ip]["payload_size"] = []
+
+ for pkt in TCP_pkts:
+
+ if src_ip == pkt.external_pdu.sourceIp and dst_ip == pkt.external_pdu.destinationIp:
+ infos[src_ip]["n_pkt"] += 1
+ infos[src_ip]["w_size"].append(pkt.window)
+ infos[src_ip]["timestamp"].append(pkt.ts)
+ infos[src_ip]["bind"].append((pkt.srcPort, pkt.dstPort))
+
+ ip_pkt: IPPacket = pkt.external_pdu
+ infos[src_ip]["payload_size"].append(ip_pkt.length - (pkt.data_offset + ip_pkt.headerLength))
+
+ elif dst_ip == pkt.external_pdu.sourceIp and src_ip == pkt.external_pdu.destinationIp:
+ infos[dst_ip]["n_pkt"] += 1
+ infos[dst_ip]["w_size"].append(pkt.window)
+ infos[dst_ip]["timestamp"].append(pkt.ts)
+ infos[dst_ip]["bind"].append((pkt.srcPort, pkt.dstPort))
+
+ ip_pktd: IPPacket = pkt.external_pdu
+ infos[dst_ip]["payload_size"].append(ip_pktd.length - (pkt.data_offset + ip_pktd.headerLength)*4)
+
+ return infos
diff --git a/Modules/rodrigo_thierry_joaovitor/routers/trabalho6.py b/Modules/rodrigo_thierry_joaovitor/routers/trabalho6.py
new file mode 100644
index 0000000..199d1bb
--- /dev/null
+++ b/Modules/rodrigo_thierry_joaovitor/routers/trabalho6.py
@@ -0,0 +1,73 @@
+from fastapi import APIRouter
+from typing import Dict, List, Any, Tuple
+import json
+from ...rodrigo_thierry_joaovitor.Parser import PacketSource, HTTPPacket, packetSource as src
+from scapy.layers.http import HTTPResponse, HTTPRequest
+from scapy.utils import rdpcap
+
+router = APIRouter(prefix="/grupo_rodrigo_thierry_joao/http", tags=[""])
+
+
+def parser_http_packet(packet, p_num) -> Tuple[Dict[str, Any], bool] | None:
+ if packet.haslayer(HTTPRequest):
+ http_layer = packet.getlayer(HTTPRequest)
+ http_info = {
+ 'Packet Number': p_num,
+ 'Method': http_layer.Method.decode() if http_layer.Method else None,
+ 'Host': http_layer.Host.decode() if http_layer.Host else None,
+ 'Path': http_layer.Path.decode() if http_layer.Path else None,
+ 'User-Agent': http_layer.User_Agent.decode() if http_layer.User_Agent else None,
+ 'Referer': http_layer.Referer.decode() if http_layer.Referer else None,
+ 'Cookie': http_layer.Cookie.decode() if http_layer.Cookie else None,
+ 'Accept': http_layer.Accept.decode() if http_layer.Accept else None,
+ }
+ return http_info, True
+
+ elif packet.haslayer(HTTPResponse):
+ http_layer = packet.getlayer(HTTPResponse)
+ http_info = {
+ 'Packet Number': p_num,
+ 'Status-Code': http_layer.Status_Code.decode() if http_layer.Status_Code else None,
+ 'Reason-Phrase': http_layer.Reason_Phrase.decode() if http_layer.Reason_Phrase else None,
+ 'Content-Type': http_layer.Content_Type.decode() if http_layer.Content_Type else None,
+ 'Content-Length': http_layer.Content_Length.decode() if http_layer.Content_Length else None,
+ 'Server': http_layer.Server.decode() if http_layer.Server else None,
+ }
+ return http_info, False
+
+ return None
+
+
+pcaplist = rdpcap("./pcaps/http_witp_jpegs.pcap")
+httpResquestPackets: List[Any] = []
+httpResponsePackets: List[Any] = []
+
+count = 1
+for pkt in pcaplist:
+ http_pkt = parser_http_packet(pkt, count)
+ count += 1
+ if http_pkt:
+ if http_pkt[1]:
+ httpResquestPackets.append(http_pkt[0])
+ else:
+ httpResponsePackets.append(http_pkt[0])
+
+
+@router.get("/info")
+def test():
+ x = httpResponsePackets
+ y = httpResquestPackets
+
+ resp = {"Responses": x, "Requests": y}
+ return resp
