zhoujiazhen/CCSDS_study
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

CCSDS_study project

Browse Source
This commit is contained in:
zhoujiazhen
2026-05-05 21:54:35 +08:00
commit 9be41f9270
585 changed files with 91275 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

274
netzob-030/lib/argsFactories/factory.c Normal file
View File

@@ -0,0 +1,274 @@
// -*- coding: utf-8 -*-
//+---------------------------------------------------------------------------+
//| 01001110 01100101 01110100 01111010 01101111 01100010 |
//| |
//| Netzob : Inferring communication protocols |
//+---------------------------------------------------------------------------+
//| Copyright (C) 2011-2017 Georges Bossert and Frédéric Guihéry |
//| This program is free software: you can redistribute it and/or modify |
//| it under the terms of the GNU General Public License as published by |
//| the Free Software Foundation, either version 3 of the License, or |
//| (at your option) any later version. |
//| |
//| This program is distributed in the hope that it will be useful, |
//| but WITHOUT ANY WARRANTY; without even the implied warranty of |
//| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
//| GNU General Public License for more details. |
//| |
//| You should have received a copy of the GNU General Public License |
//| along with this program. If not, see <http://www.gnu.org/licenses/>. |
//+---------------------------------------------------------------------------+
//| @url : http://www.netzob.org |
//| @contact : contact@netzob.org |
//| @sponsors : Amossys, http://www.amossys.fr |
//| Supélec, http://www.rennes.supelec.fr/ren/rd/cidre/ |
//+---------------------------------------------------------------------------+
//Compilation Windows
//cl -Fe_libNeedleman.pyd -Ox -Ot -openmp -LD /I"C:\Python26\include" /I"C:\Program Files (x86)\Microsoft Visual Studio 9.0\VC\include" libNeedleman.c "C:\Python26\libs\python26.lib" "C:\Program Files (x86)\Microsoft Visual Studio 9.0\VC\lib\vcomp.lib"
//+---------------------------------------------------------------------------+
//| Import Associated Header
//+---------------------------------------------------------------------------+
#include "factory.h"
/*parseArgs return values:
* 0: Success
* 1: not yet implemented
* 2: not WrapperFactory
*/
int parseArgs(PyObject* factobj, ...){
PyObject* wrapperObj;
char* function=NULL;
va_list args;
va_start(args,factobj);
/**
Search for the function for which the wrapper has been created
Python : WrapperArgsFactory.function
*/
if(PyObject_HasAttrString(factobj,"function")){
wrapperObj = PyObject_GetAttrString(factobj, "function");
if(wrapperObj == NULL) {
PyErr_SetString(PyExc_TypeError, "Error when calling PyObject_GetAttrString()");
return 1;
}
function = PyUnicode_AsUTF8(wrapperObj);
/**
Function name found.
It searches for a parser which can manage this format of wrapper
*/
if(!strcmp(function,"_libScoreComputation.computeSimilarityMatrix")){
/**
Function : computeSimilarityMatrix
Parse the wrapper given its format
*/
parseLibscoreComputation(factobj,args);
}
else if(!strcmp(function,"_libNeedleman.alignMessages")){
/**
Function : alignMessages
Parse the wrapper given its format
*/
parseLibNeedleman(factobj,args);
}
else{
PyErr_SetObject(PyExc_NameError, PyBytes_FromFormat("%s not yet implemented",function));
return 1;
}
return 0;
}
else{
PyErr_SetString(PyExc_TypeError, "Wrong argument type: must be a WrapperArgsFactory");
return 2;
}
}
void parseLibscoreComputation(PyObject* factobj, va_list args){
unsigned int i;
PyObject* pysize = NULL;
unsigned int* nbmess = va_arg(args,unsigned int*);
t_message** messages = va_arg(args,t_message**);
unsigned int debugMode = FALSE;
/**
list : which is a list of messages
*/
PyObject* list = PyObject_GetAttrString(factobj, "args");
/**
Find the number of elements in the list.
This number of elements = number of messages (nbmess)
*/
pysize = PyLong_FromSsize_t(PyList_Size(list));
*nbmess = (unsigned int) PyLong_AsLong(pysize);
Py_XDECREF(pysize);
/**
Reserves an array of [nbmess] t_messages
*/
*messages = (t_message*) malloc((*nbmess)*sizeof(t_message));
/**
Parse each message and store them in the newly allocated array
*/
for(i=0;i<*nbmess;i++){
PyObject* item;
item = PyList_GetItem(list,(Py_ssize_t)i);
parseMessage(item, &((*messages)[i]));
}
// [DEBUG] Display the content of the deserialized messages
if (debugMode == TRUE) {
unsigned int iMessage;
for(iMessage=0;iMessage<*nbmess;iMessage++) {
t_message message = (*messages)[iMessage];
printf("Message : %d (UID Symbol=%s)\n", iMessage, message.uid);
printf("Data : ");
for (i=0; i< message.len; i++) {
printf("%02x", (unsigned char) message.alignment[i]);
}
printf("\n");
printf("Tags : ");
for (i=0; i< message.len; i++) {
if (message.semanticTags != NULL && message.semanticTags[i] != NULL && message.semanticTags[i]->name != NULL && strcmp(message.semanticTags[i]->name, "None")!=0) {
printf("!!");
} else {
printf("..");
}
}
printf("\n");
}
// [DEBUG]
}
}
void parseMessage(PyObject * item, t_message * message) {
char * tmp_alignment;
unsigned int j;
/**
message.alignment contains the message.getReducedStringData() in python raw format. Its the content of the message. If its during orphan reduction, this content is reduced to the considered section (sliding window).
*/
tmp_alignment = PyBytes_AsString(PyObject_GetAttrString(item, "alignment"));
message->alignment = (unsigned char*) tmp_alignment;
/**
message->len contains the size of tmp_alignment
**/
message->len = (unsigned int) PyLong_AsUnsignedLong(PyObject_GetAttrString(item, "length"));
/**
message->mask will be allocated (no value in it yet) to contain at least ... ?
*/
message->mask = calloc(message->len,sizeof(unsigned char));
/**
message->semanticTags contains the list of tags attached to each half-byte of the alignment
*/
message->semanticTags = calloc(message->len, sizeof(t_semanticTag));
// retrieve the list of tags
PyObject* listOfSemanticTags = PyObject_GetAttrString(item, "semanticTags");
// verify its a list
if (PyList_CheckExact(listOfSemanticTags) && message->len == (unsigned int)PyList_Size(listOfSemanticTags)) {
// every half-byte should be tagged (with no-tag or with a real tag)
// parse all the tags
for (j=0; j<message->len; j++) {
PyObject * listItem = PyList_GetItem(listOfSemanticTags,(Py_ssize_t)j);
char * tag = PyUnicode_AsUTF8(listItem);
message->semanticTags[j] = malloc(sizeof(t_semanticTag));
message->semanticTags[j]->name = tag;
}
} else {
printf("[C-Extension] Error while parsing semantic tags.\n");
}
/**
message->uid contains the UID of the symbol which contains
the message.
Warning: I though it was message's UID, but its not !!
*/
message->uid = PyUnicode_AsUTF8(PyObject_GetAttrString(item, "uid"));
}
/**
parseLibNeedlman:
This function parses the arguments wrapper following a specific format.
The definition of this format can be found in the Python function:
netzob.Common.C_Extensions.WrapperArgsFactory:WrapperArgsFactory.computeSimilarityMatrix()
Once parsed, the wrapper reveal arguments which will be stored in the args parameter.
Format:
- List<Message> with Message: (alignment, mask, length, uid)
*/
void parseLibNeedleman(PyObject* factobj, va_list args){
PyObject* pysize = NULL;
unsigned int* nbmess = va_arg(args,unsigned int*);
t_message** messages = va_arg(args,t_message**);
unsigned int debugMode = FALSE;
unsigned int i;
/**
list : which is a list of messages
*/
PyObject* list = PyObject_GetAttrString(factobj, "args");
/**
Find the number of elements in the list.
This number of elements = number of messages (nbmess)
*/
pysize = PyLong_FromSsize_t(PyList_Size(list));
*nbmess = (unsigned int) PyLong_AsLong(pysize);
Py_XDECREF(pysize);
/**
Reserves an array of [nbmess] t_messages
*/
*messages = (t_message*) malloc((*nbmess)*sizeof(t_message));
/**
Parse each message and store them in the newly allocated array
*/
for(i=0;i<*nbmess;i++){
PyObject* item;
item = PyList_GetItem(list,(Py_ssize_t)i);
parseMessage(item, &((*messages)[i]));
}
// [DEBUG] Display the content of the deserialized messages
if (debugMode == TRUE) {
unsigned int iMessage;
for(iMessage=0;iMessage<*nbmess;iMessage++) {
printf("Message : %d\n", iMessage);
printf("Data : ");
t_message message = (*messages)[iMessage];
for (i=0; i< message.len; i++) {
printf("%02x", (unsigned char) message.alignment[i]);
}
printf("\n");
printf("Tags : ");
for (i=0; i< message.len; i++) {
if (message.semanticTags != NULL && message.semanticTags[i] != NULL && message.semanticTags[i]->name != NULL && strcmp(message.semanticTags[i]->name, "None")!=0) {
printf("!!");
} else {
printf("..");
}
}
printf("\n");
}
// [DEBUG]
}
}

67
netzob-030/lib/includes/Interface.h Normal file
View File

@@ -0,0 +1,67 @@
// -*- coding: utf-8 -*-
//+---------------------------------------------------------------------------+
//| 01001110 01100101 01110100 01111010 01101111 01100010 |
//| |
//| Netzob : Inferring communication protocols |
//+---------------------------------------------------------------------------+
//| Copyright (C) 2011-2017 Georges Bossert and Frédéric Guihéry |
//| This program is free software: you can redistribute it and/or modify |
//| it under the terms of the GNU General Public License as published by |
//| the Free Software Foundation, either version 3 of the License, or |
//| (at your option) any later version. |
//| |
//| This program is distributed in the hope that it will be useful, |
//| but WITHOUT ANY WARRANTY; without even the implied warranty of |
//| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
//| GNU General Public License for more details. |
//| |
//| You should have received a copy of the GNU General Public License |
//| along with this program. If not, see <http://www.gnu.org/licenses/>. |
//+---------------------------------------------------------------------------+
//| @url : http://www.netzob.org |
//| @contact : contact@netzob.org |
//| @sponsors : Amossys, http://www.amossys.fr |
//| Supélec, http://www.rennes.supelec.fr/ren/rd/cidre/ |
//+---------------------------------------------------------------------------+
#ifndef Interface_H
#define Interface_H
#include "commonLib.h"
#include "commonPythonLib.h"
/**
serializeMessage:
This function transform the provided t_message into a Data Transfert Object
using PyObject.
@param message: the message to serialize
@return a PyObject * which represents the provided message
*/
PyObject * serializeMessage(t_message * message);
/**
SerializeSemanticTags:
This function transforme the provided tags into a string
@param serializedTags: a pointer to a not yet allocated string for the result
@param tags: the semantic tags to parse and transform
@param nbSemanticTags: the number of semantic tags in tags
@return unsigned int: the number of tags in the result
**/
unsigned int serializeSemanticTags(char ** serializedTags, t_semanticTag ** tags, unsigned int nbSemanticTags);
unsigned int deserializeMessages(t_group *, char *, unsigned char *, unsigned int, Bool);
unsigned int deserializeGroups(t_groups *, char *, unsigned char *, int, Bool);
//+---------------------------------------------------------------------------+
//| hexdump : for debug purposes
//+---------------------------------------------------------------------------+
void hexdump(unsigned char *bug, int dlen);
//+---------------------------------------------------------------------------+
//| dumpMessage : for debug purposes
//+---------------------------------------------------------------------------+
void dumpMessage(t_message message);
#endif

74
netzob-030/lib/includes/Needleman.h Normal file
View File

@@ -0,0 +1,74 @@
// -*- coding: utf-8 -*-
//+---------------------------------------------------------------------------+
//| 01001110 01100101 01110100 01111010 01101111 01100010 |
//| |
//| Netzob : Inferring communication protocols |
//+---------------------------------------------------------------------------+
//| Copyright (C) 2011-2017 Georges Bossert and Frédéric Guihéry |
//| This program is free software: you can redistribute it and/or modify |
//| it under the terms of the GNU General Public License as published by |
//| the Free Software Foundation, either version 3 of the License, or |
//| (at your option) any later version. |
//| |
//| This program is distributed in the hope that it will be useful, |
//| but WITHOUT ANY WARRANTY; without even the implied warranty of |
//| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
//| GNU General Public License for more details. |
//| |
//| You should have received a copy of the GNU General Public License |
//| along with this program. If not, see <http://www.gnu.org/licenses/>. |
//+---------------------------------------------------------------------------+
//| @url : http://www.netzob.org |
//| @contact : contact@netzob.org |
//| @sponsors : Amossys, http://www.amossys.fr |
//| Supélec, http://www.rennes.supelec.fr/ren/rd/cidre/ |
//+---------------------------------------------------------------------------+
#ifndef Needleman_H
#define Needleman_H
//+---------------------------------------------------------------------------+
//| Imports
//+---------------------------------------------------------------------------+
//Check if have compile with -DCCALLFORDEBUG option (means we want to analyse the C program without python modules"
#ifndef CCALLFORDEBUG
#include "libInterface.h" //only needed for the callback status
#else
#include "Interface.h"
#endif
#include "commonLib.h"
#include <math.h>
//+---------------------------------------------------------------------------+
//| alignMessages : align a group of messages and get their common regex
//+---------------------------------------------------------------------------+
void alignMessages(t_message * resMessage, Bool doInternalSlick, unsigned int nbMessages, t_message * messages, Bool debugMode);
//+---------------------------------------------------------------------------+
//| alignTwoMessages : align 2 messages and get common regex
//+---------------------------------------------------------------------------+
char* alignTwoMessages(t_message * resMessage, Bool doInternalSlick, t_message * message1, t_message * message2, Bool debugMode);
/*!
* @function getSimilarityScore
* @abstract Computes the similarity score of (message1[i], message2[j])
* @discussion This function replaces the old MATCH and MISMATCH score and returns a semantic score
*/
short int getSimilarityScore(t_message * message1, t_message * message2, unsigned int i, unsigned j);
//+---------------------------------------------------------------------------+
//| Scores : functions for their computations
//+---------------------------------------------------------------------------+
float getScoreRatio(t_message *);
float getScoreDynSize(unsigned int, unsigned int);
float computeDistance(t_score *);
/*!
* @function displayMessage
* @abstract Display in the console the content of specified message (its data and attributes)
* @param the message to display
*/
void displayMessage(t_message *);
#endif

48
netzob-030/lib/includes/Py_lib/commonPythonLib.h Normal file
View File

@@ -0,0 +1,48 @@
// -*- coding: utf-8 -*-
//+---------------------------------------------------------------------------+
//| 01001110 01100101 01110100 01111010 01101111 01100010 |
//| |
//| Netzob : Inferring communication protocols |
//+---------------------------------------------------------------------------+
//| Copyright (C) 2011-2017 Georges Bossert and Frédéric Guihéry |
//| This program is free software: you can redistribute it and/or modify |
//| it under the terms of the GNU General Public License as published by |
//| the Free Software Foundation, either version 3 of the License, or |
//| (at your option) any later version. |
//| |
//| This program is distributed in the hope that it will be useful, |
//| but WITHOUT ANY WARRANTY; without even the implied warranty of |
//| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
//| GNU General Public License for more details. |
//| |
//| You should have received a copy of the GNU General Public License |
//| along with this program. If not, see <http://www.gnu.org/licenses/>. |
//+---------------------------------------------------------------------------+
//| @url : http://www.netzob.org |
//| @contact : contact@netzob.org |
//| @sponsors : Amossys, http://www.amossys.fr |
//| Supélec, http://www.rennes.supelec.fr/ren/rd/cidre/ |
//+---------------------------------------------------------------------------+
#ifndef commonPythonLib_H
#define commonPythonLib_H
#ifndef PY_SSIZE_T_CLEAN
#define PY_SSIZE_T_CLEAN
#endif /* PY_SSIZE_T_CLEAN */
//+---------------------------------------------------------------------------+
//| Imports
//+---------------------------------------------------------------------------+
#include <Python.h>
#include "factory.h"
#define DEFAULT_BID "0000000000"
#define STR(x) x
//+---------------------------------------------------------------------------+
//| py_getBID : Returns the unique Binary IDentifier
//+---------------------------------------------------------------------------+
PyObject * py_getBID(PyObject* self, PyObject *noarg);
#endif

