public void PowerPointPptx()
{
var bytes = LoadBytes("sniffer.pptx", 20);
var results = Sniffer.Match(bytes, true);
Assert.Contains("pptx", results);
}
public void Zip7z()
{
var bytes = LoadBytes("sniffer.7z", 20);
var results = Sniffer.Match(bytes, true);
Assert.Contains("7z", results);
}
public void ExcelXlsx()
{
var bytes = LoadBytes("sniffer.xlsx", 20);
var results = Sniffer.Match(bytes, true);
Assert.Contains("xlsx", results);
}
public void WordDocx()
{
var bytes = LoadBytes("sniffer.docx", 20);
var results = Sniffer.Match(bytes, true);
Assert.Contains("docx", results);
}
public void Ps()
{
var bytes = LoadBytes("sniffer.ps", 20);
var results = Sniffer.Match(bytes, true);
Assert.Contains("ps", results);
}
public IList <Uri> Sniff()
{
var pingTimeout = this.Settings.PingTimeout.GetValueOrDefault(50);
var requestOverrides = new RequestConfiguration()
.ConnectTimeout(pingTimeout)
.RequestTimeout(pingTimeout)
.DisableSniffing();
var requestParameters = new FluentRequestParameters()
.RequestConfiguration(r => requestOverrides);
var path = "_nodes/_all/clear?timeout=" + pingTimeout;
using (var tracer = new ElasticsearchResponseTracer <Stream>(this.Settings.TraceEnabled))
{
var requestState = new TransportRequestState <Stream>(tracer, "GET", path, requestParameters: requestParameters);
var response = this.DoRequest(requestState);
if (response.Response == null)
{
return(null);
}
using (response.Response)
{
return(Sniffer.FromStream(response, response.Response, this.Serializer));
}
}
}
/// <summary>
/// Called when text has been transmitted.
/// </summary>
/// <param name="Text">Text</param>
public void TransmitText(string Text)
{
if (this.hasSniffers)
{
this.Transform(this.OnTransmitText, ref Text);
if (!string.IsNullOrEmpty(Text))
{
if (Text == " ")
{
foreach (ISniffer Sniffer in this.staticList)
{
Sniffer.Information("Heart beat");
}
}
else
{
foreach (ISniffer Sniffer in this.staticList)
{
Sniffer.TransmitText(Text);
}
}
}
}
}
IList <Uri> ITransportDelegator.Sniff(ITransportRequestState ownerState = null)
{
int pingTimeout = Settings.PingTimeout.GetValueOrDefault(DefaultPingTimeout);
var requestOverrides = new RequestConfiguration
{
ConnectTimeout = pingTimeout,
RequestTimeout = pingTimeout,
DisableSniff = true //sniff call should never recurse
};
var requestParameters = new RequestParameters {
RequestConfiguration = requestOverrides
};
try
{
string path = "_nodes/_all/clear?timeout=" + pingTimeout;
OrientdbResponse <Stream> response;
using (var requestState = new TransportRequestState <Stream>(Settings, requestParameters, "GET", path))
{
response = _requestHandler.Request(requestState);
//inform the owing request state of the requests the sniffs did.
