コード例 #1
0
ファイル: SaveAllToSQL.cs プロジェクト: LiXiaoRan/Watch
        private string SetSQLString(ProcessingAllData p)
        {
            string id;
            string data_id;
            string protocol;
            string length;
            string sourceAddress;
            string destinationAddress;
            string time;
            string data;

            id                 = p.Id;
            data_id            = p.Id;
            protocol           = p.Protocol;
            length             = p.Length;
            sourceAddress      = re2.Replace(p.SourceAddress, "");
            destinationAddress = re2.Replace(p.DestinationAddress, "");
            time               = re2.Replace(p.Time, "");
            data               = re1.Replace(p.Data, "''");
            time               = re3.Replace(time, "");
            //time = "1";
            //protocol = "1";
            //sourceAddress = "1";
            //destinationAddress = "1";
            //protocol = "tcp";
            //time = "1";
            //data = "123456";
            return("insert into all_info(data_id,protocol,length,sourceAddress,destinationAddress,time,data) values('" + data_id + "','" + protocol + "','" + length + "','" + sourceAddress + "','" + destinationAddress + "','" + time + "','" + data + "')");
            //re.Replace(m.ToString(), "");
        }
コード例 #2
0
ファイル: MainForm.cs プロジェクト: Charming199/UserWatch
        /// 将分析好的数据添加到列表
        private void ShowDataRows(RawCapture packet)
        {
            try
            {
                temp_packetIndex = packetIndex + 1;
                dataGridPacket.Rows.Add(rowsBulider.Row(packet, temp_packetIndex));//加载DataGridRows;


                string[] rowsLinebuffer = new string[7];

                rowsLinebuffer = rowsBulider.Row(packet, ++packetIndex);
                Console.WriteLine("rowsLinebuffer is " + rowsLinebuffer.Length);
                if (rowsLinebuffer[1] == "TCP" || rowsLinebuffer[1] == "SMTP" || rowsLinebuffer[1] == "POP3" || rowsLinebuffer[1] == "HTTP" || rowsLinebuffer[1] == "OICQ")
                {
                    rowData                    = new ProcessingAllData();
                    rowData.Id                 = rowsLinebuffer[0];
                    rowData.Protocol           = rowsLinebuffer[1];
                    rowData.Length             = rowsLinebuffer[2];
                    rowData.SourceAddress      = rowsLinebuffer[3];
                    rowData.DestinationAddress = rowsLinebuffer[4];
                    rowData.HardwareType       = rowsLinebuffer[5];
                    rowData.Time               = rowsLinebuffer[6];
                    rowData.BinaryData         = packet.Data;
                    rowData.Data               = HexConvert.ConvertToAscii(packet.Data);

                    //添加总的数据
                    lock (padList.SyncRoot)
                    {
                        padList.Add(rowData);
                    }

                    //saveAllData.SaveAll(saveAllData.MyConnect,rowData);



                    if (rowsLinebuffer[1] == "OICQ")
                    {
                        pqll     = new ProcessingQQLoginLogout();
                        countQQ += pqll.Analysis(rowData);
                        if (pqll.QqLogin == 1 || pqll.QqLogin == 2)
                        {
                            lock (pqllList.SyncRoot)
                            {
                                pqllList.Add(pqll);
                                //这里写存入数据库的代码
                            }
                        }
                    }
                }
            }
            catch (Exception ex)
            {
                MessageBox.Show(ex.Message);
            }

            this.qqNoticeLabel.Text = "已捕获QQ上下线记录" + countQQ + "条";
        }
コード例 #3
0
ファイル: MainForm.cs プロジェクト: LiXiaoRan/Watch
        /// <summary>
        /// 将分析好的数据添加到列表
        /// </summary>
        /// <param name="packet"></param>
        private void AddDataToList(RawCapture packet)
        {
            Console.Write("AddDataToList");

