fix pcap enlargement issue

fix update_timestamp calculation
adjust test for update_timestamp fix

code/ID2TLib/Utility.py

@@ -59,7 +59,7 @@ def update_timestamp(timestamp, pps, delay=0):
         return timestamp + rnd.uniform(1 / pps, randomdelay.random())
     else:
         # Calculate reply timestamp
-        randomdelay = lea.Lea.fromValFreqsDict({2 * delay: 70, 3 * delay: 20, 5 * delay: 7, 10 * delay: 3})
+        randomdelay = lea.Lea.fromValFreqsDict({delay / 2: 70, delay / 3: 20, delay / 5: 7, delay / 10: 3})
         return timestamp + rnd.uniform(1 / pps + delay, 1 / pps + randomdelay.random())
 
 

code/Test/test_DDoSAttack.py

@@ -3,13 +3,13 @@ import unittest.mock as mock
 import ID2TLib.TestLibrary as Lib
 import Test.ID2TAttackTest as Test
 
-sha_basic_ddos = 'a9b75322e2a331f617250d14935b0235aa818dd08803584d9cc3560b8305b459'
-sha_num_attackers_ddos = '86f13efe33d3e07c282d0111da09dead12bda1c2047d85e3a2c2f8d02b49e151'
-sha_dest_mac_length_zero_ddos = 'df4c55d25c3e13e38294f036e8ce17d7aaea309ecb9ade4eb551ed61589c0648'
-sha_mss_none_ddos = 'a9b75322e2a331f617250d14935b0235aa818dd08803584d9cc3560b8305b459'
-sha_one_attacker_ddos = 'd706c8594f54ab31f02700366fb9bfa872f9cc0e6393a9ed80bf255432e9cce8'
-sha_ip_range_ddos = '867b560a415562ffb6e973e57cdddf856826e6931dd1dbd732c6799fdc078f25'
-sha_port_range_ddos = 'f9adfe2d86fca0c66904a9b358e4bf31e122095eb2877f4ebcaec8e60b482ade'
+sha_basic_ddos = '33dfb7a6f4b32be3409cf088e5a2e179e98456637d192e7541a6f16c286c2bc2'
+sha_num_attackers_ddos = '64a76befad280dac48c39ba9e3258a7768c13aeea3203044900fd8ac49e1e6ea'
+sha_dest_mac_length_zero_ddos = '75c6aaf84f3ede7b740233f2e6e7f78a4d1887b1e3b5137942c3e2095abad5f6'
+sha_mss_none_ddos = '33dfb7a6f4b32be3409cf088e5a2e179e98456637d192e7541a6f16c286c2bc2'
+sha_one_attacker_ddos = '4e9dc3c4ff09f9fa52fb2f6cd6260dcfbe338dfdbf4df100c1170da913547dcb'
+sha_ip_range_ddos = '87639c6ecb652afdc393ed810efb0d6fee1032629d4f00d774589fba90e89204'
+sha_port_range_ddos = 'c141c32cb78755e20477518c1165eb4564af88b1a95025925f6c90039de35359'
 
 
 class UnitTestDDoS(Test.ID2TAttackTest):

code/Test/test_FTPWinaXeExploit.py

@@ -3,12 +3,12 @@ import unittest.mock as mock
 import ID2TLib.TestLibrary as Lib
 import Test.ID2TAttackTest as Test
 