56
netzob-030/lib/includes/Py_lib/libInterface.h Normal file
View File

@@ -0,0 +1,56 @@
// -*- coding: utf-8 -*-
//+---------------------------------------------------------------------------+
//| 01001110 01100101 01110100 01111010 01101111 01100010 |
//| |
//| Netzob : Inferring communication protocols |
//+---------------------------------------------------------------------------+
//| Copyright (C) 2011-2017 Georges Bossert and Frédéric Guihéry |
//| This program is free software: you can redistribute it and/or modify |
//| it under the terms of the GNU General Public License as published by |
//| the Free Software Foundation, either version 3 of the License, or |
//| (at your option) any later version. |
//| |
//| This program is distributed in the hope that it will be useful, |
//| but WITHOUT ANY WARRANTY; without even the implied warranty of |
//| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
//| GNU General Public License for more details. |
//| |
//| You should have received a copy of the GNU General Public License |
//| along with this program. If not, see <http://www.gnu.org/licenses/>. |
//+---------------------------------------------------------------------------+
//| @url : http://www.netzob.org |
//| @contact : contact@netzob.org |
//| @sponsors : Amossys, http://www.amossys.fr |
//| Supélec, http://www.rennes.supelec.fr/ren/rd/cidre/ |
//+---------------------------------------------------------------------------+
#ifndef libInterface_H
#define libInterface_H
#include "commonPythonLib.h"
#include "Interface.h"
int callbackIsFinish(void);
//+---------------------------------------------------------------------------+
//| python_callback : The ref to the python callback function
//+---------------------------------------------------------------------------+
int callbackStatus(int stage, double percent, char* message, ...);
//+---------------------------------------------------------------------------+
//| py_deserializeMessages : Python wrapper for deserializeMessages
//+---------------------------------------------------------------------------+
PyObject* py_deserializeMessages(PyObject* self, PyObject* args);
//+---------------------------------------------------------------------------+
//| py_deserializeMGroups : Python wrapper for deserializeGroups
//+---------------------------------------------------------------------------+
PyObject* py_deserializeGroups(PyObject* self, PyObject* args);
//+---------------------------------------------------------------------------+
//| initLibInterface : Python will use this function to init the module
//+---------------------------------------------------------------------------+
PyMODINIT_FUNC init_libInterface(void);
#endif

54
netzob-030/lib/includes/Py_lib/libNeedleman.h Normal file
View File

@@ -0,0 +1,54 @@
// -*- coding: utf-8 -*-
//+---------------------------------------------------------------------------+
//| 01001110 01100101 01110100 01111010 01101111 01100010 |
//| |
//| Netzob : Inferring communication protocols |
//+---------------------------------------------------------------------------+
//| Copyright (C) 2011-2017 Georges Bossert and Frédéric Guihéry |
//| This program is free software: you can redistribute it and/or modify |
//| it under the terms of the GNU General Public License as published by |
//| the Free Software Foundation, either version 3 of the License, or |
//| (at your option) any later version. |
//| |
//| This program is distributed in the hope that it will be useful, |
//| but WITHOUT ANY WARRANTY; without even the implied warranty of |
//| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
//| GNU General Public License for more details. |
//| |
//| You should have received a copy of the GNU General Public License |
//| along with this program. If not, see <http://www.gnu.org/licenses/>. |
//+---------------------------------------------------------------------------+
//| @url : http://www.netzob.org |
//| @contact : contact@netzob.org |
//| @sponsors : Amossys, http://www.amossys.fr |
//| Supélec, http://www.rennes.supelec.fr/ren/rd/cidre/ |
//+---------------------------------------------------------------------------+
#ifndef libNeedleman_H
#define libNeedleman_H
//+---------------------------------------------------------------------------+
//| Imports
//+---------------------------------------------------------------------------+
#include "commonPythonLib.h"
#include "commonLib.h"
#include "Needleman.h"
//+---------------------------------------------------------------------------+
//| py_alignMessages : Python wrapper for alignMessages
//+---------------------------------------------------------------------------+
PyObject* py_alignMessages(PyObject* self, PyObject* args);
//+---------------------------------------------------------------------------+
//| py_alignTwoMessages : Python wrapper for alignTwoMessages
//+---------------------------------------------------------------------------+
PyObject* py_alignTwoMessages(PyObject* self, PyObject* args);
//+---------------------------------------------------------------------------+
//| initLibNeedleman : Python will use this function to init the module
//+---------------------------------------------------------------------------+
PyMODINIT_FUNC init_libNeedleman(void);
#endif

40
netzob-030/lib/includes/Py_lib/libRelation.h Normal file
View File

@@ -0,0 +1,40 @@
// -*- coding: utf-8 -*-
//+---------------------------------------------------------------------------+
//| 01001110 01100101 01110100 01111010 01101111 01100010 |
//| |
//| Netzob : Inferring communication protocols |
//+---------------------------------------------------------------------------+
//| Copyright (C) 2011-2017 Georges Bossert and Frédéric Guihéry |
//| This program is free software: you can redistribute it and/or modify |
//| it under the terms of the GNU General Public License as published by |
//| the Free Software Foundation, either version 3 of the License, or |
//| (at your option) any later version. |
//| |
//| This program is distributed in the hope that it will be useful, |
//| but WITHOUT ANY WARRANTY; without even the implied warranty of |
//| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
//| GNU General Public License for more details. |
//| |
//| You should have received a copy of the GNU General Public License |
//| along with this program. If not, see <http://www.gnu.org/licenses/>. |
//+---------------------------------------------------------------------------+
//| @url : http://www.netzob.org |
//| @contact : contact@netzob.org |
//| @sponsors : Amossys, http://www.amossys.fr |
//| Supélec, http://www.rennes.supelec.fr/ren/rd/cidre/ |
//+---------------------------------------------------------------------------+
#ifndef LIBRELATION_H_
# define LIBRELATION_H_
#include "commonPythonLib.h"
#include "relation.h"
/* Initialize the module for Python */
PyMODINIT_FUNC init_libRelation(void);
static PyObject* py_find(PyObject* self, PyObject* args);
static PyObject* create_python_dm(struct relation_datamodel*);
#endif /* LIBRELATION_H_ */

49
netzob-030/lib/includes/Py_lib/libScoreComputation.h Normal file
View File

@@ -0,0 +1,49 @@
// -*- coding: utf-8 -*-
//+---------------------------------------------------------------------------+
//| 01001110 01100101 01110100 01111010 01101111 01100010 |
//| |
//| Netzob : Inferring communication protocols |
//+---------------------------------------------------------------------------+
//| Copyright (C) 2011-2017 Georges Bossert and Frédéric Guihéry |
//| This program is free software: you can redistribute it and/or modify |
//| it under the terms of the GNU General Public License as published by |
//| the Free Software Foundation, either version 3 of the License, or |
//| (at your option) any later version. |
//| |
//| This program is distributed in the hope that it will be useful, |
//| but WITHOUT ANY WARRANTY; without even the implied warranty of |
//| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
//| GNU General Public License for more details. |
//| |
//| You should have received a copy of the GNU General Public License |
//| along with this program. If not, see <http://www.gnu.org/licenses/>. |
//+---------------------------------------------------------------------------+
//| @url : http://www.netzob.org |
//| @contact : contact@netzob.org |
//| @sponsors : Amossys, http://www.amossys.fr |
//| Supélec, http://www.rennes.supelec.fr/ren/rd/cidre/ |
//+---------------------------------------------------------------------------+
#ifndef libScoreComputation_H
#define libScoreComputation_H
//+---------------------------------------------------------------------------+
//| Imports
//+---------------------------------------------------------------------------+
#include "commonPythonLib.h"
#include "commonLib.h"
#include "scoreComputation.h"
//+---------------------------------------------------------------------------+
//| py_computeSimilarityMatrix : Python wrapper for computeSimilarityMatrix
//+---------------------------------------------------------------------------+
PyObject* py_computeSimilarityMatrix(PyObject* self, PyObject* args);
//+---------------------------------------------------------------------------+
//| initLibNeedleman : Python will use this function to init the module
//+---------------------------------------------------------------------------+
PyMODINIT_FUNC init_libScoreComputation(void);
#endif

115
netzob-030/lib/includes/clusterBySnappy.h Normal file
View File

@@ -0,0 +1,115 @@
// -*- coding: utf-8 -*-
//+---------------------------------------------------------------------------+
//| 01001110 01100101 01110100 01111010 01101111 01100010 |
//| |
//| Netzob : Inferring communication protocols |
//+---------------------------------------------------------------------------+
//| Copyright (C) 2011-2017 Georges Bossert and Frédéric Guihéry |
//| This program is free software: you can redistribute it and/or modify |
//| it under the terms of the GNU General Public License as published by |
//| the Free Software Foundation, either version 3 of the License, or |
//| (at your option) any later version. |
//| |
//| This program is distributed in the hope that it will be useful, |
//| but WITHOUT ANY WARRANTY; without even the implied warranty of |
//| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
//| GNU General Public License for more details. |
//| |
//| You should have received a copy of the GNU General Public License |
//| along with this program. If not, see <http://www.gnu.org/licenses/>. |
//+---------------------------------------------------------------------------+
//| @url : http://www.netzob.org |
//| @contact : contact@netzob.org |
//| @sponsors : Amossys, http://www.amossys.fr |
//| Supélec, http://www.rennes.supelec.fr/ren/rd/cidre/ |
//+---------------------------------------------------------------------------+
#ifndef CLUSTERBYSNAPPY_H
#define CLUSTERBYSNAPPY_H
#include <snappy-c.h>
#include "libNeedleman.h"
float computeScore(t_message msg1,t_message msg2)
{
unsigned char * concat;
unsigned char * output1;
unsigned char * output2;
unsigned char * output3;
size_t output_length1;
size_t output_length2;
size_t output_length3;
int max = 0;
int min = 0;
float result = 0.0;
//printf("Step1\n");
concat = (unsigned char *) malloc ((msg1.len+msg2.len)*sizeof(unsigned char));
memset(concat,'\0',msg1.len+msg2.len);
memcpy(concat,msg1.message,msg1.len);
memcpy(concat+msg1.len,msg2.message,msg2.len);
int i;
/*for(i=0;i<msg1.len+msg2.len;++i){
//////printf("%02x",concat[i]);
}
//////printf("\n");
for(i=0;i<msg1.len;++i){
////printf("%02x",msg1.message[i]);
}
////printf("\n");
for(i=0;i<msg2.len;++i){
////printf("%02x",msg2.message[i]);
}*/
////printf("\n");
//printf("Step2\n");
output_length1 = snappy_max_compressed_length(msg1.len+msg2.len);
output1 = malloc(output_length1*sizeof(unsigned char));
memset(output1,'\0',output_length1);
//printf("Step3 \n");
output_length2 = snappy_max_compressed_length(msg1.len);
output2 = malloc(output_length2*sizeof(unsigned char));
memset(output2,'\0',output_length2);
//printf("Step4\n");
output_length3 = snappy_max_compressed_length(msg2.len);
output3 = malloc(output_length3*sizeof(unsigned char));
memset(output3,'\0',output_length3);
//printf("Step5\n");
int res = snappy_compress(concat,msg1.len+msg2.len,output1,&output_length1);
int res2 = snappy_compress(msg1.message,msg1.len,output2,&output_length2);
int res3 = snappy_compress(msg2.message,msg2.len,output3,&output_length3);
//////printf("Signals %d %d %d\n",res,res2,res3);
if(res == SNAPPY_OK)
if(res2 == SNAPPY_OK)
if(res3 == SNAPPY_OK)
{
//////printf("Inside \n");
max = output_length2 > output_length3? output_length2:output_length3;
min = output_length2 <= output_length3? output_length2:output_length3;
result = 100.0 * (output_length1 - min) / max;
result = result < 100 ? result : 100;
////////printf("input_length1 %d \n",msg1.len+msg2.len);
////////printf("input_length2 %d \n",msg1.len);
////////printf("input_length3 %d \n",msg2.len);
////////printf("output_length1 %d \n",output_length1);
////////printf("output_length2 %d \n",output_length2);
////////printf("output_length3 %d \n",output_length3);
////////printf("min %d \n",min);
////////printf("max %d \n",max);
////////printf("Result %f\n\n\n",result);
}
//printf("Begin Free\n");
free(concat);
//printf("FREEDOnE 1\n");
free(output1);
//printf("FREEDOnE 2\n");
free(output2);
//printf("FREEDOnE 3\n");
free(output3);
//printf("FREEDOnE\n");
return result;
}
#endif

98
netzob-030/lib/includes/commonLib.h Normal file
View File

@@ -0,0 +1,98 @@
// -*- coding: utf-8 -*-
//+---------------------------------------------------------------------------+
//| 01001110 01100101 01110100 01111010 01101111 01100010 |
//| |
//| Netzob : Inferring communication protocols |
//+---------------------------------------------------------------------------+
//| Copyright (C) 2011-2017 Georges Bossert and Frédéric Guihéry |
//| This program is free software: you can redistribute it and/or modify |
//| it under the terms of the GNU General Public License as published by |
//| the Free Software Foundation, either version 3 of the License, or |
//| (at your option) any later version. |
//| |
//| This program is distributed in the hope that it will be useful, |
//| but WITHOUT ANY WARRANTY; without even the implied warranty of |
//| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
//| GNU General Public License for more details. |
//| |
//| You should have received a copy of the GNU General Public License |
//| along with this program. If not, see <http://www.gnu.org/licenses/>. |
//+---------------------------------------------------------------------------+
//| @url : http://www.netzob.org |
//| @contact : contact@netzob.org |
//| @sponsors : Amossys, http://www.amossys.fr |
//| Supélec, http://www.rennes.supelec.fr/ren/rd/cidre/ |
//+---------------------------------------------------------------------------+
#ifndef commonLib_H
#define commonLib_H
//+---------------------------------------------------------------------------+
//| Imports
//+---------------------------------------------------------------------------+
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <stdarg.h>
//+---------------------------------------------------------------------------+
//| Enumerations and complex types
//+---------------------------------------------------------------------------+
typedef enum { FALSE, TRUE } Bool;
// Definition of a score vector
typedef struct {
float s1;
float s2;
float s3;
float value;
} t_score;
// Definition of a semantic tag
typedef struct {
char* name;
} t_semanticTag;
// Definition of a message :
typedef struct {
unsigned int len; // length of the message
unsigned char *alignment; // a alignment/message
unsigned char *mask; // its mask
t_semanticTag **semanticTags; // an array of pointer over semantic tags. One could be attached on each half-byte of the alignment.
char* uid;
t_score *score;
} t_message;
//Definition of a group of messages
typedef struct {
unsigned int len; // nb of messages in the group
t_message *messages; // a list of messages
float * scores; //list of score allready computed.
} t_group;
// Definition of a group of group (a group of symbol)
typedef struct {
unsigned int len; // nb of group
t_group *groups; // a list of group
} t_groups;
typedef struct {
int i; // group1 number
int j; // group2 number
float score; // score of equivalence between group1 and group2
} t_equivalentGroup;
// Cost definitions for the alignment
static const short int MATCH = 5;
static const short int SEMANTIC_MATCH = 30;
static const short int MISMATCH = -5;
static const short int GAP = 0;
static const short int BLEN = 10;
// Consts for the definition of a mask
static const unsigned char END = 2;
static const unsigned char DIFFERENT = 1;
static const unsigned char EQUAL = 0;
#endif

