#34 Fix Controller.py merging more than two attack pcaps

Yhdistetty
carlos.garcia yhdistetty 2 committia lähteestä stefan.schmidt/fix-merge-attack-pcaps kohteeseen SPIN/master 6 vuotta sitten

As I already mentioned in our second meeting, at the moment, injecting more than two attacks results in a crash because of a non-existent temporary attack pcap file/invalid path. The problem was in the Controller.py in the for-loop starting at line 60. Right now, the pcaps at i and i+1 are merged, the result is stored in "attacks_pcap_path" and the pcap at i+1 is deleted. However, in the next iteration the previous result is completely disregarded/overwritten and it is tried to merge the pcaps at i+1(now i) and i+2(now i+1) which results in a crash because the file at i+1(now i) was deleted in the previous iteration. My solution is to simply add a line which stores the path of the result of each merge into the field i+1, after the file specified by i+1 is deleted, so that that result is actually used in the merge in the next iteration and so that the path specified in i+1 doesn't point to non-existing files anymore, in each iteration.

As I already mentioned in our second meeting, at the moment, injecting more than two attacks results in a crash because of a non-existent temporary attack pcap file/invalid path. The problem was in the Controller.py in the for-loop starting at line 60. Right now, the pcaps at i and i+1 are merged, the result is stored in "attacks_pcap_path" and the pcap at i+1 is deleted. However, in the next iteration the previous result is completely disregarded/overwritten and it is tried to merge the pcaps at i+1(now i) and i+2(now i+1) which results in a crash because the file at i+1(now i) was deleted in the previous iteration. My solution is to simply add a line which stores the path of the result of each merge into the field i+1, after the file specified by i+1 is deleted, so that that result is actually used in the merge in the next iteration and so that the path specified in i+1 doesn't point to non-existing files anymore, in each iteration.
Carlos Garcia kommentoitu 6 vuotta sitten
Omistaja

The for loop that merges multiple attacks can be further improved. I'm not sure the changes you propose would fix the issue in the general case. That is, would it also work for more than three attacks?

I recommend rewriting the for loop.

The for loop that merges multiple attacks can be further improved. I'm not sure the changes you propose would fix the issue in the general case. That is, would it also work for more than three attacks? I recommend rewriting the for loop.
Stefano Acquaviti kommentoitu 6 vuotta sitten
Yhteistyökumppani

The for-loop itself should work correctly for any number of attacks.

However, after my first change, I noticed that it was still able to crash if you tried to inject too many attacks(around 15) because the filename-length of the temporary attack pcaps could potentially exceed the maximum filename-length of the OS(ubuntu, in my case). Therefore, I also slightly edited the "pcap_processor.cpp" so that it doesn't extend the filename of the temporary result if the maximum filename-length would be exceeded. Instead, if the filename length would exceed the limit, the filename is shortened before appending the new extension. After this change, I was able to successfully inject 100 attacks(portscans) into one pcap.

The for-loop itself should work correctly for any number of attacks. However, after my first change, I noticed that it was still able to crash if you tried to inject too many attacks(around 15) because the filename-length of the temporary attack pcaps could potentially exceed the maximum filename-length of the OS(ubuntu, in my case). Therefore, I also slightly edited the "pcap_processor.cpp" so that it doesn't extend the filename of the temporary result if the maximum filename-length would be exceeded. Instead, if the filename length would exceed the limit, the filename is shortened before appending the new extension. After this change, I was able to successfully inject 100 attacks(portscans) into one pcap.
Tämä pull-pyyntö on yhdistetty onnistuneesti!
Kirjaudu sisään osallistuaksesi tähän keskusteluun.
Ei tunnistetta
Bug
Ei merkkipaalua
Ei osoitettua
2 osallistujaa
Ladataan...
Peruuta
Tallenna
Sisältöä ei vielä ole.