Home Explore Help
Sign In
leon.boeck
/
ID2T-toolkit-BotnetTraffic
forked from SPIN/ID2T-toolkit
2
0
Fork 0
Files Issues 0 Wiki
Browse Source

Added Option to inject into an empty PCAP file - Controller functionality

Marcel Juschak 6 years ago
parent
65bdb7ee97
commit
cd4339259a
1 changed files with 20 additions and 7 deletions
Split View Show Diff Stats
  1. 20 7
      code/ID2TLib/Controller.py

+ 20 - 7
code/ID2TLib/Controller.py
View File 

@@ -1,6 +1,7 @@
 
 import os
 
 import sys
 
 import shutil
 
+import time
 
 
 from ID2TLib.AttackController import AttackController
 
 from ID2TLib.LabelManager import LabelManager
 
@@ -45,14 +46,15 @@ class Controller:
 
         """
 
         self.statistics.load_pcap_statistics(flag_write_file, flag_recalculate_stats, flag_print_statistics)
 
 
-    def process_attacks(self, attacks_config: list):
 
+    def process_attacks(self, attacks_config: list, inject_empty: bool=False):
 
         """
 
         Creates the attack based on the attack name and the attack parameters given in the attacks_config. The
 
         attacks_config is a list of attacks, e.g.
 
         [['PortscanAttack', 'ip.src="192.168.178.2",'dst.port=80'],['PortscanAttack', 'ip.src="10.10.10.2"]].
 
         Merges the individual temporary attack pcaps into one single pcap and merges this single pcap with the
 
-        input dataset.
 
+        input dataset if desired.
 
         :param attacks_config: A list of attacks with their attack parameters.
 
+        :param inject_empty: if flag is set, Attack PCAPs will not be merged with the base PCAP, ie. Attacks are injected into an empty PCAP
 
         """
 
 
         # get output directory
 
@@ -85,12 +87,23 @@ class Controller:
 
         else:
 
             attacks_pcap_path = self.written_pcaps[0]
 
 
-        # merge single attack pcap with all attacks into base pcap
 
-        print("Merging base pcap with single attack pcap...", end=" ")
 
-        sys.stdout.flush()  # force python to print text immediately
 
+        if inject_empty:
 
+            # copy the attack pcap to the directory of the base PCAP instead of merging them
 
+            print("Copy single attack pcap to location of base pcap...", end=" ")
 
+            sys.stdout.flush()  # force python to print text immediately
 
+
 
+            timestamp = time.strftime("%Y%m%d") + '-' + time.strftime("%X").replace(':', '')
 
+            self.pcap_dest_path = self.pcap_src_path.replace(".pcap", timestamp + '.pcap')
 
+            shutil.copy(attacks_pcap_path, self.pcap_dest_path)
 
+
 
+        else:
 
+            # merge single attack pcap with all attacks into base pcap
 
+            print("Merging base pcap with single attack pcap...", end=" ")
 
+            sys.stdout.flush()  # force python to print text immediately
 
+
 
+            # cp merged PCAP to output path
 
+            self.pcap_dest_path = self.pcap_file.merge_attack(attacks_pcap_path)
 
 
-        # cp merged PCAP to output path
 
-        self.pcap_dest_path = self.pcap_file.merge_attack(attacks_pcap_path)
 
         if self.pcap_out_path:
 
             if not self.pcap_out_path.endswith(".pcap"):
 
                 self.pcap_out_path += ".pcap"