63
netzob-030/lib/includes/factory.h Normal file
View File

@@ -0,0 +1,63 @@
// -*- coding: utf-8 -*-
//+---------------------------------------------------------------------------+
//| 01001110 01100101 01110100 01111010 01101111 01100010 |
//| |
//| Netzob : Inferring communication protocols |
//+---------------------------------------------------------------------------+
//| Copyright (C) 2011-2017 Georges Bossert and Frédéric Guihéry |
//| This program is free software: you can redistribute it and/or modify |
//| it under the terms of the GNU General Public License as published by |
//| the Free Software Foundation, either version 3 of the License, or |
//| (at your option) any later version. |
//| |
//| This program is distributed in the hope that it will be useful, |
//| but WITHOUT ANY WARRANTY; without even the implied warranty of |
//| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
//| GNU General Public License for more details. |
//| |
//| You should have received a copy of the GNU General Public License |
//| along with this program. If not, see <http://www.gnu.org/licenses/>. |
//+---------------------------------------------------------------------------+
//| @url : http://www.netzob.org |
//| @contact : contact@netzob.org |
//| @sponsors : Amossys, http://www.amossys.fr |
//| Supélec, http://www.rennes.supelec.fr/ren/rd/cidre/ |
//+---------------------------------------------------------------------------+
//Compilation Windows
//cl -Fe_libInterface.pyd -Ox -Ot -openmp -LD /I"C:\Python26\include" /I"C:\Program Files (x86)\Microsoft Visual Studio 9.0\VC\include" libInterface.c "C:\Python26\libs\python26.lib" "C:\Program Files (x86)\Microsoft Visual Studio 9.0\VC\lib\vcomp.lib"
#ifndef FACTORY_H
#define FACTORY_H
#include "commonPythonLib.h"
#include "commonLib.h"
#include <stdio.h>
#include <stdarg.h>
int parseArgs(PyObject* factobj, ...);
/**
parseLibscoreComputation:
This function parses the arguments wrapper following a specific format.
The definition of this format can be found in the Python function:
netzob.Common.C_Extensions.WrapperArgsFactory:WrapperArgsFactory.computeSimilarityMatrix()
Once parsed, the wrapper reveal arguments which will be stored in the args parameter.
Format:
- List<Message> with Message: (alignment, mask, length, uid)
*/
void parseLibscoreComputation(PyObject* factobj, va_list args);
void parseLibNeedleman(PyObject* factobj, va_list args);
/**
parseMessage:
This function parses a python Netzob message to its C representation
@param item : the PyObject which host the python representation of the message
@param message : the message which should host the python extracted message's information
@return void
*/
void parseMessage(PyObject * item, t_message * message);
#endif

86
netzob-030/lib/includes/relation.h Normal file
View File

@@ -0,0 +1,86 @@
// -*- coding: utf-8 -*-
//+---------------------------------------------------------------------------+
//| 01001110 01100101 01110100 01111010 01101111 01100010 |
//| |
//| Netzob : Inferring communication protocols |
//+---------------------------------------------------------------------------+
//| Copyright (C) 2011-2017 Georges Bossert and Frédéric Guihéry |
//| This program is free software: you can redistribute it and/or modify |
//| it under the terms of the GNU General Public License as published by |
//| the Free Software Foundation, either version 3 of the License, or |
//| (at your option) any later version. |
//| |
//| This program is distributed in the hope that it will be useful, |
//| but WITHOUT ANY WARRANTY; without even the implied warranty of |
//| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
//| GNU General Public License for more details. |
//| |
//| You should have received a copy of the GNU General Public License |
//| along with this program. If not, see <http://www.gnu.org/licenses/>. |
//+---------------------------------------------------------------------------+
//| @url : http://www.netzob.org |
//| @contact : contact@netzob.org |
//| @sponsors : Amossys, http://www.amossys.fr |
//| Supélec, http://www.rennes.supelec.fr/ren/rd/cidre/ |
//+---------------------------------------------------------------------------+
#ifndef RELATION_H
# define RELATION_H
# include <stdio.h>
/* only request size_t to stddef.h */
# define __need_size_t
# include <stddef.h>
# undef __need_size_t
struct relation_datamodel {
const char* algo_name;
struct relation_matches* matches;
struct relation_datamodel* next;
};
struct relation_match {
unsigned int message_idx;
unsigned int cell_ref_idx;
unsigned int cell_rel_idx;
size_t cell_rel_off;
size_t cell_rel_size;
};
struct relation_matches {
struct relation_match match;
struct relation_matches* next;
};
struct relation_algorithm_operations {
const char* name;
struct relation_matches* (*find) (const char***, int, int, size_t, size_t);
};
struct relation_algorithm_operations_list {
void* pHandle;
struct relation_algorithm_operations data;
struct relation_algorithm_operations_list* next;
};
void relation_find(struct relation_datamodel**, const char***, size_t, size_t);
struct relation_datamodel*
append_algo_matches(struct relation_datamodel**,
struct relation_algorithm_operations_list*,
struct relation_matches*);
struct relation_algorithm_operations_list* search_algorithms(void);
void clean_algo(struct relation_algorithm_operations_list* algo);
# ifdef __DEBUG__
# define DLOG(...) { \
fprintf(stderr, "[%s:%d] ", __FILE__, __LINE__); \
DLOG2(__VA_ARGS__); \
}
# define DLOG2(...) fprintf(stderr, __VA_ARGS__)
# else
# define DLOG(...)
# define DLOG2(...)
# endif /* __DEBUG__ */
#endif /* RELATION_H */

46
netzob-030/lib/includes/scoreComputation.h Normal file
View File

@@ -0,0 +1,46 @@
// -*- coding: utf-8 -*-
//+---------------------------------------------------------------------------+
//| 01001110 01100101 01110100 01111010 01101111 01100010 |
//| |
//| Netzob : Inferring communication protocols |
//+---------------------------------------------------------------------------+
//| Copyright (C) 2011-2017 Georges Bossert and Frédéric Guihéry |
//| This program is free software: you can redistribute it and/or modify |
//| it under the terms of the GNU General Public License as published by |
//| the Free Software Foundation, either version 3 of the License, or |
//| (at your option) any later version. |
//| |
//| This program is distributed in the hope that it will be useful, |
//| but WITHOUT ANY WARRANTY; without even the implied warranty of |
//| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
//| GNU General Public License for more details. |
//| |
//| You should have received a copy of the GNU General Public License |
//| along with this program. If not, see <http://www.gnu.org/licenses/>. |
//+---------------------------------------------------------------------------+
//| @url : http://www.netzob.org |
//| @contact : contact@netzob.org |
//| @sponsors : Amossys, http://www.amossys.fr |
//| Supélec, http://www.rennes.supelec.fr/ren/rd/cidre/ |
//+---------------------------------------------------------------------------+
#ifndef scoreComputation_H
#define scoreComputation_H
//+---------------------------------------------------------------------------+
//| Imports
//+---------------------------------------------------------------------------+
//Check if have compile with -DCCALLFORDEBUG option (means we want to analyse the C program without python modules"
#ifndef CCALLFORDEBUG
#include "libInterface.h"
#else
#include "Interface.h"
#endif
#include "commonLib.h"
#include "Needleman.h"
void computeSimilarityMatrix(int nbMessage, t_message* messages, Bool debugMode, float** scoreMatrix);
#endif

63
netzob-030/lib/includes/struct.h Normal file
View File

@@ -0,0 +1,63 @@
// -*- coding: utf-8 -*-
//+---------------------------------------------------------------------------+
//| 01001110 01100101 01110100 01111010 01101111 01100010 |
//| |
//| Netzob : Inferring communication protocols |
//+---------------------------------------------------------------------------+
//| Copyright (C) 2011-2017 Georges Bossert and Frédéric Guihéry |
//| This program is free software: you can redistribute it and/or modify |
//| it under the terms of the GNU General Public License as published by |
//| the Free Software Foundation, either version 3 of the License, or |
//| (at your option) any later version. |
//| |
//| This program is distributed in the hope that it will be useful, |
//| but WITHOUT ANY WARRANTY; without even the implied warranty of |
//| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
//| GNU General Public License for more details. |
//| |
//| You should have received a copy of the GNU General Public License |
//| along with this program. If not, see <http://www.gnu.org/licenses/>. |
//+---------------------------------------------------------------------------+
//| @url : http://www.netzob.org |
//| @contact : contact@netzob.org |
//| @sponsors : Amossys, http://www.amossys.fr |
//| Supélec, http://www.rennes.supelec.fr/ren/rd/cidre/ |
//+---------------------------------------------------------------------------+
#ifndef Struct_H
#define Struct_H
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <ctype.h>
#define MaxLen 5
#define MaxFields 5000
extern char* mError;
typedef struct Subfield Subfield;
struct Subfield{
Subfield *next;
char* value;
unsigned int offset;
unsigned int len;
int min;
int max;
int groupindex;
};
typedef struct Fields Fields;
struct Fields{
int set;
Subfield* subfields;
Subfield* lastfields;
int subfieldsSize;
int isStatic;
char* add;
char* value;
unsigned int len;
int min;
int max;
};
#endif

267
netzob-030/lib/interface/Interface.c Normal file
View File

@@ -0,0 +1,267 @@
// -*- coding: utf-8 -*-
//+---------------------------------------------------------------------------+
//| 01001110 01100101 01110100 01111010 01101111 01100010 |
//| |
//| Netzob : Inferring communication protocols |
//+---------------------------------------------------------------------------+
//| Copyright (C) 2011-2017 Georges Bossert and Frédéric Guihéry |
//| This program is free software: you can redistribute it and/or modify |
//| it under the terms of the GNU General Public License as published by |
//| the Free Software Foundation, either version 3 of the License, or |
//| (at your option) any later version. |
//| |
//| This program is distributed in the hope that it will be useful, |
//| but WITHOUT ANY WARRANTY; without even the implied warranty of |
//| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
//| GNU General Public License for more details. |
//| |
//| You should have received a copy of the GNU General Public License |
//| along with this program. If not, see <http://www.gnu.org/licenses/>. |
//+---------------------------------------------------------------------------+
//| @url : http://www.netzob.org |
//| @contact : contact@netzob.org |
//| @sponsors : Amossys, http://www.amossys.fr |
//| Supélec, http://www.rennes.supelec.fr/ren/rd/cidre/ |
//+---------------------------------------------------------------------------+
//Compilation Windows
//cl -Fe_libInterface.pyd -Ox -Ot -openmp -LD /I"C:\Python26\include" /I"C:\Program Files (x86)\Microsoft Visual Studio 9.0\VC\include" libInterface.c "C:\Python26\libs\python26.lib" "C:\Program Files (x86)\Microsoft Visual Studio 9.0\VC\lib\vcomp.lib"
//+---------------------------------------------------------------------------+
//| Import Associated Header
//+---------------------------------------------------------------------------+
#include "Interface.h"
#ifdef _WIN32
#include <stdio.h>
#include <malloc.h>
#endif
#ifdef CCALLFORDEBUG
//+---------------------------------------------------------------------------+
//| callbackStatus : displays the status on terminal when using only C calls
//+---------------------------------------------------------------------------+
int callbackStatus(int stage, double percent, char* message, ...) {
// Variadic member
va_list args;
// local variables
char buffer[4096];
va_start(args, message);
vsnprintf(buffer, sizeof(buffer), message, args);
va_end(args);
buffer[4095] = '\0';
printf("[%d, %f] %s\n", stage, percent, buffer);
return 1;
}
#endif
//+---------------------------------------------------------------------------+
//| deserializeMessages : Deserialization of messages
//+---------------------------------------------------------------------------+
unsigned int deserializeMessages(t_group * group, char *format, unsigned char *serialMessages, unsigned int nbMessages, Bool debugMode) {
unsigned int i_message = 0;
char * p;
unsigned int serial_shift = 0;
unsigned int format_shift = 0;
unsigned int len_size_message=0;
unsigned int size_message=0;
char * size_message_str;
unsigned int nbDeserializedMessages = 0;
for (i_message=0; i_message < nbMessages; i_message++) {
// Retrieve the size of each message
p = strchr(format + format_shift, 'M');
len_size_message = (unsigned int) (p - (format + format_shift));
size_message_str = malloc((len_size_message + 1) * sizeof(char));
memcpy(size_message_str, format + format_shift, len_size_message);
size_message_str[len_size_message] = '\0';
size_message = atoi(size_message_str);
// Register the message
group->messages[i_message].len = size_message;
group->messages[i_message].alignment = serialMessages + serial_shift;
group->messages[i_message].mask = malloc(size_message * sizeof(unsigned char));
memset(group->messages[i_message].mask, '\0', size_message);
t_score score;
group->messages[i_message].score = &score;
nbDeserializedMessages += 1;
format_shift = format_shift + len_size_message + 1;
serial_shift = serial_shift + size_message;
// Cleaning useless allocated memory
free(size_message_str);
}
if (debugMode == TRUE) {
printf("A number of %d messages has been deserialized.\n", nbDeserializedMessages);
for (i_message = 0; i_message<nbDeserializedMessages; i_message++) {
printf("Message %u : \n", i_message);
hexdump(group->messages[i_message].alignment, group->messages[i_message].len);
}
}
return nbDeserializedMessages;
}
unsigned int deserializeGroups(t_groups * groups, char * format, unsigned char * serialGroups, int nbGroups, Bool debugMode) {
int i_group = 0;
int j_group = 0;
int l = 0;
char * p;
char *q;
char *r;
char *s;
unsigned short int format_shift = 0;
unsigned int len_size_group = 0;
unsigned int len_size_message = 0;
unsigned int len_score_group = 0;
unsigned int size_group = 0;
unsigned int size_message = 0;
char * size_group_str;
char * size_message_str;
char * score_group;
unsigned int i_message = 0;
for (i_group = 0; i_group <nbGroups; i_group++) {
//Retrieve the precompiled scores
s = strchr(format + format_shift, 'E');
if (s != NULL){ // Used for compatibility between version
for (j_group = i_group + 1; j_group < nbGroups ; j_group ++){
r = strchr(format + format_shift, 'S');
if (r!=NULL && (int) (s - r) > 0){
len_score_group = (unsigned int) (r - (format + format_shift));
score_group = malloc((len_score_group + 1) * sizeof(unsigned char));
memcpy(score_group, format + format_shift, len_score_group);
score_group[len_score_group]='\0';
groups->groups[i_group].scores[j_group-(i_group+1)] = atof(score_group);
format_shift += len_score_group + 1;
free(score_group);
}
else{
break;
}
}
format_shift += 1; // FOR LETTER 'E'*/
}
// retrieve the number of messages in the current group
p = strchr(format + format_shift, 'G');
len_size_group = (unsigned int) (p - (format + format_shift));
size_group_str = malloc((len_size_group + 1) * sizeof(char));
memcpy(size_group_str, format + format_shift, len_size_group);
size_group_str[len_size_group] = '\0';
size_group = (unsigned int) atoi(size_group_str);
format_shift += len_size_group + 1;
// Allocate pointers to store the messages of current group
groups->groups[i_group].len = size_group;
groups->groups[i_group].messages = malloc(size_group * sizeof(t_message));
for (i_message = 0; i_message < size_group; i_message++) {
// Retrieve the size of each message
q = strchr(format + format_shift, 'M');
len_size_message = (unsigned int) (q - (format + format_shift));
size_message_str = malloc((len_size_message + 1) * sizeof(char));
memcpy(size_message_str, format + format_shift, len_size_message);
size_message_str[len_size_message] = '\0';
size_message = atoi(size_message_str);
format_shift += len_size_message + 1;
// Retrieve the data of each message
groups->groups[i_group].messages[i_message].len = size_message;
groups->groups[i_group].messages[i_message].alignment = serialGroups + l;
groups->groups[i_group].messages[i_message].mask = serialGroups + l + size_message;
l += size_message * 2;
free(size_message_str );
}
free(size_group_str);
}
if (debugMode == TRUE) {
printf("A number of %d group has been deserialized.\n", nbGroups);
}
return i_group;
}
#define OPL 64
void hexdump(unsigned char *buf, int dlen) {
char c[OPL + 1];
int i, ct;
if (dlen < 0) {
printf("WARNING: computed dlen %d\n", dlen);
dlen = 0;
}
for (i = 0; i < dlen; ++i) {
if (i == 0)
printf("DATA: ");
else if ((i % OPL) == 0) {
c[OPL] = '\0';
printf("\t\"%s\"\nDATA: ", c);
}
ct = buf[i] & 0xff;
c[i % OPL] = (ct >= ' ' && ct <= '~') ? ct : '.';
printf("%02x ", ct);
}
c[i % OPL] = '\0';
for (; i % OPL; ++i)
printf(" ");
printf("\t\"%s\"\n", c);
}
void dumpMessage(t_message message) {
unsigned int i;
printf("%d ", message.len);
for(i = 0; i < message.len; i++) {
if(message.mask[i] == 0)
printf("%02x", (unsigned char) message.alignment[i]);
else if(message.mask[i] == 2)
printf("##");
else
printf("--");
}
printf("\n");
}
unsigned int serializeSemanticTags(char ** serializedTags, t_semanticTag ** tags, unsigned int nbSemanticTags) {
unsigned int sizeSerializedTags = 0;
unsigned int iTag = 0;
unsigned int sizeLocalTag = 0;
// serializedTags = "tag1;tag2;tag3;..."
// first we compute the size of the result:
// size(serializedTags) = sum(size(tags->name)+1)+1
for (iTag=0; iTag<nbSemanticTags; iTag++){
if(tags[iTag]->name != NULL) {
sizeSerializedTags += strlen(tags[iTag]->name);
}
sizeSerializedTags +=1;
}
sizeSerializedTags +=1; // for the NULL byte
*serializedTags = calloc(sizeSerializedTags, sizeof(char));
for (iTag=0; iTag<nbSemanticTags; iTag++) {
if (tags[iTag]->name != NULL) {
sizeLocalTag = strlen(tags[iTag]->name);
if(sizeLocalTag>0){
strncat(*serializedTags, tags[iTag]->name, sizeLocalTag);
}
}
strncat(*serializedTags, ";", 1);
}
return sizeSerializedTags;
}
PyObject * serializeMessage(t_message * message) {
char * semanticTags = NULL;
unsigned int lenSemanticTags = serializeSemanticTags(&semanticTags, message->semanticTags, message->len);
return Py_BuildValue("(fffy#y#s#)", message->score->s1, message->score->s2, message->score->s3, message->alignment, message->len, message->mask, message->len, semanticTags, lenSemanticTags);
}