if (requestState.RequestMetrics != null && ownerState != null)
{
foreach (
RequestMetrics r in
requestState.RequestMetrics.Where(p => p.RequestType == RequestType.OrientdbCall))
{
r.RequestType = RequestType.Sniff;
}
if (ownerState.RequestMetrics == null)
{
ownerState.RequestMetrics = new List <RequestMetrics>();
}
ownerState.RequestMetrics.AddRange(requestState.RequestMetrics);
}
if (response.HttpStatusCode.HasValue && response.HttpStatusCode == (int)HttpStatusCode.Unauthorized)
{
throw new OrientdbAuthenticationException(response);
}
if (response.Response == null)
{
return(null);
}
using (response.Response)
{
return(Sniffer.FromStream(response, response.Response, Serializer));
}
}
}
catch (MaxRetryException e)
{
throw new MaxRetryException(new SniffException(e));
}
}
public void RecordNumEquipsOfNewDropShip()
{
var sniffer = new Sniffer();
SniffLogFile(sniffer, "dropship_001");
PAssert.That(() => sniffer.AdditionalData.NumEquips(565) == 2);
PAssert.That(() => sniffer.ShipList.First(s => s.Spec.Id == 565).Spec.NumEquips == 2);
}
private static Sniffer InitializeSniffer()
{
Sniffer sniffer = new Sniffer();
sniffer.Populate(fileTypes);
return(sniffer);
}
public SnoopControl()
{
m_sniffer = new Network.Sniffer();
m_ipenterfaces = Network.Sniffer.GetNetworkAddresses();
InitializeComponent();
cmbxIpAddress.ItemsSource = m_ipenterfaces;
}
/// <summary>
/// 对比匹配文件
/// </summary>
/// <param name="source">文件流</param>
/// <param name="fileTypes">文件目标类型</param>
/// <returns></returns>
private static List <string> SnifferFile(byte[] source, IEnumerable <string> fileTypes)
{
var fileSniffer = new Sniffer();
var snifferTypes = FileRecord.ConfigTypes(fileTypes);
fileSniffer.Populate(snifferTypes);
return(fileSniffer.Match(source));
}
public void PowerUpCount()
{
var sniffer = new Sniffer();
SniffLogFile(sniffer, "powerup_001");
PAssert.That(() => sniffer.ShipCounter.Now == 204);
PAssert.That(() => sniffer.ItemCounter.Now == 932);
}
public void SpMidnightSupportAttack()
{
var sniffer = new Sniffer();
SniffLogFile(sniffer, "sp_midnight_002");
PAssert.That(() => !sniffer.IsBattleResultError);
PAssert.That(() => sniffer.Battle.SupportType == 2);
}
public void EscapeWithoutEscort()
{
var sniffer = new Sniffer();
SniffLogFile(sniffer, "escape_002");
PAssert.That(() => sniffer.Fleets[2].Ships[1].Escaped);
PAssert.That(() => !sniffer.IsBattleResultError);
}
public void ConsumptionByRemodelSlot()
{
var sniffer = new Sniffer();
SniffLogFile(sniffer, "remodel_slot_001");
PAssert.That(() => sniffer.Material.Current
.SequenceEqual(new[] { 25292, 25570, 25244, 41113, 1405, 1525, 2137, 8 }));
}
public void PowerUpDetachItem()
{
var sniffer = new Sniffer();
SniffLogFile(sniffer, "powerup_003");
PAssert.That(() => sniffer.ShipCounter.Now == 317);
PAssert.That(() => sniffer.ItemCounter.Now == 1390);
}
public CliShell(PcapAnalyzer.Analyzer analyzer, PcapProcessor.Processor processor, Sniffer sniffer, string seperator = ">")
{
_sniffer = sniffer;
_tcpPacketsCount = 0;
_udpPacketsCount = 0;
_udpStreamsCount = 0;
_tcpSessionsCount = 0;
liveCapture = false;
this.Seperator = seperator;
_printingLock = new object();
_files = new List <string>();
_networkDevice = null;
_processor = processor;
_analyzer = analyzer;
_analyzer.ParsedItemDetected += OnParsedItemDetected;