+
+
+@router.get("/methods")
+def get_methods():
+ '''
+ Retorna os metodos usados e quantas vezes foram usados
+ '''
+
+ for packet in src.allPackets:
+ if isinstance(packet, HTTPPacket):
+ yield packet.isResponse
diff --git a/Modules/rodrigo_thierry_joaovitor/routers/trabalho7.py b/Modules/rodrigo_thierry_joaovitor/routers/trabalho7.py
new file mode 100644
index 0000000..68ba40c
--- /dev/null
+++ b/Modules/rodrigo_thierry_joaovitor/routers/trabalho7.py
@@ -0,0 +1,78 @@
+from fastapi import APIRouter
+from typing import Dict, List, Any
+from scapy.all import rdpcap, DNS
+import json
+
+router = APIRouter(prefix="/grupo_rodrigo_thierry_joao/dns", tags=[""])
+
+rawpacket = rdpcap("./pcaps/dns.pcap")
+packets: List[DNS] = []
+for p in rawpacket:
+ if p.haslayer(DNS):
+ packets.append(p.getlayer(DNS))
+
+
+def packet_to_dict(packet: DNS) -> Dict[str, Any]:
+ ## check if is request or response.
+ # read request url or response ip
+ print(packet.id)
+ if packet.qr == 0:
+ return {
+ "type": "request",
+ "id": packet.id,
+ "url": packet.qd.qname.decode("utf-8")
+ }
+ else:
+ return {
+ "type": "response",
+ "ip": packet.an.rdata,
+ "id": packet.id,
+ "url": packet.qd.qname.decode("utf-8")
+ }
+
+@router.get("/pktCount")
+def get_pkt_count() -> Dict[str, Any]:
+ return {"count": len(packets)}
+
+# mt grande pra ir tudo junto
+@router.get("/packets/{start}/{end}")
+def get_packets(start: int, end: int) -> List[Dict[str, Any]]:
+ return [packet_to_dict(packet) for packet in packets[start:end]]
+
+@router.get("/resolved")
+def get_resolved() -> List[Dict[str, str]]:
+ #return an array of keypairs with the resolved ips and its domain name
+ # remove duplicates
+ resolved = {}
+ for packet in packets:
+ if packet.qr == 1:
+ resolved[packet.an.rdata] = packet.qd.qname.decode("utf-8")
+ return [{"ip": ip, "domain": resolved[ip]} for ip in resolved]
+
+@router.get("/senders")
+def get_senders() -> List[str]:
+ #return an array of unique senders
+ senders = set()
+ for packet in rawpacket:
+ # get ip layer
+ ip = packet.getlayer("IP")
+ senders.add(ip.src)
+ return list(senders)
+
+@router.get("/receivers")
+def get_receivers() -> List[str]:
+ #return an array of unique receivers
+ receivers = set()
+ for packet in rawpacket:
+ # get ip layer
+ ip = packet.getlayer("IP")
+ receivers.add(ip.dst)
+ return list(receivers)
+
+@router.get("/sender/{sender}")
+def get_sender(sender: str):
+ for packet in rawpacket:
+ # get ip layer
+ ip = packet.getlayer("IP")
+ if ip.src == sender:
+ yield packet_to_dict(packet.getlayer(DNS))
\ No newline at end of file
diff --git a/Modules/rodrigo_thierry_joaovitor/routers/trabalho8.py b/Modules/rodrigo_thierry_joaovitor/routers/trabalho8.py
new file mode 100644
index 0000000..b8a1297
--- /dev/null
+++ b/Modules/rodrigo_thierry_joaovitor/routers/trabalho8.py
@@ -0,0 +1,102 @@
+from fastapi import APIRouter
+from typing import Dict, List, Any
+from scapy.all import rdpcap, SNMP
+import json
+from ...rodrigo_thierry_joaovitor.Parser import packetSource as src
+
+router = APIRouter(prefix="/grupo_rodrigo_thierry_joao/snmp", tags=[""])
+
+# vamo ler o pcap separado pq dpkt n suporta snmp
+
+snmpPackets = rdpcap("./pcaps/snmp.pcap")
+
+
+def parse_snmp_packet(packet) -> Dict[str, Any]:
+ """
+ Parse an SNMP packet and extract relevant information.