313
netzob-030/lib/interface/Py_lib/libInterface.c Normal file
View File

@@ -0,0 +1,313 @@
// -*- coding: utf-8 -*-
//+---------------------------------------------------------------------------+
//| 01001110 01100101 01110100 01111010 01101111 01100010 |
//| |
//| Netzob : Inferring communication protocols |
//+---------------------------------------------------------------------------+
//| Copyright (C) 2011-2017 Georges Bossert and Frédéric Guihéry |
//| This program is free software: you can redistribute it and/or modify |
//| it under the terms of the GNU General Public License as published by |
//| the Free Software Foundation, either version 3 of the License, or |
//| (at your option) any later version. |
//| |
//| This program is distributed in the hope that it will be useful, |
//| but WITHOUT ANY WARRANTY; without even the implied warranty of |
//| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
//| GNU General Public License for more details. |
//| |
//| You should have received a copy of the GNU General Public License |
//| along with this program. If not, see <http://www.gnu.org/licenses/>. |
//+---------------------------------------------------------------------------+
//| @url : http://www.netzob.org |
//| @contact : contact@netzob.org |
//| @sponsors : Amossys, http://www.amossys.fr |
//| Supélec, http://www.rennes.supelec.fr/ren/rd/cidre/ |
//+---------------------------------------------------------------------------+
//Compilation Windows
//cl -Fe_libInterface.pyd -Ox -Ot -openmp -LD /I"C:\Python26\include" /I"C:\Program Files (x86)\Microsoft Visual Studio 9.0\VC\include" libInterface.c "C:\Python26\libs\python26.lib" "C:\Program Files (x86)\Microsoft Visual Studio 9.0\VC\lib\vcomp.lib"
//+---------------------------------------------------------------------------+
//| Import Associated Header
//+---------------------------------------------------------------------------+
#include "libInterface.h"
#ifdef _WIN32
#include <stdio.h>
#include <malloc.h>
#endif
// The Python callback
PyObject *python_callback;
PyObject *python_callback_isFinish;
unsigned int deserializeSymbols(PyObject *symbols, Bool debugMode);
PyObject* py_deserializeSymbols(PyObject* self, PyObject* args);
static PyMethodDef libInterface_methods[] = {
{"getBID", py_getBID, METH_NOARGS, NULL},
{"deserializeMessages", py_deserializeMessages, METH_VARARGS, NULL},
{"deserializeGroups", py_deserializeGroups, METH_VARARGS, NULL},
{"deserializeSymbols",py_deserializeSymbols, METH_VARARGS, NULL},
{NULL, NULL, 0, NULL}
};
//+---------------------------------------------------------------------------+
//| initlibInterface : Python will use this function to init the module
//+---------------------------------------------------------------------------+
PyObject* PyInit__libInterface(void) {
static struct PyModuleDef moduledef = {
PyModuleDef_HEAD_INIT,
"_libInterface",
NULL,
-1,
libInterface_methods,
NULL,
NULL,
NULL,
NULL
};
return PyModule_Create(&moduledef);
}
int callbackIsFinish(void) {
if (python_callback_isFinish != NULL) {
int isFinish;
PyObject *result_cb;
result_cb = PyObject_CallObject(python_callback_isFinish, NULL);
if (result_cb == NULL) {
return -1;
}
if (result_cb == Py_True) {
isFinish = 1;
}
else if (result_cb == Py_False) {
isFinish = 0;
} else {
isFinish = -1;
}
Py_DECREF(result_cb);
return isFinish;
}
return -1;
}
//+---------------------------------------------------------------------------+
//| callbackStatus : displays the status or call python wrapper is available
//+---------------------------------------------------------------------------+
int callbackStatus(int stage, double percent, char* message, ...) {
// Variadic member
va_list args;
// local variables
PyObject *arglist_cb;
PyObject *result_cb;
char buffer[4096];
va_start(args, message);
vsnprintf(buffer, sizeof(buffer), message, args);
va_end(args);
buffer[4095] = '\0';
if (python_callback != NULL) {
arglist_cb = Py_BuildValue("(i,d,s)", stage, percent, buffer);
result_cb = PyObject_CallObject(python_callback, arglist_cb);
Py_DECREF(arglist_cb);
if (result_cb == NULL) {
return -1;
}
Py_DECREF(result_cb);
return 1;
}
else {
printf("[%f] %s\n", percent, buffer);
return 1;
}
return 0;
}
//+---------------------------------------------------------------------------+
//| py_deserializeMessages : Python wrapper for deserializeMessages
//+---------------------------------------------------------------------------+
PyObject* py_deserializeMessages(__attribute__((unused))PyObject* self, PyObject* args) {
unsigned int nbMessages = (unsigned int) PyObject_Size(args);
char *format;
int sizeFormat;
unsigned char *serialMessages;
int sizeSerialMessages;
unsigned int debugMode = 0;
unsigned int nbDeserializedMessage = 0;
t_group group_result;
// Converts the arguments
if (!PyArg_ParseTuple(args, "hss#h", &nbMessages, &format, &sizeFormat, &serialMessages, &sizeSerialMessages, &debugMode)) {
printf("Error while parsing the arguments provided to py_deserializeMessages\n");
return NULL;
}
// Deserializes the provided arguments
if (debugMode == 1) {
printf("py_alignSequences : Deserialization of the arguments (format, serialMessages).\n");
}
group_result.len = nbMessages;
group_result.messages = malloc(nbMessages*sizeof(t_message));
nbDeserializedMessage = deserializeMessages(&group_result, format, serialMessages, nbMessages, debugMode);
if (nbDeserializedMessage != nbMessages) {
printf("Error : impossible to deserialize all the provided messages.\n");
return NULL;
}
// cleaning a bit
free(group_result.messages);
if(debugMode == 1) {
printf("All the provided messages were deserialized (%d).\n", nbDeserializedMessage);
}
// return the number of deserialized messages
return Py_BuildValue("i", nbDeserializedMessage);
}
//+---------------------------------------------------------------------------+
//| py_deserializeGroups : Python wrapper for deserializeGroups
//+---------------------------------------------------------------------------+
PyObject* py_deserializeGroups(__attribute__((unused))PyObject* self, PyObject* args) {
unsigned int nbGroups = 0;
char *format;
int sizeFormat;
unsigned char *serialGroups;
int sizeSerialGroups;
unsigned int debugMode = 0;
unsigned int nbDeserializedGroup = 0;
t_groups groups_result;
// Get the number of group (need python>=2.5)
if(PyObject_Size(args) == -1) {
printf("The argument has no length");
return NULL;
}
else {
nbGroups = (unsigned int) PyObject_Size(args);
}
// Converts the arguments
if (!PyArg_ParseTuple(args, "hss#h", &nbGroups, &format, &sizeFormat, &serialGroups, &sizeSerialGroups, &debugMode)) {
printf("Error while parsing the arguments provided to py_deserializeGroups\n");
return NULL;
}
// Deserializes the provided arguments
if (debugMode == 1) {
printf("py_deserializeGroups : Deserialization of the arguments (format, serialGroups).\n");
}
groups_result.len = nbGroups;
groups_result.groups = malloc(nbGroups*sizeof(t_group));
nbDeserializedGroup = deserializeGroups(&groups_result, format, serialGroups, nbGroups, debugMode);
// deserializeSymbols(&groups_result, args, debugMode);
if (nbDeserializedGroup != nbGroups) {
printf("Error : impossible to deserialize all the provided groups, %d/%d were effectly parsed.\n", nbDeserializedGroup, nbGroups);
return NULL;
}
// cleaning a bit
free(groups_result.groups);
if(debugMode == 1) {
printf("All the provided groups were deserialized (%d).\n", nbDeserializedGroup);
}
// return the number of deserialized groups
return Py_BuildValue("i", nbDeserializedGroup);
}
/********************************************************************
* deserializeSymbols:
* push list of symbols in the groups
*
*********************************************************************/
PyObject * py_deserializeSymbols(__attribute__((unused))PyObject* self, PyObject* args) {
deserializeSymbols(args,0);
return Py_BuildValue("i", 1);
}
unsigned int deserializeSymbols(PyObject *args, Bool debugMode) {
PyObject *symbols = PyTuple_GetItem(args, 0);
int nbGroups = PyObject_Size(symbols);
int nbScore = 0;
float tempScore = 0;
if (nbGroups == -1)
return 0;
int i_group = 0;
int j_group = 0;
PyObject *current_symbol = NULL;
PyObject *scoresList = NULL;
PyObject *current_position = NULL;
printf("IN\n");
if (!PyList_Check(symbols))
{
printf("The format of the list of symbols given is not a list");
return 0;
}
else {
if(debugMode == 1) {
printf("Size %d\n",nbGroups);
printf("InElse\n");
}
for (i_group = 0; i_group <nbGroups; i_group++) {
current_position = PyList_GetItem(symbols, i_group);
printf("Step1\n");
if (!PyList_Check(current_position))
{
printf("The format of the list of symbols given is not a list");
return 0;
}
current_symbol = PyList_GetItem(current_position, 0); // The Symbols Object
scoresList = PyList_GetItem(current_position, 1); // The list of scores
nbScore = PyObject_Size(scoresList); // # of scores recorded
for (j_group = 0; j_group < nbScore ; j_group ++){
tempScore = (float) PyFloat_AsDouble(PyList_GetItem(scoresList,j_group));
if(debugMode == 1) {
printf("tempScore %f\n",tempScore);
}
}
if(debugMode == 1) {
printf("END SCORE\n");
}
/* Decrease the ref at the end of the loop*/
if (i_group == nbGroups-1) {
if(current_position != NULL)
Py_DECREF(current_position);
if(current_symbol != NULL)
Py_DECREF(current_symbol);
if(scoresList != NULL)
Py_DECREF(scoresList);
}
}
}
if(debugMode == 1) {
printf("End of else\n");
}
return 1;
}