-sha_ftp_basic = '3152c9b06a1c7f45b4bfcd7c1947c9d924701b1f90947e9cac9f9b52efa85fb5'
-sha_ftp_mac = '95a3a68e0b8d7ed414082e9abfe9806de6b62cdbee0747f2ba751b2367255646'
-sha_ftp_random_ip_src = '3d175f9d5a19682fd2122161b6f9cd6189a32d7547f78e998600803a3952138d'
-sha_not_empty_custom_payload_empty_file = '62fd066efc6f12d4d0641e4851c10ac29b647aa330d2e1ba6938a639e8b2445e'
-sha_empty_custom_payload_not_empty_file = '68e26d70f33c4fd6c004bbf3458c2847cbee7ab1d316247750754a31081fc8b6'
-sha_valid_ip = '3152c9b06a1c7f45b4bfcd7c1947c9d924701b1f90947e9cac9f9b52efa85fb5'
+sha_ftp_basic = '11af85015d4db6e218cb59d9b674e67144e1c64dbdfc83a474917c00f85979e3'
+sha_ftp_mac = '088ef4af557101664d5eb8ff13d4ff33fd71c8d47a9c622381388948cfdfbb1a'
+sha_ftp_random_ip_src = '1379b3e6d585d50e9f9b577e4bbba5ca621a6521e24ad483b2f826a20c8df8ed'
+sha_not_empty_custom_payload_empty_file = 'b561442183789ad36adcce085fdff7f84bebc65e4b4e8c134ba578864c4d8e35'
+sha_empty_custom_payload_not_empty_file = 'e577fa534a05606af1a5b3fbf71e04eb7c1713fc3d8923c6f12c7b7a2301693e'
+sha_valid_ip = '11af85015d4db6e218cb59d9b674e67144e1c64dbdfc83a474917c00f85979e3'
 # TODO: improve coverage
 
 

code/Test/test_PortscanAttack.py

@@ -1,11 +1,11 @@
 import Test.ID2TAttackTest as Test
 
-sha_portscan_default = 'b70c543c8d9bb4bf7ef8cfe09c23254a968c66a9f4174aea0ec2aa65bc1f090f'
-sha_portscan_reverse_ports = '0ea771c6ded24cb667c00d490653ee620f5c29975e966d14dd5bba5008048eac'
-sha_portscan_shuffle_dst_ports = 'dea87a34d21d7efa8128fa2d7471e2b4265ad4e150b00b24da8e182149e6fe81'
-sha_portscan_shuffle_src_ports = 'cf0fe4c8f9d0d1f016aaebe6ce0a3d66af72d1c6cbc4c671391374506d7f5a9e'
+sha_portscan_default = '6b594d6384036c2c1dbf59ea8b7c56e644001255ca464450b6d082db65063018'
+sha_portscan_reverse_ports = 'ea2972c5a544ed395122e05673f6635b932c6141cfb934aa3b98764bfd75c261'
+sha_portscan_shuffle_dst_ports = '093feb6281627c0cf744cecc1587805f1d8ccbdd225aedc78943e67903f607f4'
+sha_portscan_shuffle_src_ports = 'f1656aae0f813a5f54eb5eb10ece6971aab11c05fb783a7d38b6ee5960c53499'
 sha_portscan_ip_src_random = 'c3939f30a40fa6e2164cc91dc4a7e823ca409492d44508e3edfc9d24748af0e5'
-sha_portscan_ips_not_in_pcap = 'd4703defeaaf8d421f79eb15eb019eed6d4644448054cebcb0caba300d3e0012'
+sha_portscan_ips_not_in_pcap = '94568a8cd53d55ec903ef13334eae7db71f4ade765afa6510eb4a7f2e05ba89b'
 
 # TODO: improve coverage
 

code/Test/test_SMBLorisAttack.py

@@ -1,10 +1,10 @@
 import ID2TLib.TestLibrary as Lib
 import Test.ID2TAttackTest as Test
 
