CLI.py 5.4 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136
  1. #! /usr/bin/env python3
  2. import argparse
  3. import sys
  4. from ID2TLib.Controller import Controller
  5. class LoadFromFile(argparse.Action):
  6. """
  7. Parses the parameter file given by application param -c/--config.
  8. """
  9. def __call__(self, parser, namespace, values, option_string=None):
  10. with values as f:
  11. parser.parse_args(f.read().split(), namespace)
  12. class CLI(object):
  13. def __init__(self):
  14. """
  15. Creates a new CLI object used to handle
  16. """
  17. # Reference to PcapFile object
  18. self.args = None
  19. self.attack_config = None
  20. def process_arguments(self):
  21. """
  22. Loads the application controller, the PCAP file statistics and if present, processes the given attacks. Evaluates
  23. given queries.
  24. """
  25. # Create ID2T Controller
  26. controller = Controller(self.args.input, self.args.tests)
  27. # Load PCAP statistics
  28. controller.load_pcap_statistics(self.args.export, self.args.recalculate, self.args.statistics)
  29. # Create statistics plots
  30. if self.args.plot is not None:
  31. controller.create_statistics_plot(self.args.plot)
  32. # Process attack(s) with given attack params
  33. if self.args.attack is not None:
  34. # If attack is present, load attack with params
  35. controller.process_attacks(self.args.attack)
  36. # Parameter -q without arguments was given -> go into query loop
  37. if self.args.query == [None]:
  38. controller.enter_query_mode()
  39. # Parameter -q with arguments was given -> process query
  40. elif self.args.query is not None:
  41. controller.process_db_queries(self.args.query, True)
  42. def parse_arguments(self, args):
  43. """
  44. Defines the allowed application arguments and invokes the evaluation of the arguments.
  45. :param args: The application arguments
  46. """
  47. # Create parser for arguments
  48. parser = argparse.ArgumentParser(description="Intrusion Detection Dataset Toolkit (ID2T) - A toolkit for "
  49. "injection of synthetically created attacks into PCAP datasets.",
  50. prog="id2t")
  51. # Define required arguments
  52. requiredNamed = parser.add_argument_group('required named arguments')
  53. requiredNamed.add_argument('-i', '--input', metavar="FILEPATH", help='path to the input pcap file', required=True)
  54. # Define optional arguments
  55. parser.add_argument('-c', '--config', metavar='FILEPATH', help='file containing parameters used as input.',
  56. action=LoadFromFile, type=open)
  57. parser.add_argument('-e', '--export',
  58. help='stores the statistics as a textfile with ending .stat into the dataset directory',
  59. action='store_true', default=False)
  60. parser.add_argument('-a', '--attack', metavar="ATTACKNAME", action='append',
  61. help='injects a new attack into the given dataset. '
  62. 'Attacks parameters are: ip.src, ip.dst, ip.dns, mac.src, mac.dst, port.open, '
  63. 'port.dst, port.src, packets.limit, attackers.count, attack.duration, victim.buffer, '
  64. 'target.uri, target.host, packets.per-second, inject.at-timestamp, inject.after-pkt, '
  65. 'port.dst.shuffle, port.dst.order-desc, ip.src.shuffle, port.src.shuffle', nargs='+')
  66. parser.add_argument('-r', '--recalculate',
  67. help='forces to recalculate the statistics in case of an already existing statistics database.',
  68. action='store_true', default=False)
  69. parser.add_argument('-s', '--statistics', help='print general file statistics to stdout.', action='store_true',
  70. default=False)
  71. parser.add_argument('-p', '--plot', help='creates a plot of common dataset statistics', action='append',
  72. nargs='?')
  73. parser.add_argument('-q', '--query', metavar="QUERY",
  74. action='append', nargs='?',
  75. help='queries the statistics database. If no query is provided, the application enters into query mode.')
  76. # Aidmar
  77. parser.add_argument('-t', '--tests', help='perform defects tests on input pcap file.', action='store_true')
  78. # Parse arguments
  79. self.args = parser.parse_args(args)
  80. # Either PCAP filepath or GUI mode must be enabled
  81. if not self.args.input:
  82. parser.error("Parameter -i/--input required. See available options with -h/--help ")
  83. self.process_arguments()
  84. def main(args):
  85. """
  86. Creates a new CLI object and invokes the arguments parsing.
  87. :param args: The provided arguments
  88. """
  89. cli = CLI()
  90. # Check arguments
  91. cli.parse_arguments(args)
  92. # Test main
  93. """def main_0(args):
  94. from scapy.utils import RawPcapReader
  95. from scapy.layers.inet import IP, Ether, TCP
  96. pkts = RawPcapReader("Win7_eternalblue_scan_vulnerable.pcap")
  97. for pkt in pkts:
  98. eth_frame = Ether(pkt[0])
  99. ip_pkt = eth_frame.payload
  100. tcp_pkt = ip_pkt.payload
  101. new_pkt = (eth_frame / ip_pkt / tcp_pkt)
  102. new_pkt.time = 0
  103. print(tcp_pkt.getfieldval("sport"))
  104. """
  105. # Uncomment to enable calling by terminal
  106. if __name__ == '__main__':
  107. main(sys.argv[1:])