797
netzob-030/lib/libNeedleman/Needleman.c Normal file
View File

@@ -0,0 +1,797 @@
// -*- coding: utf-8 -*-
//+---------------------------------------------------------------------------+
//| 01001110 01100101 01110100 01111010 01101111 01100010 |
//| |
//| Netzob : Inferring communication protocols |
//+---------------------------------------------------------------------------+
//| Copyright (C) 2011-2017 Georges Bossert and Frédéric Guihéry |
//| This program is free software: you can redistribute it and/or modify |
//| it under the terms of the GNU General Public License as published by |
//| the Free Software Foundation, either version 3 of the License, or |
//| (at your option) any later version. |
//| |
//| This program is distributed in the hope that it will be useful, |
//| but WITHOUT ANY WARRANTY; without even the implied warranty of |
//| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
//| GNU General Public License for more details. |
//| |
//| You should have received a copy of the GNU General Public License |
//| along with this program. If not, see <http://www.gnu.org/licenses/>. |
//+---------------------------------------------------------------------------+
//| @url : http://www.netzob.org |
//| @contact : contact@netzob.org |
//| @sponsors : Amossys, http://www.amossys.fr |
//| Supélec, http://www.rennes.supelec.fr/ren/rd/cidre/ |
//+---------------------------------------------------------------------------+
//Compilation Windows
//cl -Fe_libNeedleman.pyd -Ox -Ot -openmp -LD /I"C:\Python26\include" /I"C:\Program Files (x86)\Microsoft Visual Studio 9.0\VC\include" libNeedleman.c "C:\Python26\libs\python26.lib" "C:\Program Files (x86)\Microsoft Visual Studio 9.0\VC\lib\vcomp.lib"
//+---------------------------------------------------------------------------+
//| Import Associated Header
//+---------------------------------------------------------------------------+
#include "Needleman.h"
#ifdef _WIN32
#include <stdio.h>
#include <malloc.h>
#endif
void alignMessages(t_message *resMessage, Bool doInternalSlick, unsigned int nbMessages, t_message * messages, Bool debugMode) {
// local variable
unsigned int numberOfOperations = 0;
double costOfOperation;
double status = 0.0;
// Local variables
t_message current_message;
t_message new_message;
t_score score;
unsigned int i_message = 0;
// Regex returned by the function alignTwoMessages()
char * regex = NULL;
score.s1 = 0;
score.s2 = 0;
score.s3 = 0;
score.value = 0;
//+------------------------------------------------------------------------+
// Estimate the number of operation
//+------------------------------------------------------------------------+
numberOfOperations = nbMessages - 1;
costOfOperation = 100.0 / numberOfOperations;
// Create a current message (using first message)
// current message = Align N+1 message with current message
current_message.len = messages[0].len;
current_message.alignment = messages[0].alignment;
current_message.mask = malloc(messages[0].len * sizeof(unsigned char));
current_message.semanticTags = malloc(messages[0].len * sizeof(t_semanticTag*));
for (unsigned int j=0; j<messages[0].len; j++) {
current_message.semanticTags[j] = malloc(sizeof(t_semanticTag));
current_message.semanticTags[j]->name = malloc((strlen(messages[0].semanticTags[j]->name)+1) * sizeof(char));
strcpy(current_message.semanticTags[j]->name, messages[0].semanticTags[j]->name);
}
memset(current_message.mask, 0, messages[0].len);
current_message.score = &score;
// Prepare for the resMessage
if (nbMessages == 1) {
resMessage->len = current_message.len;
resMessage->mask = current_message.mask;
resMessage->alignment = current_message.alignment;
resMessage->score = current_message.score;
resMessage->semanticTags = current_message.semanticTags;
}
for (i_message=1; i_message < nbMessages; i_message++) {
// Update the execution status
if (callbackStatus(0, status, "Consider message %d in the alignment process", i_message) == -1) {
printf("Error, error while executing C callback.\n");
}
if (callbackIsFinish() == 1) {
return;
}
new_message.len = messages[i_message].len;
new_message.alignment = messages[i_message].alignment;
new_message.mask = malloc(messages[i_message].len * sizeof(unsigned char));
new_message.semanticTags = malloc(messages[i_message].len * sizeof(t_semanticTag*));
for (unsigned int j=0; j<messages[i_message].len; j++) {
new_message.semanticTags[j] = malloc(sizeof(t_semanticTag));
new_message.semanticTags[j]->name = malloc((strlen(messages[i_message].semanticTags[j]->name)+1) * sizeof(char));
strcpy(new_message.semanticTags[j]->name, messages[i_message].semanticTags[j]->name);
}
memset(new_message.mask, 0, messages[i_message].len);
// Align current_message with new_message
regex = alignTwoMessages(resMessage, doInternalSlick, &current_message, &new_message, debugMode);
// regex is malloced by the function alignTwoMessages() and we don't need it here
if(regex)
free(regex);
free(current_message.mask);
free(new_message.mask);
// Copy result in the current message
current_message.len = resMessage->len;
current_message.alignment = resMessage->alignment;
current_message.mask = resMessage->mask;
current_message.semanticTags = resMessage->semanticTags;
//udpate status
status += costOfOperation;
}
// Update the execution status
if (callbackStatus(0, status, "The %d messages have sucessfully been aligned.", nbMessages) == -1) {
printf("Error, error while executing C callback.\n");
}
free(messages);
}
char* alignTwoMessages(t_message * resMessage, Bool doInternalSlick, t_message * message1, t_message * message2, Bool debugMode){
// local variables
short int ** matrix = NULL;
unsigned int i = 0;
unsigned int j = 0;
// Construction of the matrix
short int elt1, elt2, elt3, max, eltL, eltD, eltT;
// Levenshtein distance
// float levenshtein = 0.0;
float scoreAlignment = 0;
unsigned int maxLen = 0;
// Traceback
unsigned char * contentMessage1 = NULL;
unsigned int * mapMessage1 = NULL;
unsigned char * maskMessage1 = NULL;
unsigned char * contentMessage2 = NULL;
unsigned char * maskMessage2 = NULL;
unsigned int * mapMessage2 = NULL;
unsigned int iReg1 = 0;
unsigned int iReg2 = 0;
// Computing resMessage
unsigned char *tmpMessage = NULL;
unsigned char *tmpMessageMask = NULL;
t_semanticTag **tmpMessageTags = NULL;
// Score computation
unsigned int nbDynTotal = 0;
unsigned int nbDynCommon = 0;
// Regex returned by the function
char * regex = NULL;
// DEBUG DISPLAY OF MESSAGES
if (debugMode == TRUE) {
displayMessage(message1);
displayMessage(message2);
}
//+------------------------------------------------------------------------+
// Create and initialize the matrix
//+------------------------------------------------------------------------+
matrix = (short int**) malloc( sizeof(short int*) * (message1->len + 1) );
for (i = 0; i < (message1->len + 1); i++) {
matrix[i] = (short int*) calloc( (message2->len + 1), sizeof(short int) );
}
//+------------------------------------------------------------------------+
// Fullfill the matrix given the two messages
//+------------------------------------------------------------------------+
// Parralelization:
unsigned int nbDiag = 0;
unsigned int nbBlock = 0; // Depends on which diagonal we are on
unsigned int minLen = 0;
unsigned int firsti = 0;
unsigned int firstj = 0;
unsigned int diagloop = 0;
unsigned int blockLoop = 0;
unsigned int iblock = 0;
unsigned int jblock = 0;
unsigned int maxLoopi = 0;
unsigned int maxLoopj = 0;
unsigned int lastRow = 0;
unsigned int lastColumn = 0;
int maxScoreMatrix = 0;
lastRow = ((message1->len+1)/BLEN) * BLEN;
lastColumn = ((message2->len+1)/BLEN) * BLEN;
nbDiag = (message1->len+1)/BLEN + (message2->len+1)/BLEN + ((message1->len+1)%BLEN!=0); // reminder: BLEN = blocklength
minLen = message1->len+1 <= message2->len+1 ? message1->len+1 : message2->len+1;
maxLen = message1->len+1 > message2->len+1 ? message1->len+1 : message2->len+1;
// Begin loop over diagonals
for (diagloop = 0; diagloop < nbDiag; diagloop++){
//printf("Diag n %d\n",diagloop);
for (blockLoop = 0;blockLoop <= nbBlock; blockLoop++){
//printf("Block n %d\n",blockLoop);
//(iblock,jblock are moving from the bottom left of the current diagonal to the top right)
iblock = firsti - blockLoop * BLEN;
jblock = firstj + blockLoop * BLEN;
maxLoopi = iblock + BLEN <= message1->len + 1? iblock + BLEN:message1->len + 1;
maxLoopj = jblock + BLEN <= message2->len + 1? jblock + BLEN:message2->len + 1;
for(i = iblock;i < maxLoopi; i++){
for(j = jblock; j < maxLoopj; j++){
if (i > 0 && j > 0){
elt1 = matrix[i - 1][j - 1];
elt1 += getSimilarityScore(message1, message2, i, j);
elt2 = matrix[i][j - 1] + GAP;
elt3 = matrix[i - 1][j] + GAP;
max = elt1 > elt2 ? elt1 : elt2;
max = max > elt3 ? max : elt3;
matrix[i][j] = max;
if (max > maxScoreMatrix) {
maxScoreMatrix = max;
}
}//printf("%d,\t",matrix[i][j]);
}
//printf("\n");
}//End for iblock
}//End for blockLoop
//Actualize the number of block for the next time
if (diagloop < minLen/BLEN){
nbBlock++;
}
else if (diagloop > maxLen/BLEN){
nbBlock--;
}
//Actualise the first position of the cursor (bottom left of the next diagonal)
if (firsti != lastRow) // If we are not at the last row
firsti = firsti + BLEN ;
else if (firstj != lastColumn) // Else If we are not at the last column
firstj += BLEN;
}//End for diagloop
// Compute score of the alignment (ratio regarding the max score these two payloads could have get if they were equals)
unsigned int lenSmallestPayload = message2->len > message1->len ? message1->len : message2->len;
float maxScore = lenSmallestPayload * MATCH;
scoreAlignment = (100.0f / maxScore) * (float) maxScoreMatrix;
if (scoreAlignment > 100.0f) {
scoreAlignment = 100.0f;
} else if (scoreAlignment < 0.0f) {
scoreAlignment = 0.0f;
}
//levenshtein = MATCH*(float)matrix[message1->len][message2->len] / maxLen;
//float levcop = matrix[message1->len][message2->len];
//levenshtein = levenshtein * 10 / maxLen;
//+------------------------------------------------------------------------+
// Traceback into the matrix
//+------------------------------------------------------------------------+
//finish = FALSE;
contentMessage1 = calloc( message1->len + message2->len, sizeof(unsigned char));
mapMessage1 = calloc( message1->len + message2->len, sizeof(unsigned int));
maskMessage1 = calloc( message1->len + message2->len, sizeof(unsigned char));
contentMessage2 = calloc( message1->len + message2->len, sizeof(unsigned char));
mapMessage2 = calloc( message1->len + message2->len, sizeof(unsigned int));
maskMessage2 = calloc( message1->len + message2->len, sizeof(unsigned char));
if (contentMessage1 == NULL) {
printf("Error while trying to allocate memory for variable : contentMessage1.\n");
goto end;
}
if (contentMessage2 == NULL) {
printf("Error while trying to allocate memory for variable : contentMessage2.\n");
goto end;
}
if (maskMessage1 == NULL) {
printf("Error while trying to allocate memory for variable : maskMessage1.\n");
goto end;
}
if (maskMessage2 == NULL) {
printf("Error while trying to allocate memory for variable : maskMessage2.\n");
goto end;
}
// Fullfill the mask with END like filling it with a '\0'
memset(maskMessage1, END, (message1->len + message2->len) * sizeof(unsigned char));
memset(maskMessage2, END, (message1->len + message2->len) * sizeof(unsigned char));
// Prepare variables for the traceback
iReg1 = message1->len + message2->len - 1;
iReg2 = iReg1;
i = message1->len;
j = message2->len;
// DIAGONAL (almost) TRACEBACK
while ((i > 0) && (j > 0)) {
eltL = matrix[i][j - 1];
eltD = matrix[i - 1][j - 1];
eltT = matrix[i - 1][j];
if ((eltL > eltD) && (eltL > eltT)) {
--j;
contentMessage1[iReg1] = 0xf1;
maskMessage1[iReg1] = DIFFERENT;
if( message2->mask[j] == EQUAL) {
contentMessage2[iReg2] = message2->alignment[j];
maskMessage2[iReg2] = EQUAL;
}
else {
contentMessage2[iReg2] = 0xf1;
maskMessage2[iReg2] = DIFFERENT;
}
} else if ((eltT >= eltL) && (eltT > eltD)) {
--i;
contentMessage2[iReg2] = 0xf2;
maskMessage2[iReg2] = DIFFERENT;
if( message1->mask[i] == EQUAL) {
contentMessage1[iReg1] = message1->alignment[i];
maskMessage1[iReg1] = EQUAL;
}
else {
contentMessage1[iReg1] = 0xf2;
maskMessage1[iReg1] = DIFFERENT;
}
} else {
--i;
--j;
if(message1->mask[i] == EQUAL) {
contentMessage1[iReg1] = message1->alignment[i];
maskMessage1[iReg1] = EQUAL;
}
else {
contentMessage1[iReg1] = 0xf2;
maskMessage1[iReg1] = DIFFERENT;
}
if(message2->mask[j] == EQUAL) {
contentMessage2[iReg2] = message2->alignment[j];
maskMessage2[iReg2] = EQUAL;
}
else {
contentMessage2[iReg2] = 0xf2;
maskMessage2[iReg2] = DIFFERENT;
}
}
mapMessage1[iReg1]=i;
mapMessage2[iReg2]=j;
--iReg1;
--iReg2;
}
// THE DIAGONAL IS FINISH WE CLOSE THE
// TRACEBACK BY GOING TO THE EXTREME TOP
while (i > 0) {
--i;
contentMessage2[iReg2] = 0xf3;
maskMessage2[iReg2] = DIFFERENT;
if(message1->mask[i] == EQUAL) {
contentMessage1[iReg1] = message1->alignment[i];
maskMessage1[iReg1] = EQUAL;
}
else {
contentMessage1[iReg1] = 0xf3;
maskMessage1[iReg1] = DIFFERENT;
}
mapMessage1[iReg1]=i;
mapMessage2[iReg2]=j;
--iReg1;
--iReg2;
}
// THE DIAGONAL IS FINISH WE CLOSE THE
// TRACEBACK BY GOING TO THE EXTREME LEFT
while (j > 0) {
--j;
contentMessage1[iReg1] = 0xf4;
maskMessage1[iReg1] = DIFFERENT;
if(message2->mask[j] == EQUAL) {
contentMessage2[iReg2] = message2->alignment[j];
maskMessage2[iReg2] = EQUAL;
}
else {
contentMessage2[iReg2] = 0xf4;
maskMessage2[iReg2] = DIFFERENT;
}
mapMessage1[iReg1]=i;
mapMessage2[iReg2]=j;
--iReg1;
--iReg2;
}
if (debugMode == TRUE) {
// Display the mapping between alignement and message half-bytes
printf("Mapping : ");
for( i = 0; i < message1->len + message2->len; i++) {
unsigned int iTag = mapMessage1[i];
unsigned int jTag = mapMessage2[i];
char * tagNameMessage1 = NULL;
char * tagNameMessage2 = NULL;
if (iTag >= message1->len || message1->semanticTags[iTag] == NULL
|| message1->semanticTags[iTag]->name == NULL) {
tagNameMessage1 = "None";
} else {
tagNameMessage1 = message1->semanticTags[iTag]->name;
}
if (jTag >= message2->len || message2->semanticTags[jTag] == NULL
|| message2->semanticTags[jTag]->name == NULL) {
tagNameMessage2 = "None";
} else {
tagNameMessage2 = message2->semanticTags[jTag]->name;
}
if (strcmp(tagNameMessage1, "None") != 0 || strcmp(tagNameMessage2, "None") != 0) {
printf("%d) 1=%d [%s], 2=%d [%s], \n", i, iTag, tagNameMessage1, jTag, tagNameMessage2);
}
}
}
// For debug only
if (debugMode == TRUE) {
printf("(1)Alig : ");
for( i = 0; i < message1->len + message2->len; i++) {
if(maskMessage1[i] == EQUAL ) {
printf("%02x", (unsigned char) contentMessage1[i]);
} else if ( maskMessage2[i] == END ) {
//printf("##");
} else {
printf("--");
}
}
printf("\n");
printf("(2)Alig : ");
for( i = 0; i < message1->len + message2->len; i++) {
if( maskMessage2[i] == EQUAL ) {
printf("%02x", (unsigned char) contentMessage2[i]);
} else if ( maskMessage2[i] == END ) {
//printf("##");
} else {
printf("--");
}
}
printf("\n");
}
// Compute the common alignment
char hexrepr[3];
int sizereg = 100000;//(int)(levcop/10)*2+(int)(levcop/10)+2;
int regind = 0;
tmpMessage = calloc(message1->len + message2->len, sizeof(unsigned char));
tmpMessageMask = malloc((message1->len + message2->len) * sizeof(unsigned char));
memset(tmpMessageMask, END, (message1->len + message2->len) * sizeof(unsigned char));
tmpMessageTags = malloc((message1->len + message2->len) * sizeof(t_semanticTag*));
for (i=0; i<message1->len + message2->len; i++){
tmpMessageTags[i] = malloc(sizeof(t_semanticTag));
tmpMessageTags[i]->name = NULL;
}
regex= malloc( sizereg* sizeof(char));
memset(regex, 0, sizereg);
if (debugMode == TRUE) {
printf("Compute the common alignment:\n");
}
i = 0;
while (i < message1->len + message2->len) {
// Fetch the semantic tag of the two messages
unsigned int iTag = mapMessage1[i];
unsigned int jTag = mapMessage2[i];
char * tagNameMessage1 = NULL;
char * tagNameMessage2 = NULL;
char * tagNewMessage = NULL;
if (iTag >= message1->len || message1->semanticTags[iTag] == NULL
|| message1->semanticTags[iTag]->name == NULL) {
tagNameMessage1 = "None";
} else {
tagNameMessage1 = message1->semanticTags[iTag]->name;
}
if (jTag >= message2->len || message2->semanticTags[jTag] == NULL || message2->semanticTags[jTag]->name == NULL) {
tagNameMessage2 = "None";
} else {
tagNameMessage2 = message2->semanticTags[jTag]->name;
}
if (strcmp(tagNameMessage1, tagNameMessage2) == 0) {
tagNewMessage = tagNameMessage1;
} else {
tagNewMessage = "None";
}
tmpMessageTags[i]->name = tagNewMessage;
if ((maskMessage1[i] == END) || (maskMessage2[i] == END)) {
if(regind==0){
regex[0] ='.';
regind++;
}
else if(regex[regind-1] !='.'){
regex[regind] ='.';
regind++;
}
tmpMessage[i] = 0xf9;
tmpMessageMask[i] = END;
}
else if ((maskMessage1[i] == EQUAL) && (maskMessage2[i] == EQUAL) && (contentMessage1[i] == contentMessage2[i])) {
tmpMessage[i] = contentMessage1[i];
sprintf(hexrepr,"%02x",contentMessage1[i]);
sprintf(regex+regind,"%02x",contentMessage1[i]);
//regex[regind] = hexrepr[1];
//regex[regind+1] = hexrepr[0];
regind+=2;
tmpMessageMask[i] = EQUAL;
}
else {
if(regind==0){
regex[0] ='.';
regind++;
}
else if(regex[regind-1] !='.'){
regex[regind] ='.';
regind++;
}
tmpMessage[i] = 0xf5;
tmpMessageMask[i] = DIFFERENT;
nbDynTotal += 1;
if ((maskMessage1[i] == EQUAL) && (maskMessage2[i] == EQUAL)) {
nbDynCommon += 1;
}
}
i++;
}
//printf("%f\n",levcop);
/*if(regex!=NULL){
printf("REGEX %s\n",regex);
//free(regex);
//printf("FREE \n");
}*/
// Try to (optionally) slick the alignment
if(doInternalSlick == TRUE) {
if(message1->len + message2->len > 0) {
for(i = 1; i < message1->len + message2->len - 1; i++) {
if( tmpMessageMask[i] == EQUAL ) {
if( tmpMessageMask[i - 1] == DIFFERENT ) {
if( tmpMessageMask[i + 1] == DIFFERENT ) {
tmpMessage[i] = 0xf6;
tmpMessageMask[i] = DIFFERENT;
}
}
}
}
}
}
// Create the alignment based on obtained data
// Remove the first # of the alignment (where mask = END)
// Retrieve the shortest possible alignment
i = 0;
while( tmpMessageMask[i] == END )
i++;
// Store the results
resMessage->len = message1->len + message2->len - i;
resMessage->alignment = malloc(resMessage->len * sizeof(unsigned char));
resMessage->mask = malloc(resMessage->len * sizeof(unsigned char));
resMessage->semanticTags = malloc(resMessage->len * sizeof(t_semanticTag *));
// default semantic tag is "None"
for (j=0; j<resMessage->len; j++) {
resMessage->semanticTags[j] = malloc(sizeof(t_semanticTag));
if (tmpMessageTags[i+j] == NULL || strcmp(tmpMessageTags[i+j]->name, "None") == 0) {
resMessage->semanticTags[j]->name = "None";
} else {
resMessage->semanticTags[j]->name = tmpMessageTags[i+j]->name;
}
//strcpy(resMessage->semanticTags[j]->name, tmpMessageTags[i+j]->name);
}
// TODO: (fgy) free resMessage.mask and resMessage.alignment
memcpy(resMessage->alignment, tmpMessage + i, resMessage->len);
memcpy(resMessage->mask, tmpMessageMask + i, resMessage->len);
// Compute the scores of similarity, using the resMessage
if (debugMode == TRUE) {
displayMessage(resMessage);
printf("Result : ");
for( i = 0; i < resMessage->len; i++) {
if(resMessage->mask[i] == EQUAL ) {
printf("%02x", (unsigned char) resMessage->alignment[i]);
} else if ( resMessage->mask[i] == END ) {
//printf("##");
} else {
printf("--");
}
}
printf("\n");
}
// COMPUTE THE SCORES
resMessage->score->s1 = getScoreRatio(resMessage);
resMessage->score->s2 = getScoreDynSize(nbDynTotal, nbDynCommon);
resMessage->score->s3 = scoreAlignment;
if (debugMode == TRUE) {
printf("Score ratio : %0.2f.\n", resMessage->score->s1);
printf("Score DynSize : %0.2f.\n", resMessage->score->s2);
printf("Score Rang : %0.2f.\n", resMessage->score->s3);
}
end:
// Room service
if(matrix) {
for (i = 0; i < (message1->len + 1); i++) {
if(matrix[i]) {
free(matrix[i]);
}
}
free(matrix);
}
if(contentMessage1) {
free(contentMessage1);
}
if(contentMessage2) {
free(contentMessage2);
}
if(maskMessage1) {
free(maskMessage1);
}
if(maskMessage2) {
free(maskMessage2);
}
if(mapMessage1) {
free(mapMessage1);
}
if(mapMessage2) {
free(mapMessage2);
}
if(tmpMessage) {
free(tmpMessage);
}
if(tmpMessageMask) {
free(tmpMessageMask);
}
if(tmpMessageTags) {
for (i = 0; i < message1->len + message2->len; i++) {
if(tmpMessageTags[i]) {
free(tmpMessageTags[i]);
}
}
free(tmpMessageTags);
}
return regex;
}
float getScoreRatio(t_message * message) {
// Computing score of the alignment
float nbDynamic = 0.0f;
float nbStatic = 0.0f;
Bool inDyn = FALSE;
int i=0;
float result = 0;
for (i = (message->len - 1); i >= 1; --i) {
if (message->mask[i] == END) {
break;
}
if (message->mask[i] == EQUAL) {
if (inDyn == TRUE) {
nbDynamic = nbDynamic + 1.0f;
inDyn = FALSE;
}
nbStatic = nbStatic + 1.0f;
} else if (message->mask[i] == DIFFERENT) {
inDyn = TRUE;
}
}
if (inDyn == TRUE)
nbDynamic = nbDynamic + 1.0f;
if(nbStatic == 0){
result = 0;
}
else {
result = 100.0 / (nbStatic + nbDynamic) * nbStatic;
}
return result;
}
float getScoreDynSize(unsigned int nbDynTotal, unsigned int nbDynCommon) {
// Compute score of common dynamic elements
float result = 0;
if(nbDynTotal == 0) {
result = 100;
}
else {
result = (100.0 - 1) / nbDynTotal * nbDynCommon;
}
return result;
}
/**
computeDistance:
This function computes a distance given a set of scores
@param score : the scores to merge
@return the distance
*/
float computeDistance(t_score * score) {
float result = 0;
result = sqrt((1.0 * pow(score->s1,2) + 1.0 * pow(score->s2,2) + 1.0 * pow(score->s3,2))/3.0);
return result;
}
short int getSimilarityScore(t_message * message1, t_message * message2, unsigned int i, unsigned j) {
short int result = 0;
char * msg1SemanticTag = "None";
char * msg2SemanticTag = "None";
//retrieve semantic token of messages
if (message1->semanticTags != NULL && i < message1->len && message1->semanticTags[i] != NULL && message1->semanticTags[i]->name != NULL) {
msg1SemanticTag = message1->semanticTags[i]->name;
}
if (message2->semanticTags != NULL && j < message2->len && message2->semanticTags[j] != NULL && message2->semanticTags[j]->name != NULL) {
msg2SemanticTag = message2->semanticTags[j]->name;
}
// Computes if its semanticaly close
if (strcmp(msg1SemanticTag, "None") != 0 && strcmp(msg1SemanticTag, msg2SemanticTag) == 0) {
result = SEMANTIC_MATCH;
}
if ( (message1->mask[i - 1] == 0) && (message2->mask[j - 1] == 0) && (message1->alignment[i - 1] == message2->alignment[j - 1])) {
result += MATCH;
} else {
result += MISMATCH;
}
return result;
}
void displayMessage(t_message * message) {
unsigned int i=0;
printf("Data : ");
for (i=0; i< message->len; i++) {
printf("%02x", (unsigned char) message->alignment[i]);
}
printf("\n");
printf("Tags : ");
for (i=0; i< message->len; i++) {
if (message->semanticTags != NULL && message->semanticTags[i] != NULL && message->semanticTags[i]->name != NULL && strcmp(message->semanticTags[i]->name, "None") != 0) {
printf("(%d)%s;", i, message->semanticTags[i]->name);
} else {
printf("..");
}
}
printf("\n");
}