_processor.TcpPacketArived += (s, e) => this.UpdateTcpPacketsCount();
_processor.UdpPacketArived += (s, e) => this.UpdateUdpPacketsCount();
_processor.TcpSessionArrived += (s, e) => this.UpdateTcpSessionsCount();
_processor.UdpSessionArrived += (s, e) => this.UpdateUdpStreamsCount();
sniffer.TcpPacketArived += (s, e) => this.UpdateTcpPacketsCount();
sniffer.UdpPacketArived += (s, e) => this.UpdateUdpPacketsCount();
sniffer.TcpSessionArrived += (s, e) => this.UpdateTcpSessionsCount();
sniffer.UdpSessionArrived += (s, e) => this.UpdateUdpStreamsCount();
_hashes = new HashSet <PcapAnalyzer.NetworkHash>();
_passwords = new HashSet <PcapAnalyzer.NetworkPassword>();
_connections = new HashSet <PcapAnalyzer.NetworkConnection>();
this._commands = new List <CliShellCommand>();
AddCommand(new CliShellCommand("add-file", p => AddFile(p), "Add file to analyze. Usage: add-file <FILE-PATH>"));
AddCommand(new CliShellCommand("start", p => StartAnalyzing(), "Start analyzing"));
AddCommand(new CliShellCommand("show-passwords", p => PrintPasswords(), "Print passwords."));
AddCommand(new CliShellCommand("show-modules", p => PrintModules(), "Print modules."));
AddCommand(new CliShellCommand("show-hashes", p => PrintHashes(), "Print Hashes"));
AddCommand(new CliShellCommand("show-networkmap", p => PrintNetworkMap(), "Prints the network map as a json string. Usage: show-networkmap"));
AddCommand(new CliShellCommand("export-hashes", p => Utilities.ExportHashes(p, _hashes), "Export all Hashes to Hascat format input files. Usage: export-hashes <OUTPUT-DIRECTORY>"));
AddCommand(new CliShellCommand("capture-from-device", p => InitLiveCapture(p), "Capture live traffic from a network device, Usage: capture-from-device <device-name>"));
AddCommand(new CliShellCommand("capture-promiscious-mode", p => sniffer.PromisciousMode = true, "Capture live traffic from a network device on promiscious mode (requires superuser privileges, default is normal mode)"));
AddCommand(new CliShellCommand("set-captrue-filter", p => VerifyFilter(p), "Set a capture filter to the live traffic capture(filters must be bpf syntax filters)"));
AddCommand(new CliShellCommand("show-network-devices", p => PrintNetworkDevices(), "Show the available network devices for live capture"));
AddCommand(new CliShellCommand("export-networkmap", p => CommonUi.Exporting.ExportNetworkMap(p, _connections), "Export network map to a json file for neo4j. Usage: export-networkmap <OUTPUT-file>"));
// Add the help command
this.AddCommand(new CliShellCommand(
"help",
param => this.PrintCommandsWithDescription(),
"Print help menu"));
// Add the exit command
this.AddCommand(new CliShellCommand(
"exit",
param => this._exit = true,
"Exit CLI"));
LoadModules(_analyzer.AvailableModulesNames);
}
public void MaterialChangesInAirCorps()
{
var sniffer3 = new Sniffer();
var result3 = new List <int[]>();
SniffLogFile(sniffer3, "material_003", sn =>
{
var cur = sn.Material.Current;
if (result3.Count == 0)
{
result3.Add(cur);
}
else
{
if (!result3.Last().SequenceEqual(cur))
{
result3.Add(cur);
}
}
});
var expected3 = new List <int[]>
{
new[] { 0, 0, 0, 0, 0, 0, 0, 0 },
new[] { 288194, 282623, 299496, 295958, 3000, 2968, 2997, 7 },
new[] { 288185, 282623, 299496, 295943, 3000, 2968, 2997, 7 },