-sha_default = 'b69f106ec7c86ff28d7434206de2243b9641d8a7e569363d8670e4c1cfe89819'
-sha_one_attacker = 'faa38854094245aa057afbc1cc4dbad3a82a2b62bdf365e491becde5f9e6e1eb'
-sha_sixteen_attackers = 'ff9567a3510f1707fd1a846ab383d005f39eca9bd839d619c280cc2010ca77c4'
-sha_ips_in_pcap = '2088d512d77020c64f358c8f661af6b0d33066dad023af04518e91c0e8934227'
+sha_default = '0736521d9bb35362704f5ada6fc1d8e74b2623f9361e999c3c60da951f890036'
+sha_one_attacker = 'c56b1f6d15142f61df2ef75268f72c5af2d1d43d41157eed4d4cb96550b9384e'
+sha_sixteen_attackers = '7681eb409918b8baafaf58fba8e99bc602014bf776195c4e3b69997bd24a8054'
+sha_ips_in_pcap = '96786fc8952292414b74ebf23bcf6158890b74c7b3eb5dbc1229f91f50269ffd'
 
 # TODO: improve coverage
 

code/Test/test_SMBScanAttack.py

@@ -2,14 +2,14 @@ import unittest.mock as mock
 
 import Test.ID2TAttackTest as Test
 
-sha_default = '02d5ccf5483385256b1bb5d0be6ad180813e10fbd4091f2d74b832e9de1bfe7f'
-sha_one_victim_linux = '59010614361fbc802f0ff6f6b62f3a1b65eec717aaf7280b977d0044d0dd1651'
-sha_victim_range_winxp_hosting = '4f08852e8431ef7fb33dba2cd06df5ac2c306f266701ab26411320cc6c3041af'
-sha_multiple_victims_macos = '75e1865dd911627550ac3866340da43c3357d43da85c03e7b3f0e36731d90370'
-sha_port_shuffle = '2105fb02cc92de835f969a0dc6c521e2f044be1d2c629e8488385eedf15b8838'
-sha_dest_mac_only = '0aba63d0667b49ee27264542a572116f39abdff068841c1a2fa47b7c06688ddf'
-sha_ip_src_shuffle = 'f33dc22cb5bed8b5e9f26d02339c96a35f1cf451df11ab90bc07deefc3d8244b'
-sha_smb2 = '91f2a13a92b694b9a2ada8604c65b7b3f138bdec54da59c691bf7512972ff3b8'
+sha_default = '20797cfbe1d040481bdc70be9690344389e1c79333914b1480655156789917a0'
+sha_one_victim_linux = '0c3c476bc44a38e399673d2f7a8bd3020f80669108628fd868c1924f1547ccf2'
+sha_victim_range_winxp_hosting = '84d8f748bec162f1fdc5252625d1fbcd782df66b828d2928764fdb3f0b83d26b'
+sha_multiple_victims_macos = 'fa66856113e0bb584b3aa10987c6bb10cfd0fdb060abcdb4fcec8c0149395660'
+sha_port_shuffle = 'aa69d1541c7f131386a3783d7f6179d105f16fc7fb117dd2e7e723f80c53d51a'
+sha_dest_mac_only = '329d771d6c4730de60f1c14991b3b421878bdf677ae37bb7474b7dc442efd48d'
+sha_ip_src_shuffle = 'afad0659245010ad907ab9b6471f75441f006c61fa25bdf41829ace05dcd4946'
+sha_smb2 = 'f49a05391d0824a3ce6ebcb02cd2bd997d7da4a877864a336d7317794f1d431b'
 
 # TODO: improve coverage
 

code/Test/test_Utility.py

@@ -11,7 +11,7 @@ class TestUtility(unittest.TestCase):
         self.assertTrue(100 + 10 / 5 >= Utility.update_timestamp(100, 5) >= 100 + 1 / 5)
 
     def test_update_timestamp_with_delay(self):
-        self.assertTrue(100 + 1 / 5 + 10 * 100 >= Utility.update_timestamp(100, 5, 10) >= 100 + 1 / 5 + 10)
+        self.assertTrue(100 + 1 / 5 + 10/10 <= Utility.update_timestamp(100, 5, 10) <= 100 + 1 / 5 + 10)
 
     def test_update_timestamp_comparison(self):
         self.assertTrue(Utility.update_timestamp(100, 5) <= Utility.update_timestamp(100, 5, 10))