Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Framework Reformat #120

Closed
wants to merge 0 commits into from
Closed

Framework Reformat #120

wants to merge 0 commits into from

Conversation

dc3-tsd
Copy link
Contributor

@dc3-tsd dc3-tsd commented Sep 29, 2020

  • Adds imports to main __init__.py in order to expose appropriate API classes and functions directly to dshell
  • Fixed logging so that logging only gets configured if using the CLI. This better allows us to use dshell as a library.
  • Fixed logging to use global logging.getLogger() functions instead of passing along logging modules in classes.
    • This helps to better follow best practices and allows all log messages to be under a single "dshell" name.
  • Refactored base classes to better follow a Producer/Consumer design.
  • Updated the PacketPlugin to dynamically pull data as a property and added a setter to allow updating the data.
  • Updated the PacketPlugin to keep track of the frame number. This makes it easier for debugging and reporting because we can more easily find the matching packet object in Wireshark.
  • Updated Connection to be packet-based instead of blob-based and changed blobs to be a dynamic property. This helps to simplify the codebase and provide more flexibility in the future.
  • Updated Blob to dynamically pull raw data and added the ability to update the data which in turn updates the appropriate Packet objects. This allows us to write out the decrypted traffic back into packet for either the next plugin to handle or to be written out with the pcapwriter
  • Updated Blob to be able to get the underlying packets for a specific offset range.
  • Improved Blob to better handle out-of-order or retransmitted packets.
  • Refactored some of the logic in feed_plugin_chain() into the appropriate classes.
  • Moved the code involved in reading the packets out of the pcap/live in process_files() into a new function called read_packets()
  • Updated httpplugin to gracefully throw an exception if a http plugin failed from a state it can't recover from.
    • Before, having the plugin simply write an error log was causing a different unrelated exception to be thrown due to missing data.
  • Updated pcapwriter to allow it to use the input file as part of its output file if an output file is not provided.

@dev195
Copy link
Contributor

dev195 commented Sep 30, 2020

Wow, there is a lot here! It will take us some time to review and test everything in this pull request.

We will let you know if anything needs to be altered as we review the changes. Thanks for contributing!

@dev195 dev195 mentioned this pull request Oct 22, 2020
Closed
@dc3-tsd dc3-tsd closed this Jan 6, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@dc3-tsd @dev195