+ """
+ mib_entry = {}
+
+ if packet.haslayer(SNMP):
+ snmp = packet.getlayer(SNMP)
+ # Extract information from the SNMP layer
+ for var_bind in snmp.PDU.varbindlist:
+ oid = var_bind.oid.val
+ value = var_bind.value
+ mib_entry[oid] = value
+
+
+ return mib_entry
+
+def build_tree(entries):
+ tree = {}
+ for oid in entries:
+ oid_parts = oid.split(".")
+ current = tree
+ for part in oid_parts:
+ if part not in current:
+ current[part] = {}
+ current = current[part]
+ current["value"] = entries[oid]
+ return tree
+
+@router.get("/mib")
+def get_mib():
+ '''
+ Retorna a tabela mib
+ '''
+ entries = {}
+
+ for packet in snmpPackets:
+ mib_entry = parse_snmp_packet(packet)
+ if mib_entry:
+ entries.update(mib_entry)
+
+ # transformar a lista de oids em uma arvore recursiva
+ mib = build_tree(entries)
+ return mib
+
+def build_tree_oids(oids: List[str]):
+ tree = {}
+ for oid in oids:
+ oid_parts = oid.split(".")
+ current = tree
+ for part in oid_parts:
+ if part not in current:
+ current[part] = {}
+ current = current[part]
+ # current["value"] = None
+ return tree
+
+@router.get("/tree")
+def get_tree():
+ '''
+ Retorna a tabela mib sem os valores. Scapy n consegue ler eles pelo visto
+ '''
+ oids = []
+
+ for packet in snmpPackets:
+ mib_entry = parse_snmp_packet(packet)
+ if mib_entry:
+ for oid in mib_entry:
+ if oid not in oids:
+ oids.append(oid)
+
+ # transformar a lista de oids em uma arvore recursiva
+ mib = build_tree_oids(oids)
+ return mib
+
+@router.get("/oids")
+def get_oids():
+ '''
+ Retorna os OIDs usados e quantas vezes foram usados
+ '''
+ oids = []
+
+ for packet in snmpPackets:
+ mib_entry = parse_snmp_packet(packet)
+ if mib_entry:
+ for oid in mib_entry:
+ if oid not in oids:
+ oids.append(oid)
+ return oids
\ No newline at end of file
diff --git a/Modules/rodrigo_thierry_joaovitor/views/arp-list.html b/Modules/rodrigo_thierry_joaovitor/views/arp-list.html
index 567cd71..d336ce5 100644
--- a/Modules/rodrigo_thierry_joaovitor/views/arp-list.html
+++ b/Modules/rodrigo_thierry_joaovitor/views/arp-list.html
@@ -38,6 +38,18 @@
Trabalho 4 - UDP
+
+ Trabalho 5 - TCP
+
+
+ Trabalho 6 - HTTP
+
+
+ Trabalho 7 - DNS
+
+
+ Trabalho 8 - SNMP
+
diff --git a/Modules/rodrigo_thierry_joaovitor/views/http-list.html b/Modules/rodrigo_thierry_joaovitor/views/http-list.html
new file mode 100644
index 0000000..eb7041a
--- /dev/null
+++ b/Modules/rodrigo_thierry_joaovitor/views/http-list.html
@@ -0,0 +1,112 @@
+
+
+
+
+
+
+ JRT Sniffer
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/Modules/rodrigo_thierry_joaovitor/views/http.css b/Modules/rodrigo_thierry_joaovitor/views/http.css
new file mode 100644
index 0000000..e69de29
diff --git a/Modules/rodrigo_thierry_joaovitor/views/http.js b/Modules/rodrigo_thierry_joaovitor/views/http.js
new file mode 100644
index 0000000..3ee1fe0
--- /dev/null
+++ b/Modules/rodrigo_thierry_joaovitor/views/http.js
@@ -0,0 +1,146 @@
+
+
+fetch("http://localhost:3001/grupo_rodrigo_thierry_joao/http/info")