284
netzob-030/lib/libNeedleman/Py_lib/libNeedleman.c Normal file
View File

@@ -0,0 +1,284 @@
// -*- coding: utf-8 -*-
//+---------------------------------------------------------------------------+
//| 01001110 01100101 01110100 01111010 01101111 01100010 |
//| |
//| Netzob : Inferring communication protocols |
//+---------------------------------------------------------------------------+
//| Copyright (C) 2011-2017 Georges Bossert and Frédéric Guihéry |
//| This program is free software: you can redistribute it and/or modify |
//| it under the terms of the GNU General Public License as published by |
//| the Free Software Foundation, either version 3 of the License, or |
//| (at your option) any later version. |
//| |
//| This program is distributed in the hope that it will be useful, |
//| but WITHOUT ANY WARRANTY; without even the implied warranty of |
//| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
//| GNU General Public License for more details. |
//| |
//| You should have received a copy of the GNU General Public License |
//| along with this program. If not, see <http://www.gnu.org/licenses/>. |
//+---------------------------------------------------------------------------+
//| @url : http://www.netzob.org |
//| @contact : contact@netzob.org |
//| @sponsors : Amossys, http://www.amossys.fr |
//| Supélec, http://www.rennes.supelec.fr/ren/rd/cidre/ |
//+---------------------------------------------------------------------------+
//Compilation Windows
//cl -Fe_libNeedleman.pyd -Ox -Ot -openmp -LD /I"C:\Python26\include" /I"C:\Program Files (x86)\Microsoft Visual Studio 9.0\VC\include" libNeedleman.c "C:\Python26\libs\python26.lib" "C:\Program Files (x86)\Microsoft Visual Studio 9.0\VC\lib\vcomp.lib"
//+---------------------------------------------------------------------------+
//| Import Associated Header
//+---------------------------------------------------------------------------+
#include "libNeedleman.h"
#include <time.h>
#ifdef _WIN32
#include <stdio.h>
#include <malloc.h>
#endif
// The Python callback
extern PyObject *python_callback;
static PyMethodDef libNeedleman_methods[] = {
{"getBID", py_getBID, METH_NOARGS, NULL},
{"alignTwoMessages", py_alignTwoMessages, METH_VARARGS, NULL},
{"alignMessages", py_alignMessages, METH_VARARGS, NULL},
{NULL, NULL, 0, NULL}
};
//+---------------------------------------------------------------------------+
//| initlibNeedleman : Python will use this function to init the module
//+---------------------------------------------------------------------------+
PyObject* PyInit__libNeedleman(void) {
static struct PyModuleDef moduledef = {
PyModuleDef_HEAD_INIT,
"_libNeedleman",
NULL,
-1,
libNeedleman_methods,
NULL,
NULL,
NULL,
NULL
};
return PyModule_Create(&moduledef);
}
//+---------------------------------------------------------------------------+
//| py_alignSequences : Python wrapper for alignMessages
//+---------------------------------------------------------------------------+
PyObject* py_alignMessages(__attribute__((unused))PyObject* self, PyObject* args) {
// parameters
PyObject* wrapperFactory;
t_message *messages;
PyObject *temp_cb;
unsigned int doInternalSlick = 0;
unsigned int debugMode = 0;
// local variables
t_message * resMessage;
unsigned int nbMessages = 0;
Bool bool_debugMode;
Bool bool_doInternalSlick;
int parseRet;
t_score score;
// Converts the arguments
if (!PyArg_ParseTuple(args, "hOhO", &doInternalSlick, &temp_cb, &debugMode, &wrapperFactory)) {
PyErr_SetString(PyExc_TypeError, "Error while parsing the arguments provided to py_alignMessages");
return NULL;
}
//+------------------------------------------------------------------------+
// Verify the callback parameter
//+------------------------------------------------------------------------+
if (!PyCallable_Check(temp_cb)) {
PyErr_SetString(PyExc_TypeError, "The provided 2nd parameter should be a callback.");
return NULL;
}
// Parse the callback
Py_XINCREF(temp_cb); /* Add a reference to new callback */
Py_XDECREF(python_callback); /* Dispose of previous callback */
python_callback = temp_cb; /* Remember new callback */
//+------------------------------------------------------------------------+
// Deserializes the provided arguments
//+------------------------------------------------------------------------+
if (debugMode == 1) {
printf("py_alignSequences : Deserialization of the arguments (format, serialMessages).\n");
}
parseRet = parseArgs(wrapperFactory,&nbMessages,&messages);
//Parsing error: PyErr allready set in parseArgs
if(parseRet){
return NULL;
}
// Convert debugMode parameter in a BOOL
if (debugMode) {
bool_debugMode = TRUE;
} else {
bool_debugMode = FALSE;
}
if (debugMode == TRUE) {
printf("A number of %d messages have been deserialized.\n", nbMessages);
}
// Concert doInternalSlick parameter in a BOOL
if (doInternalSlick) {
bool_doInternalSlick = TRUE;
} else {
bool_doInternalSlick = FALSE;
}
// Fix the default values associated with resMessage
resMessage = (t_message *) malloc(sizeof(t_message));
score.s1 = 0;
score.s2 = 0;
score.s3 = 0;
resMessage->score = &score;
resMessage->alignment = malloc(messages[0].len * sizeof(unsigned char));
resMessage->semanticTags = malloc(messages[0].len * sizeof(t_semanticTag*));
for (unsigned int i=0; i<messages[0].len; i++) {
resMessage->semanticTags[i] = malloc(sizeof(t_semanticTag));
}
memset(resMessage->alignment, '\0', messages[0].len);
//+------------------------------------------------------------------------+
// Execute the alignment process
//+------------------------------------------------------------------------+
int t=clock();
alignMessages(resMessage, bool_doInternalSlick, nbMessages, messages, bool_debugMode);
int t1=clock();
if (debugMode == 1) {
printf ("It took %f operation to align messages.\n",(float)(t1-t)/CLOCKS_PER_SEC);
}
// Return the serialization of the message
return serializeMessage(resMessage);
}
//+---------------------------------------------------------------------------+
//| py_alignTwoMessages : Python wrapper for alignTwoMessages
//+---------------------------------------------------------------------------+
PyObject* py_alignTwoMessages(__attribute__((unused))PyObject* self, PyObject* args) {
// Parameters (in order)
unsigned int doInternalSlick = 0;
char *format;
int sizeFormat;
unsigned char *serialMessages;
int sizeSerialMessages;
unsigned int debugMode = 0;
// local variables
unsigned int nbDeserializedMessage = 0;
t_message message1;
t_score scoreMessage1;
t_message message2;
t_score scoreMessage2;
t_message resMessage;
t_score score;
t_group group;
Bool bool_doInternalSlick;
Bool bool_debugMode;
// Converts the arguments
if (!PyArg_ParseTuple(args, "hs#s#h", &doInternalSlick, &format, &sizeFormat, &serialMessages, &sizeSerialMessages, &debugMode)) {
PyErr_SetString(PyExc_TypeError, "Error while parsing the arguments provided to py_alignTwoMessages");
return NULL;
}
//+------------------------------------------------------------------------+
// Deserializes the provided arguments
//+------------------------------------------------------------------------+
if (debugMode == 1) {
printf("The following arguments were received : \n");
printf("doInternalSlick : %d\n", doInternalSlick);
printf("Format :\n");
hexdump((unsigned char*)format, sizeFormat);
printf("Serial :\n");
hexdump(serialMessages, sizeSerialMessages);
printf("Debug mode : %d\n", debugMode);
}
// Deserialization of messages
group.len = 2;
group.messages = malloc(2*sizeof(t_message));
nbDeserializedMessage = deserializeMessages(&group, format, serialMessages, 2, debugMode);
if (nbDeserializedMessage != 2) {
printf("Error : impossible to deserialize all the provided messages.\n");
return NULL;
}
//+------------------------------------------------------------------------+
// Execute the alignment of two messages
//+------------------------------------------------------------------------+
// Convert debugMode parameter in a BOOL
if (debugMode) {
bool_debugMode = TRUE;
} else {
bool_debugMode = FALSE;
}
// Concert doInternalSlick parameter in a BOOL
if (doInternalSlick) {
bool_doInternalSlick = TRUE;
} else {
bool_doInternalSlick = FALSE;
}
// Establishes message1
message1.len = group.messages[0].len;
scoreMessage1.s1 = 0;
scoreMessage1.s2 = 0;
scoreMessage1.s3 = 0;
message1.score = &scoreMessage1;
message1.alignment = group.messages[0].alignment;
message1.mask = malloc(group.messages[0].len * sizeof(unsigned char));
memset(message1.mask, 0, group.messages[0].len);
// Establishes message2
message2.len = group.messages[1].len;
scoreMessage2.s1 = 0;
scoreMessage2.s2 = 0;
scoreMessage2.s3 = 0;
message2.score = &scoreMessage2;
message2.alignment = group.messages[1].alignment;
message2.mask = malloc(group.messages[1].len * sizeof(unsigned char));
memset(message2.mask, 0, group.messages[1].len);
// Prepare the response
resMessage.len = 0;
score.s1 = 0;
score.s2 = 0;
score.s3 = 0;
resMessage.score = &score;/*
if (message1.len >= message2.len) {
resMessage.mask = malloc(message1.len * sizeof(unsigned char));
memset(resMessage.mask, 0, message1.len);
resMessage.alignment = malloc(message1.len * sizeof(unsigned char));
memset(resMessage.alignment, 0, message1.len);
} else {
resMessage.mask = malloc(message2.len * sizeof(unsigned char));
memset(resMessage.mask, 0, message2.len);
resMessage.alignment = malloc(message2.len * sizeof(unsigned char));
memset(resMessage.alignment, 0, message2.len);
}*/
// Execute the C function
alignTwoMessages(&resMessage, bool_doInternalSlick, &message1, &message2, bool_debugMode);
free(message1.mask);
free(message2.mask);
// Return the result
return serializeMessage(&resMessage);
}

177
netzob-030/lib/libNeedleman/Py_lib/libScoreComputation.c Normal file
View File