            try
            {
                string[] rowsLinebuffer = new string[7];
                rowsLinebuffer = rowsBulider.Row(packet, ++packetIndex);
                if (rowsLinebuffer[1] == "TCP" || rowsLinebuffer[1] == "SMTP" || rowsLinebuffer[1] == "POP3" || rowsLinebuffer[1] == "HTTP" || rowsLinebuffer[1] == "OICQ")
                {
                    rowData                    = new ProcessingAllData();
                    rowData.Id                 = rowsLinebuffer[0];
                    rowData.Protocol           = rowsLinebuffer[1];
                    rowData.Length             = rowsLinebuffer[2];
                    rowData.SourceAddress      = rowsLinebuffer[3];
                    rowData.DestinationAddress = rowsLinebuffer[4];
                    rowData.HardwareType       = rowsLinebuffer[5];
                    rowData.Time               = rowsLinebuffer[6];
                    rowData.BinaryData         = packet.Data; //?
                    rowData.Data               = HexConvert.ConvertToAscii(packet.Data);

                    //添加总的数据
                    lock (padList.SyncRoot)
                    {
                        padList.Add(rowData);
                    }


                    if (rowsLinebuffer[1] == "OICQ")
                    {
                        pqll     = new ProcessingQQLoginLogout();
                        countQQ += pqll.Analysis(rowData);
                        if (pqll.QqLogin == 1 || pqll.QqLogin == 2)
                        {
                            lock (pqllList.SyncRoot)
                            {
                                pqllList.Add(pqll);
                                //这里写存入数据库的代码
                            }
                        }
                    }
                }
            }
            catch (Exception ex)
            {
                MessageBox.Show(ex.Message);
            }
            //this.staffNoticeLabel.Text = "今日新增记录" + countBehave + "条";
            this.qqNoticeLabel.Text = "今日新增记录" + countQQ + "条";
        }
コード例 #4
0
 public int Analysis(ProcessingAllData data)
 {
     this.QqID = (data.BinaryData[49] * 256 * 256 * 256 + data.BinaryData[50] * 256 * 256 +
                  data.BinaryData[51] * 256 + data.BinaryData[52]).ToString();
     this.Time = data.Time;
     this.QqIP = data.SourceAddress;
     if (data.BinaryData[45] == (byte)(0x08) && data.BinaryData[46] == (byte)(0x25))
     {
         this.QqLogin = 1;
         return(1);
     }
     else if (data.BinaryData[45] == (byte)(0x00) && data.BinaryData[46] == (byte)(0x62))
     {
         this.QqLogin = 2;
         return(1);
     }
     return(0);
 }
コード例 #5
0
        public string Analysis(ProcessingAllData data, Hashtable ht, ProcessingBehaveList <ProcessingBehave> pbList)
        {
            String keys = "key";

            foreach (String key in ht.Keys)
            {
                if (data.Data.Contains(key) || data.Data.Contains(key))
                {
                    this.UserIPA  = data.SourceAddress;
                    this.UserIPB  = data.DestinationAddress;
                    this.time     = data.Time;
                    this.protocol = data.HardwareType;
                    string   str  = ht[key].ToString();
                    string[] strs = str.Split(',');
                    this.reason       = strs[0];
                    this.detailReason = strs[1];
                    Console.WriteLine("reason= " + str[0] + "detailReason= " + detailReason);
                    lock (pbList.SyncRoot)
                    {
                        pbList.Add(this);
                    }

                    keys = key;
                }
                //if (data.Data.Contains(key) || data.Data.Contains(key))
                //{
                //    this.UserIPA = data.SourceAddress;
                //    this.UserIPB = data.DestinationAddress;
                //    this.time = data.Time;
                //    this.protocol = data.HardwareType;
                //    this.reason = (String)ht[key];
                //    lock (pbList.SyncRoot)
                //    {
                //        pbList.Add(this);
                //    }