+ .then(resp => resp.json())
+ .then(json => {
+ const data = json.Responses.reduce((acc, response) => {
+ const contentType = response['Content-Type'];
+ const contentLength = parseInt(response['Content-Length'], 10);
+
+ if (!acc[contentType]) {
+ acc[contentType] = {count: 0, totalLength: 0};
+ }
+
+ acc[contentType].count += 1;
+ acc[contentType].totalLength += contentLength;
+
+ return acc;
+ }, {});
+
+
+ const categories = Object.keys(data);
+ const counts = categories.map(category => data[category].count);
+ const totalLengths = categories.map(category => data[category].totalLength);
+var option1;
+option1 = {
+ title: {
+ text: 'Content-Type vs Volume de Dados',
+ subtext: 'Número de ocorrências e volume de dados total por tipo de conteúdo',
+ left: 'center'
+ },
+ tooltip: {
+ trigger: 'axis',
+ axisPointer: {
+ type: 'shadow'
+ }
+ },
+ legend: {
+ data: ['Número de Ocorrências', 'Volume de Dados Total'],
+ left: 'left',
+ top: 'bottom',
+
+ },
+ xAxis: {
+ type: 'category',
+ data: categories
+ },
+ yAxis: [
+ {
+ type: 'value',
+ name: 'Número de Ocorrências',
+ position: 'left'
+ },
+ {
+ type: 'value',
+ name: 'Volume de Dados Total (bytes)',
+ position: 'right'
+ }
+ ],
+ series: [
+ {
+ name: 'Número de Ocorrências',
+ type: 'bar',
+ data: counts
+ },
+ {
+ name: 'Volume de Dados Total',
+ type: 'bar',
+ yAxisIndex: 1,
+ data: totalLengths
+ }
+ ]
+};
+
+
+ const jsonRequests = json.Requests
+
+ const methodData = jsonRequests.reduce((acc, request) => {
+ const method = request.Method;
+
+ if (!acc[method]) {
+ acc[method] = 0;
+ }
+
+ acc[method] += 1;
+
+ return acc;
+ }, {});
+
+ const methodNames = Object.keys(methodData);
+ const methodCounts = methodNames.map(method => ({value: methodData[method], name: method}));
+
+
+ option2 = {
+ title: {
+ text: 'Métodos de Requisição',
+ subtext: 'Distribuição dos métodos de requisição HTTP',
+ left: 'center'
+ },
+ tooltip: {
+ trigger: 'item',
+ left: 'bottom'
+ },
+ legend: {
+ orient: 'vertical',
+ top: 'bottom',
+ left: 'left',
+ data: methodNames
+ },
+ series: [
+ {
+ name: 'Métodos de Requisição',
+ type: 'pie',
+ radius: '50%',
+ data: methodCounts,
+ emphasis: {
+ itemStyle: {
+ shadowBlur: 10,
+ shadowOffsetX: 0,
+ shadowColor: 'rgba(0, 0, 0, 0.5)'
+ }
+ }
+ }
+ ]
+};
+
+
+
+ var chartDom = document.getElementById('chart');
+ var myChart = echarts.init(chartDom);
+ option1 && myChart.setOption(option1);
+
+
+ var chartDom = document.getElementById('pieChart');
+ var myChart = echarts.init(chartDom);
+ option2 && myChart.setOption(option2);
+
+
+ })
+ .then(json => {
+ json.Responses.forEach((element) => {
+ HTMLE
+ }
+ )
+ })
+
+
diff --git a/Modules/rodrigo_thierry_joaovitor/views/ip-list.html b/Modules/rodrigo_thierry_joaovitor/views/ip-list.html
index 08901a6..3b2e494 100644
--- a/Modules/rodrigo_thierry_joaovitor/views/ip-list.html
+++ b/Modules/rodrigo_thierry_joaovitor/views/ip-list.html
@@ -18,6 +18,22 @@