new[] { 288161, 282623, 299496, 295903, 3000, 2968, 2997, 7 }
};
PAssert.That(() => SequenceOfSequenceEqual(expected3, result3), "航空機の補充");
var sniffer4 = new Sniffer();
var result4 = new List <int[]>();
SniffLogFile(sniffer4, "material_004", sn =>
{
var cur = sn.Material.Current;
if (result4.Count == 0)
{
result4.Add(cur);
}
else
{
if (!result4.Last().SequenceEqual(cur))
{
result4.Add(cur);
}
}
});
var expected4 = new List <int[]>
{
new[] { 0, 0, 0, 0, 0, 0, 0, 0 },
new[] { 261012, 252252, 298492, 279622, 3000, 2842, 3000, 22 },
new[] { 261012, 252252, 298492, 279538, 3000, 2842, 3000, 22 },
new[] { 261012, 252252, 298492, 279454, 3000, 2842, 3000, 22 }
};
PAssert.That(() => SequenceOfSequenceEqual(expected4, result4), "航空機の配備");
}
public void EnemyFighterPower()
{
var sniffer = new Sniffer();
SniffLogFile(sniffer, "enemy_combined_001");
var fp = sniffer.Battle.EnemyFighterPower;
PAssert.That(() => fp.AirCombat == 209 && fp.Interception == 212);
}
public void KongoSpecial()
{
var sniffer = new Sniffer();
SniffLogFile(sniffer, "kongospecial_001");
PAssert.That(() => !sniffer.IsBattleResultError);
PAssert.That(() => sniffer.Battle.Result.Friend.Guard[0].SpecialAttack == ShipStatus.Attack.Fire);
PAssert.That(() => sniffer.Fleets[1].Ships[0].SpecialAttack == ShipStatus.Attack.Fired);
}
public void RotateFleetMemberWithDragAndDrop()
{
var sniffer = new Sniffer();
SniffLogFile(sniffer, "deck_005");
var result = sniffer.Fleets[0].Deck;
PAssert.That(() => new[] { 57391, 50, 24475, 113, -1, -1 }.SequenceEqual(result));
}
public void SlotExchangeVersion2()
{
var sniffer = new Sniffer();
SniffLogFile(sniffer, "slot_exchange_002");
var result = sniffer.Fleets[0].Ships[0].Slot.Select(item => item.Id);
PAssert.That(() => new[] { 157798, 59001, 157804, -1, -1 }.SequenceEqual(result));
}
public void ItemGetAtStart()
{
var sniffer = new Sniffer();
SniffLogFile(sniffer, "itemget_002");
PAssert.That(() => sniffer.MiscText ==
"[獲得アイテム]\r\n" +
"燃料: 65");
}
public void DestroyShip()
{
var sniffer = new Sniffer();
SniffLogFile(sniffer, "destroyship_001");
PAssert.That(() => sniffer.ShipCounter.Now == 250);
PAssert.That(() => sniffer.ItemCounter.Now == 1118);
PAssert.That(() => sniffer.Material.Current.Take(4).SequenceEqual(new[] { 285615, 286250, 291010, 284744 }));
}
public void WithdrawAccompanyingShipsAtOnce()
{
var sniffer = new Sniffer();
SniffLogFile(sniffer, "deck_006");
var result = sniffer.Fleets[0].Deck;
PAssert.That(() => new[] { 135, -1, -1, -1, -1, -1 }.SequenceEqual(result));
}
public void NormalBattleWithVariousTypesOfAttack()
{
var sniffer = new Sniffer();
SniffLogFile(sniffer, "battle_001");
PAssert.That(() => sniffer.Battle.ResultRank == BattleResultRank.A);
AssertEqualBattleResult(sniffer,
new[] { 57, 66, 50, 65, 40, 42 }, new[] { 34, 5, 0, 0, 0, 0 });
}
public void Update(Sniffer sniffer)
{
CreateTable(sniffer);
SuspendLayout();
CreateLabels();
ResizeLabels();
SetRecords();
ResumeLayout();
}
public void Update(Sniffer sniffer)
{
_data = FleetData.Create(sniffer);
SuspendLayout();
CreateLabels();
ResizeLabels();
SetRecords();
ResumeLayout();
}
public void PresetSelect()
{
var sniffer = new Sniffer();
SniffLogFile(sniffer, "preset_001");
var result = sniffer.Fleets[0].Deck;
PAssert.That(() => new[] { 50510, 632, 39843, 113, 478, 47422 }.SequenceEqual(result));
}