                //    keys = key;
                //}
            }

            return(keys);
        }
コード例 #6
0
ファイル: SaveAllToSQL.cs プロジェクト: LiXiaoRan/Watch
        public void SaveAll(MySqlConnection myConnect, ProcessingAllData rowData)
        {
            myConnect.Open();

            string sql = "";

            MySqlCommand myCmd = null;

            ///
            sql = SetSQLString(rowData);
            Debug.WriteLine(sql);
            try
            {
                myCmd = new MySqlCommand(get_uft8(sql), myConnect);
                myCmd.ExecuteNonQuery();
            }
            finally
            {
                myConnect.Close();
            }

            //MySqlCommand mycmd = new MySqlCommand("insert into buyer(name,password,email) values('小王','dikd3939','*****@*****.**')", mycon);
        }
コード例 #7
0
ファイル: MainForm.cs プロジェクト: LiXiaoRan/Watch
        private void ShowDataRows(RawCapture packet)
        {
            try
            {
                temp_packetIndex = packetIndex + 1;
                dataGridPacket.Rows.Add(rowsBulider.Row(packet, temp_packetIndex));//加载DataGridRows;


                string[] rowsLinebuffer = new string[7];

                rowsLinebuffer = rowsBulider.Row(packet, ++packetIndex);

                //Console.WriteLine("rowsLinebuffer的长度是:"+ rowsLinebuffer.Length);

                if (rowsLinebuffer[1] == "TCP" || rowsLinebuffer[1] == "SMTP" || rowsLinebuffer[1] == "POP3" || rowsLinebuffer[1] == "HTTP" || rowsLinebuffer[1] == "OICQ")
                {
                    rowData                    = new ProcessingAllData();
                    rowData.Id                 = rowsLinebuffer[0];
                    rowData.Protocol           = rowsLinebuffer[1];
                    rowData.Length             = rowsLinebuffer[2];
                    rowData.SourceAddress      = rowsLinebuffer[3];
                    rowData.DestinationAddress = rowsLinebuffer[4];
                    rowData.HardwareType       = rowsLinebuffer[5];
                    //Console.WriteLine("305 索引前rowsLinebuffer的长度是:" + rowsLinebuffer.Length);
                    rowData.Time = rowsLinebuffer[6];
                    //Console.WriteLine("308 索引后rowsLinebuffer的长度是:" + rowsLinebuffer.Length);

                    rowData.BinaryData = packet.Data; //?
                    rowData.Data       = HexConvert.ConvertToAscii(packet.Data);
                    //Console.WriteLine("311 rowsLinebuffer的长度是:" + rowsLinebuffer.Length);

                    //添加总的数据
                    lock (padList.SyncRoot)
                    {
                        padList.Add(rowData);
                    }



                    if (rowsLinebuffer[1] == "OICQ")
                    {
                        pqll     = new ProcessingQQLoginLogout();
                        countQQ += pqll.Analysis(rowData);
                        if (pqll.QqLogin == 1 || pqll.QqLogin == 2)
                        {
                            lock (pqllList.SyncRoot)
                            {
                                pqllList.Add(pqll);
                                //这里写存入数据库的代码
                                saveAllData.SaveAll(saveAllData.MyConnect, pqll);
                            }
                        }
                    }


                    //员工行为
                    if (rowsLinebuffer[1] == "TCP" || rowsLinebuffer[1] == "HTTP")
                    {
                        pb = new ProcessingBehave();
                        String key = pb.Analysis(rowData, ht, pbList);

                        if (!key.Equals("key"))
                        {
                            ht.Remove(key);
                            countBehave++;
                            saveAllData.SaveAll(saveAllData.MyConnect, pb);
                        }
                    }
                }
            }
            catch (Exception ex)
            {
                MessageBox.Show(ex.Message);
            }

            this.qqNoticeLabel.Text    = "已捕获QQ上下线记录" + countQQ + "条";
            this.staffNoticeLabel.Text = "已捕获影音娱乐记录" + countBehave + "条";
        }