@@ -0,0 +1,177 @@
// -*- coding: utf-8 -*-
//+---------------------------------------------------------------------------+
//| 01001110 01100101 01110100 01111010 01101111 01100010 |
//| |
//| Netzob : Inferring communication protocols |
//+---------------------------------------------------------------------------+
//| Copyright (C) 2011-2017 Georges Bossert and Frédéric Guihéry |
//| This program is free software: you can redistribute it and/or modify |
//| it under the terms of the GNU General Public License as published by |
//| the Free Software Foundation, either version 3 of the License, or |
//| (at your option) any later version. |
//| |
//| This program is distributed in the hope that it will be useful, |
//| but WITHOUT ANY WARRANTY; without even the implied warranty of |
//| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
//| GNU General Public License for more details. |
//| |
//| You should have received a copy of the GNU General Public License |
//| along with this program. If not, see <http://www.gnu.org/licenses/>. |
//+---------------------------------------------------------------------------+
//| @url : http://www.netzob.org |
//| @contact : contact@netzob.org |
//| @sponsors : Amossys, http://www.amossys.fr |
//| Supélec, http://www.rennes.supelec.fr/ren/rd/cidre/ |
//+---------------------------------------------------------------------------+
//Compilation Windows
//cl -Fe_libScoreComputation.pyd -Ox -Ot -openmp -LD /I"C:\Python26\include" /I"C:\Program Files (x86)\Microsoft Visual Studio 9.0\VC\include" libScoreComputation.c "C:\Python26\libs\python26.lib" "C:\Program Files (x86)\Microsoft Visual Studio 9.0\VC\lib\vcomp.lib"
//+---------------------------------------------------------------------------+
//| Import Associated Header
//+---------------------------------------------------------------------------+
#include "libScoreComputation.h"
#ifdef _WIN32
#include <stdio.h>
#include <malloc.h>
#endif
// The Python callback
extern PyObject *python_callback;
extern PyObject *python_callback_isFinish;
static PyMethodDef libScoreComputation_methods[] = {
{"getBID", py_getBID, METH_NOARGS, NULL},
{"computeSimilarityMatrix", py_computeSimilarityMatrix, METH_VARARGS, NULL},
{NULL, NULL, 0, NULL}
};
//+---------------------------------------------------------------------------+
//| initlibScoreComputation : Python will use this function to init the module
//+---------------------------------------------------------------------------+
PyObject* PyInit__libScoreComputation(void) {
static struct PyModuleDef moduledef = {
PyModuleDef_HEAD_INIT,
"_libScoreComputation",
NULL,
-1,
libScoreComputation_methods,
NULL,
NULL,
NULL,
NULL
};
return PyModule_Create(&moduledef);
}
//+---------------------------------------------------------------------------+
//| py_computeSimilarityMatrix : Python wrapper for computeSimilarityMatrix
//+---------------------------------------------------------------------------+
PyObject* py_computeSimilarityMatrix(__attribute__((unused))PyObject* self, PyObject* args) {
unsigned int doInternalSlick = 0;
unsigned int debugMode = 0;
int i = 0;
unsigned int j = 0;
PyObject *temp_cb;
PyObject *temp2_cb;
Bool bool_debugMode;
PyObject* wrapperFactory;
float **scoreMatrix = NULL;
t_message *mesmessages;
long nbmessage = 0;
// Converts the arguments
if (!PyArg_ParseTuple(args, "hOOhO", &doInternalSlick, &temp_cb, &temp2_cb, &debugMode,&wrapperFactory)) {
PyErr_SetString(PyExc_TypeError, "Error while parsing the arguments provided to py_getHighestEquivalentGroup");
return NULL;
}
if (!PyCallable_Check(temp_cb)) {
PyErr_SetString(PyExc_TypeError, "The provided argument (status) should be callback");
return NULL;
}
if (!PyCallable_Check(temp2_cb)) {
PyErr_SetString(PyExc_TypeError, "The provided argument (is finish) should be callback");
return NULL;
}
// Parse the callback
Py_XINCREF(temp_cb); /* Add a reference to new callback */
Py_XDECREF(python_callback); /* Dispose of previous callback */
python_callback = temp_cb; /* Remember new callback */
// Parse the callback2
Py_XINCREF(temp2_cb); /* Add a reference to new callback */
Py_XDECREF(python_callback_isFinish); /* Dispose of previous callback */
python_callback_isFinish = temp2_cb; /* Remember new callback */
int parseRet;
parseRet = parseArgs(wrapperFactory, &nbmessage, &mesmessages);
//Parsing error: PyErr allready set in parseArgs
if(parseRet){
return NULL;
}
//init matrix
scoreMatrix = (float**) malloc (nbmessage*sizeof(float*));
for(i=0;i<nbmessage;i++)
{
scoreMatrix[i] = calloc (nbmessage,sizeof(float*));
}
// Convert debugMode parameter in a BOOL
if (debugMode) {
bool_debugMode = TRUE;
printf("Compute Similarity Matrix for %ld messages\n", nbmessage);
} else {
bool_debugMode = FALSE;
}
computeSimilarityMatrix(nbmessage, mesmessages, bool_debugMode, scoreMatrix);
//Compute the scores recorded in a python list://TODO Return Factory
PyObject *recordedScores = PyList_New((nbmessage*(nbmessage-1))/2);
if (!recordedScores)
return NULL;
int i_record = 0;
int j_record = 0;
int current_index = 0;
for (i_record = 0; i_record < nbmessage; i_record++) {
for(j_record = i_record + 1; j_record < nbmessage; j_record++){
PyObject *s = PyFloat_FromDouble((double)scoreMatrix[i_record][j_record]);
PyObject *i_p = PyUnicode_FromString(mesmessages[i_record].uid);
PyObject *j_p = PyUnicode_FromString(mesmessages[j_record].uid);
PyObject *res = PyList_New(3);
if (!s || !i_p || !j_p || !res) {
Py_XDECREF(recordedScores);
return NULL;
}
PyList_SET_ITEM(res,0,i_p);
PyList_SET_ITEM(res,1,j_p);
PyList_SET_ITEM(res,2,s);
PyList_SET_ITEM(recordedScores, current_index, res); // reference to num stolen
current_index++;
}
}
//Free all //TODO: do a freeFactory
for(i=0; i<nbmessage; i++) {
for (j=0; j<mesmessages[i].len; j++) {
free(mesmessages[i].semanticTags[j]);
}
free(mesmessages[i].semanticTags);
free(mesmessages[i].mask);
free(scoreMatrix[i]);
}
free(scoreMatrix);
free(mesmessages);
return Py_BuildValue("S", recordedScores);
}

109
netzob-030/lib/libNeedleman/scoreComputation.c Normal file
View File

@@ -0,0 +1,109 @@
// -*- coding: utf-8 -*-
//+---------------------------------------------------------------------------+
//| 01001110 01100101 01110100 01111010 01101111 01100010 |
//| |
//| Netzob : Inferring communication protocols |
//+---------------------------------------------------------------------------+
//| Copyright (C) 2011-2017 Georges Bossert and Frédéric Guihéry |
//| This program is free software: you can redistribute it and/or modify |
//| it under the terms of the GNU General Public License as published by |
//| the Free Software Foundation, either version 3 of the License, or |
//| (at your option) any later version. |
//| |
//| This program is distributed in the hope that it will be useful, |
//| but WITHOUT ANY WARRANTY; without even the implied warranty of |
//| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
//| GNU General Public License for more details. |
//| |
//| You should have received a copy of the GNU General Public License |
//| along with this program. If not, see <http://www.gnu.org/licenses/>. |
//+---------------------------------------------------------------------------+
//| @url : http://www.netzob.org |
//| @contact : contact@netzob.org |
//| @sponsors : Amossys, http://www.amossys.fr |
//| Supélec, http://www.rennes.supelec.fr/ren/rd/cidre/ |
//+---------------------------------------------------------------------------+
//Compilation Windows
//cl -Fe_libScoreComputation.pyd -Ox -Ot -openmp -LD /I"C:\Python26\include" /I"C:\Program Files (x86)\Microsoft Visual Studio 9.0\VC\include" libScoreComputation.c "C:\Python26\libs\python26.lib" "C:\Program Files (x86)\Microsoft Visual Studio 9.0\VC\lib\vcomp.lib"
//+---------------------------------------------------------------------------+
//| Import Associated Header
//+---------------------------------------------------------------------------+
#include "scoreComputation.h"
#ifdef _WIN32
#include <stdio.h>
#include <malloc.h>
#endif
/**
computeSimilarityMatrix:
This functions computes a matrix which contains the similarity scores
between the provided messages
@param nbMessage: the number of provided messages in the param messages
@param messages: a list containing messages to work with
@param debug: activate or deactive debug messages
@param scoreMatrix: a double-dimension array where the matrix score will be stored
*/
void computeSimilarityMatrix(int nbMessage, t_message* messages, Bool debugMode, float** scoreMatrix) {
int i;
t_message tmpResultMessage;
t_score score;
// local variable
int p = 0;
/**
Stops the execution if user requested so
*/
if (callbackIsFinish() == 1) {
return;
}
/**
We loop over each different couple of messages
messages[i] and messages [p] with i < p
(diag. superior matrix)
*/
for (i = 0; i < nbMessage; i++) {
/**
Stops the execution if user requested so
*/
if (callbackIsFinish() == 1) {
return;
}
for (p = i + 1; p < nbMessage; p++) {
/**
Computes the NeedlemanScore between messages i and p
result is stored in the matrix[i][p]
*/
tmpResultMessage.len = 0;
score.s1 = 0;
score.s2 = 0;
score.s3 = 0;
tmpResultMessage.score = &score;
if (debugMode) {
printf("Align two messages (%d, %d)\n", i, p);
}
char * regex = alignTwoMessages(&tmpResultMessage, FALSE, &messages[i], &messages[p], debugMode);
if (debugMode) {
printf("Regex = %s\n", regex);
}
free(regex);
scoreMatrix[i][p] = computeDistance(tmpResultMessage.score);
}
/**
Update the current status
*/
double val = (double) 100.0 * (i * nbMessage + nbMessage - 1) / ((nbMessage - 1) * (nbMessage + 1));
if (callbackStatus(0,val,"Building Status (%.2lf %%)",(float) val) == -1) {
printf("Error, error while executing C callback.\n");
}
}
}

193
netzob-030/lib/libRelation/Py_lib/libRelation.c Normal file
View File

@@ -0,0 +1,193 @@
// -*- coding: utf-8 -*-
//+---------------------------------------------------------------------------+
//| 01001110 01100101 01110100 01111010 01101111 01100010 |
//| |
//| Netzob : Inferring communication protocols |
//+---------------------------------------------------------------------------+
//| Copyright (C) 2011-2017 Georges Bossert and Frédéric Guihéry |
//| This program is free software: you can redistribute it and/or modify |
//| it under the terms of the GNU General Public License as published by |
//| the Free Software Foundation, either version 3 of the License, or |
//| (at your option) any later version. |
//| |
//| This program is distributed in the hope that it will be useful, |
//| but WITHOUT ANY WARRANTY; without even the implied warranty of |
//| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
//| GNU General Public License for more details. |
//| |
//| You should have received a copy of the GNU General Public License |
//| along with this program. If not, see <http://www.gnu.org/licenses/>. |
//+---------------------------------------------------------------------------+
//| @url : http://www.netzob.org |
//| @contact : contact@netzob.org |
//| @sponsors : Amossys, http://www.amossys.fr |
//| Supélec, http://www.rennes.supelec.fr/ren/rd/cidre/ |
//+---------------------------------------------------------------------------+
#include <stdio.h>
#include "libRelation.h"
#include "relation.h"
#define DEXC(stmt) if (stmt) PyErr_Print()
PyObject *exception = NULL;
static PyMethodDef relation_methods[] = {
{"find", py_find, METH_VARARGS,
"Iterate over relation algorithms"},
{NULL, NULL, 0, NULL}
};
PyObject* PyInit__libRelation(void) {
static struct PyModuleDef moduledef = {
PyModuleDef_HEAD_INIT,
"_libRelation",
NULL,
-1,
relation_methods,
NULL,
NULL,
NULL,
NULL
};
return PyModule_Create(&moduledef);
/* PyObject *d = PyDict_New(); */
/* exception = PyErr_NewException("_libRelation.error", NULL, NULL); */
/* PyDict_SetItemString(d, "error", exception); */
}
/*
* C wrapper for function "find" of _libRelation.
* This functions takes a two-dimension array built like this:
* > [(m0f0, m0f1, ...), (m1f0, m1f1, ...)]
*/
static PyObject*
py_find(__attribute__((unused))PyObject* self, PyObject* args) {
PyObject* pListCells;
PyObject* pCells;
PyObject* pCell;
PyObject* pDm = NULL;
size_t cells_hlen, cells_vlen;
unsigned int i, j;
char ***pppCells = NULL;
struct relation_datamodel* dm = NULL;
/* Parse arguments */
if ((pListCells = PyTuple_GetItem(args, 0)) == NULL) {
fprintf(stderr, "ERROR: Unable to parse args\n");
goto end;
}
/* Check type of arguments */
if (!PySequence_Check(pListCells)) {
fprintf(stderr, "ERROR: Unable to parse arg as list\n");
goto end;
}
cells_hlen = PySequence_Size(pListCells);
if ((pppCells = malloc(cells_hlen * sizeof(*pppCells))) == NULL)
goto end;
/* Allocation is based on the length of the first row */
pCells = PySequence_GetItem(pListCells, 0);
if (!PySequence_Check(pCells)) {
fprintf(stderr, "ERROR: Unable to get list item\n");
goto end;
}
/* Do str dups */
cells_vlen = PySequence_Size(pCells);
for (i = 0; i < cells_hlen; i++) {
/* Get, check and copy messages refs */
pCells = PySequence_GetItem(pListCells, i);
if (!PySequence_Check(pCells))
goto end2;
if ((pppCells[i] = malloc(cells_vlen * sizeof(**pppCells))) == NULL)
goto end2;
for (j = 0; j < cells_vlen; j++) {
/* Get, check and copy cells */
pCell = PySequence_GetItem(pCells, j);
if (!PyBytes_Check(pCell))
goto end2;
if ((pppCells[i][j] = malloc(PyBytes_Size(pCell) * sizeof(**pppCells))) == NULL)
goto end2;
strcpy(pppCells[i][j], PyBytes_AsString(pCell));
}
}
relation_find(&dm, (const char***)pppCells, cells_hlen, cells_vlen);
pDm = create_python_dm(dm);
end2:
for (i = 0; i < cells_hlen; i++) {
if (pppCells[i] != NULL)
for (j = 0; j < cells_vlen; j++)
if (pppCells[i][j] != NULL)
free(pppCells[i][j]);
free(pppCells[i]);
}
end:
if (pppCells != NULL)
free(pppCells);
return pDm;
}
/*
* Convert the native datamodel to a Python structure.
*/
static PyObject*
create_python_dm(struct relation_datamodel* dm)
{
struct relation_datamodel* dm_it = dm;
struct relation_matches* matches;
struct relation_matches* matches_tmp;
PyObject* pDm = NULL;
PyObject* pAlgoName;
PyObject* pRefs;
PyObject* pRefConfig;
PyObject* pRels;
PyObject* pRelConfig;
if (!(pDm = PyDict_New()))
goto error;
while (dm_it) {
pAlgoName = PyBytes_FromString(dm_it->algo_name);
/* Amend/append a algo/match node */
if (!(pRefs = PyDict_GetItem(pDm, pAlgoName)))
if (!(pRefs = PyList_New(0)))
goto error;
matches = dm_it->matches;
while (matches != NULL) {
pRelConfig = Py_BuildValue("(Ikk)",
matches->match.cell_rel_idx,
matches->match.cell_rel_off,
matches->match.cell_rel_size);
pRels = Py_BuildValue("[O]", pRelConfig);
pRefConfig = Py_BuildValue("(IOOO)",
matches->match.cell_ref_idx,
Py_None,
Py_None,
pRels);
PyList_Append(pRefs, pRefConfig);
matches_tmp = matches->next;
free(matches);
matches = matches_tmp;
}
/* Append configuration of reference as tuple */
PyDict_SetItem(pDm, pAlgoName , pRefs);
/* next algo */
dm_it = dm_it->next;
}
return pDm;
error:
Py_RETURN_NONE;
}

25
netzob-030/lib/libRelation/algorithms/Makefile Normal file
View File

@@ -0,0 +1,25 @@
DEBUG=no
SRC=rel_test.c \
rel_equality.c \
rel_size.c
OBJ=$(SRC:.c=.o)
SOBJ=$(OBJ:.o=.so)
CFLAGS=-fPIC -I../../includes
LDFLAGS=-L/usr/lib
ifeq ($(DEBUG),yes)
CFLAGS+= -g -D__DEBUG__
endif
all: $(SOBJ)
%.o: %.c
$(CC) -c -pthread $(CFLAGS) $< -o $@
%.so: %.o
$(CC) -shared -Wl,-soname,$@ $(LDFLAGS) $< -o $@
clean:
$(RM) $(OBJ) $(SOBJ)
re: clean all

161
netzob-030/lib/libRelation/algorithms/rel_equality.c Normal file
View File

@@ -0,0 +1,161 @@
// -*- coding: utf-8 -*-
//+---------------------------------------------------------------------------+
//| 01001110 01100101 01110100 01111010 01101111 01100010 |
//| |
//| Netzob : Inferring communication protocols |
//+---------------------------------------------------------------------------+
//| Copyright (C) 2011-2017 Georges Bossert and Frédéric Guihéry |
//| This program is free software: you can redistribute it and/or modify |
//| it under the terms of the GNU General Public License as published by |
//| the Free Software Foundation, either version 3 of the License, or |
//| (at your option) any later version. |
//| |
//| This program is distributed in the hope that it will be useful, |
//| but WITHOUT ANY WARRANTY; without even the implied warranty of |
//| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
//| GNU General Public License for more details. |
//| |
//| You should have received a copy of the GNU General Public License |
//| along with this program. If not, see <http://www.gnu.org/licenses/>. |
//+---------------------------------------------------------------------------+
//| @url : http://www.netzob.org |
//| @contact : contact@netzob.org |
//| @sponsors : Amossys, http://www.amossys.fr |
//| Supélec, http://www.rennes.supelec.fr/ren/rd/cidre/ |
//+---------------------------------------------------------------------------+
#include <stdio.h>
#include <stdint.h>
#include <stdlib.h>
#include <string.h>
#include "relation.h"
static unsigned int MIN_SIZE = 2;
/*
* wrapper of string comparison used to detect a relation with the
* specified parameters.
*/
static int
get_match(const char* cell_ref, const char* cell_rel,
size_t start, size_t len)
{
int ret;
#if defined(__DEBUG__) && false
char* new_rel;
if ((new_rel = malloc((len + 1) * sizeof(*new_rel)))) {
new_rel[len] = '\0';
DLOG("%s == %s ?", cell_ref, strncpy(new_rel, &cell_rel[start], len));
free(new_rel);
}
#endif
ret = strncmp(cell_ref, &cell_rel[start], len);
#if defined(__DEBUG__) && false
DLOG(" %d\n", ret);
#endif
return ret;
}
/*
* Append a node to the set of matches.
*/
static struct relation_matches*
append_match(struct relation_matches** matches,
const struct relation_match* match)
{
struct relation_matches* new = NULL;
if (!(new = malloc(sizeof(*new))))
return NULL;
new->next = *matches;
memcpy(&new->match, match, sizeof(new->match));
*matches = new;
return new;
}
/*
* Returns the first non-matching message index.
*/
static int
verify_match(const char*** messages, size_t msgs_len, size_t cells_len,
const struct relation_match* match)
{
int i;
int ret = 0;
const char** cells;
const char* ref;
const char* rel;
DLOG("Verifying M%04d", 0);
for (i = 0; i < msgs_len; i++) {
if (i == match->message_idx)
continue;
cells = messages[i];
ref = cells[match->cell_ref_idx];
rel = cells[match->cell_rel_idx];
DLOG2("\b\b\b\b%04d", i);
if (get_match(ref, rel, match->cell_rel_off, match->cell_rel_size)) {
ret = i;
break;
}
}
DLOG2("\n");
return ret;
}
/*
* Main function used to build a set of matches.
*/
static struct relation_matches*
relation_equality_find(const char*** messages, int row, int idx,
size_t vlen, size_t hlen)
{
int i, ret;
size_t off;
int found = 0;
int match_res;
const char** cells;
const char* ref;
size_t ref_len;
const char* rel;
size_t rel_len;
struct relation_matches* matches = NULL;
struct relation_match match;
cells = messages[row];
ref = cells[idx];
ref_len = strlen(ref);
for (i = 0; i < hlen; i++) {
rel = cells[i];
rel_len = strlen(rel);
if (i != idx && rel && ref_len <= rel_len && ref_len >= MIN_SIZE) {
for (off = 0; off <= rel_len - ref_len; off++) {
if (!(match_res = get_match(ref, rel, off, ref_len))) {
match.message_idx = row;
match.cell_ref_idx = idx;
match.cell_rel_idx = i;
match.cell_rel_off = off;
match.cell_rel_size = ref_len;
DLOG("possible match found: M%d F%d[:], F%d[%ld:%ld] (%s)\n",
row, idx, i, off, off+ref_len, ref);
if ((ret = verify_match(messages, vlen, hlen,
(const struct relation_match*)&match)) != 0) {
DLOG("verification failed at M%d\n", ret);
continue;
}
DLOG("MATCH FOUND\n");
DLOG(">> %p\n", matches);
append_match(&matches, (const struct relation_match*)&match);
DLOG(">> %p\n", matches);
}
}
}
}
return matches;
}
struct relation_algorithm_operations operations = {
.name = "equality",
.find = relation_equality_find
};

189
netzob-030/lib/libRelation/algorithms/rel_size.c Normal file
View File

@@ -0,0 +1,189 @@
// -*- coding: utf-8 -*-
//+---------------------------------------------------------------------------+
//| 01001110 01100101 01110100 01111010 01101111 01100010 |
//| |
//| Netzob : Inferring communication protocols |
//+---------------------------------------------------------------------------+
//| Copyright (C) 2011-2017 Georges Bossert and Frédéric Guihéry |
//| This program is free software: you can redistribute it and/or modify |
//| it under the terms of the GNU General Public License as published by |
//| the Free Software Foundation, either version 3 of the License, or |
//| (at your option) any later version. |
//| |
//| This program is distributed in the hope that it will be useful, |
//| but WITHOUT ANY WARRANTY; without even the implied warranty of |
//| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
//| GNU General Public License for more details. |
//| |
//| You should have received a copy of the GNU General Public License |
//| along with this program. If not, see <http://www.gnu.org/licenses/>. |
//+---------------------------------------------------------------------------+
//| @url : http://www.netzob.org |
//| @contact : contact@netzob.org |
//| @sponsors : Amossys, http://www.amossys.fr |
//| Supélec, http://www.rennes.supelec.fr/ren/rd/cidre/ |
//+---------------------------------------------------------------------------+
#include <stdio.h>
#include <stdint.h>
#include <stdlib.h>
#include <string.h>
#include "relation.h"
static unsigned int MIN_SIZE = 2;
/*
* wrapper of string comparison used to detect a relation with the
* specified parameters.
*/
static int
get_match(const char* cell_ref, const char* cell_rel,
size_t start, size_t len)
{
int ret = -1;
size_t size_ref, size_rel;
char* remaining_str;
unsigned long val_integer;
char* tmp_cell_rel;
DLOG(" ref=%s, rel=%s, start=%d, len=%d\n", cell_ref, cell_rel, start, len);
#if defined(__DEBUG__) && false
char* new_rel;
if ((new_rel = malloc((len + 1) * sizeof(*new_rel)))) {
new_rel[len] = '\0';
DLOG("%s == %s ?", cell_ref, strncpy(new_rel, &cell_rel[start], len));
free(new_rel);
}
#endif
tmp_cell_rel = malloc(len + 1);
strncpy(tmp_cell_rel, &cell_ref[start], len);
tmp_cell_rel[2] = '\0';
val_integer = strtoul(tmp_cell_rel, &remaining_str, 16);
// printf("PANNNN: %s\n", tmp_cell_rel);
// printf("PANNNN: %ud\n\n", val_integer);
free(tmp_cell_rel);
DLOG("strlen(cell_rel)=%d\n", strlen(cell_rel));
if (val_integer != 0 && val_integer == (strlen(cell_rel) / 2)) {
DLOG(" OK!!\n");
ret = 0;
}
else
ret = -1;
// ret = strncmp(cell_ref, &cell_rel[start], len);
#if defined(__DEBUG__) && false
DLOG(" %d\n", ret);
#endif
return ret;
}
/*
* Append a node to the set of matches.
*/
static struct relation_matches*
append_match(struct relation_matches** matches,
const struct relation_match* match)
{
struct relation_matches* new = NULL;
if (!(new = malloc(sizeof(*new))))
return NULL;
new->next = *matches;
memcpy(&new->match, match, sizeof(new->match));
*matches = new;
return new;
}
/*
* Returns the first non-matching message index.
*/
static int
verify_match(const char*** messages, size_t msgs_len, size_t cells_len,
const struct relation_match* match)
{
int i;
int ret = 0;
const char** cells;
const char* ref;
const char* rel;
DLOG("Verifying M%04d", 0);
for (i = 0; i < msgs_len; i++) {
if (i == match->message_idx)
continue;
cells = messages[i];
ref = cells[match->cell_ref_idx];
rel = cells[match->cell_rel_idx];
DLOG2("\b\b\b\b%04d", i);
if (get_match(ref, rel, match->cell_rel_off, match->cell_rel_size)) {
ret = i;
break;
}
}
DLOG2("\n");
return ret;
}
/*
* Main function used to build a set of matches.
*/
static struct relation_matches*
relation_size_find(const char*** messages, int row, int idx,
size_t vlen, size_t hlen)
{
int i, ret;
size_t off;
int found = 0;
int match_res;
const char** cells;
const char* ref;
size_t ref_len;
const char* rel;
size_t rel_len;
struct relation_matches* matches = NULL;
struct relation_match match;
cells = messages[row];
ref = cells[idx];
ref_len = strlen(ref);
for (i = 0; i < hlen; i++) {
if (idx == 5)
DLOG(" i = %d\n", i);
rel = cells[i];
rel_len = strlen(rel);
if (i != idx && rel && ref_len >= MIN_SIZE) {
off = 0;
// for (off = 0; off <= rel_len; off++) {
if (!(match_res = get_match(ref, rel, off, ref_len))) {
match.message_idx = row;
match.cell_ref_idx = idx;
match.cell_rel_idx = i;
match.cell_rel_off = off;
match.cell_rel_size = ref_len;
DLOG("possible match found: M%d F%d[:], F%d[%ld:%ld] (%s)\n",
row, idx, i, off, off+ref_len, ref);
if ((ret = verify_match(messages, vlen, hlen,
(const struct relation_match*)&match)) != 0) {
DLOG("verification failed at M%d\n", ret);
continue;
}
DLOG("MATCH FOUND\n");
DLOG(">> %p\n", matches);
append_match(&matches, (const struct relation_match*)&match);
DLOG(">> %p\n", matches);
}
// }
}
}
return matches;
}
struct relation_algorithm_operations operations = {
.name = "size",
.find = relation_size_find
};

40
netzob-030/lib/libRelation/algorithms/rel_test.c Normal file
View File

@@ -0,0 +1,40 @@
// -*- coding: utf-8 -*-
//+---------------------------------------------------------------------------+
//| 01001110 01100101 01110100 01111010 01101111 01100010 |
//| |
//| Netzob : Inferring communication protocols |
//+---------------------------------------------------------------------------+
//| Copyright (C) 2011-2017 Georges Bossert and Frédéric Guihéry |
//| This program is free software: you can redistribute it and/or modify |
//| it under the terms of the GNU General Public License as published by |
//| the Free Software Foundation, either version 3 of the License, or |
//| (at your option) any later version. |
//| |
//| This program is distributed in the hope that it will be useful, |
//| but WITHOUT ANY WARRANTY; without even the implied warranty of |
//| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
//| GNU General Public License for more details. |
//| |
//| You should have received a copy of the GNU General Public License |
//| along with this program. If not, see <http://www.gnu.org/licenses/>. |
//+---------------------------------------------------------------------------+
//| @url : http://www.netzob.org |
//| @contact : contact@netzob.org |
//| @sponsors : Amossys, http://www.amossys.fr |
//| Supélec, http://www.rennes.supelec.fr/ren/rd/cidre/ |
//+---------------------------------------------------------------------------+
#include "relation.h"
static struct relation_matches*
relation_test_find(const char** messages, int row, int idx,
size_t vlen, size_t hlen)
{
return NULL;
}
struct relation_algorithm_operations operations = {
.name = "test",
.find = relation_test_find
};

163
netzob-030/lib/libRelation/relation.c Normal file
View File

@@ -0,0 +1,163 @@
// -*- coding: utf-8 -*-
//+---------------------------------------------------------------------------+
//| 01001110 01100101 01110100 01111010 01101111 01100010 |
//| |
//| Netzob : Inferring communication protocols |
//+---------------------------------------------------------------------------+
//| Copyright (C) 2011-2017 Georges Bossert and Frédéric Guihéry |
//| This program is free software: you can redistribute it and/or modify |
//| it under the terms of the GNU General Public License as published by |
//| the Free Software Foundation, either version 3 of the License, or |
//| (at your option) any later version. |
//| |
//| This program is distributed in the hope that it will be useful, |
//| but WITHOUT ANY WARRANTY; without even the implied warranty of |
//| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
//| GNU General Public License for more details. |
//| |
//| You should have received a copy of the GNU General Public License |
//| along with this program. If not, see <http://www.gnu.org/licenses/>. |
//+---------------------------------------------------------------------------+
//| @url : http://www.netzob.org |
//| @contact : contact@netzob.org |
//| @sponsors : Amossys, http://www.amossys.fr |
//| Supélec, http://www.rennes.supelec.fr/ren/rd/cidre/ |
//+---------------------------------------------------------------------------+
#define _GNU_SOURCE
#include <dirent.h>
#include <dlfcn.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include "relation.h"
static const char* algorithm_path = "lib/libRelation/algorithms";
/*
* Build a native datamodel containing results.
*/
void
relation_find(struct relation_datamodel** dm,
const char*** data,
size_t vlen, size_t hlen)
{
unsigned int i, j;
struct relation_matches* matches;
struct relation_algorithm_operations_list* algo_opers;
algo_opers = search_algorithms();
while (algo_opers) {
DLOG("ALGO %s\n", algo_opers->data.name);
for (i = 0; i < vlen; i++) {
for (j = 0; j < hlen; j++) {
DLOG("-- idx = %d\n", j);
matches = algo_opers->data.find(data, i, j, vlen, hlen);
if (matches != NULL)
append_algo_matches(dm, algo_opers, matches);
}
/* only search over the first row, others are useless */
break;
}
algo_opers = algo_opers->next;
}
clean_algo(algo_opers);
}
/*
* Append a result to the datamodel structure.
*/
struct relation_datamodel*
append_algo_matches(struct relation_datamodel** dm,
struct relation_algorithm_operations_list* opers,
struct relation_matches* matches)
{
struct relation_datamodel* new;
if (!(new = malloc(sizeof(*new))))
return NULL;
new->next = *dm;
new->matches = matches;
new->algo_name = opers->data.name;
*dm = new;
return new;
}
/*
* Build a list of libRelation algorithm.
* This structure contains a handle returned by dlopen() of libraries.
*/
struct relation_algorithm_operations_list*
search_algorithms(void)
{
DIR* pDir;
struct dirent* entry;
void* pLib;
char* libPath;
int libPathLen;
struct relation_algorithm_operations* algo_oper;
struct relation_algorithm_operations_list* algo_opers = NULL;
struct relation_algorithm_operations_list* algo_opers_prev = NULL;
DLOG("Searching in %s\n", algorithm_path);
if ((pDir = opendir(algorithm_path)) == NULL)
goto end;
while ((entry = readdir(pDir)) != NULL) {
if (strstr(entry->d_name, ".so") != NULL) {
libPathLen = strlen(algorithm_path) + 1 + strlen(entry->d_name);
if (!(libPath = malloc(sizeof(*libPath) * (libPathLen + 1)))) {
perror("search_algorithms()");
goto end;
}
if (snprintf(libPath, libPathLen + 1, "%s/%s", algorithm_path, entry->d_name) != libPathLen) {
fprintf(stderr, "snprintf() failed at %s:%d\n", __FILE__, __LINE__);
fprintf(stderr, " %s\n", libPath);
goto end;
}
if (!(pLib = dlopen(libPath, RTLD_NOW|RTLD_GLOBAL))) {
DLOG("Skipping '%s'\n", libPath);
goto next;
}
dlerror(); // clear last error
algo_oper = dlsym(pLib, "operations");
/* Check current error flag */
if (dlerror() != NULL)
goto next;
DLOG("[%s] Operations loaded\n", libPath);
if (!(algo_opers = malloc(sizeof(*algo_opers))))
goto next;
algo_opers->next = algo_opers_prev;
algo_opers->pHandle = pLib;
memcpy(&algo_opers->data, algo_oper, sizeof(*algo_oper));
algo_opers_prev = algo_opers;
DLOG("[%s] Algo added\n", algo_opers->data.name);
next:
free(libPath);
continue;
}
}
closedir(pDir);
end:
return algo_opers;
}
/*
* Correctly free a relation_algorithm_operations_list recursively.
*/
void
clean_algo(struct relation_algorithm_operations_list* algo)
{
struct relation_algorithm_operations_list* cur = algo;
struct relation_algorithm_operations_list* next;
while (cur) {
if (cur->pHandle)
dlclose(cur->pHandle);
next = cur->next;
free(cur);
cur = next;
}
}

42
netzob-030/lib/tools/getBID.c Normal file
View File

@@ -0,0 +1,42 @@
// -*- coding: utf-8 -*-
//+---------------------------------------------------------------------------+
//| 01001110 01100101 01110100 01111010 01101111 01100010 |
//| |
//| Netzob : Inferring communication protocols |
//+---------------------------------------------------------------------------+
//| Copyright (C) 2011-2017 Georges Bossert and Frédéric Guihéry |
//| This program is free software: you can redistribute it and/or modify |
//| it under the terms of the GNU General Public License as published by |
//| the Free Software Foundation, either version 3 of the License, or |
//| (at your option) any later version. |
//| |
//| This program is distributed in the hope that it will be useful, |
//| but WITHOUT ANY WARRANTY; without even the implied warranty of |
//| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
//| GNU General Public License for more details. |
//| |
//| You should have received a copy of the GNU General Public License |
//| along with this program. If not, see <http://www.gnu.org/licenses/>. |
//+---------------------------------------------------------------------------+
//| @url : http://www.netzob.org |
//| @contact : contact@netzob.org |
//| @sponsors : Amossys, http://www.amossys.fr |
//| Supélec, http://www.rennes.supelec.fr/ren/rd/cidre/ |
//+---------------------------------------------------------------------------+
#include "commonPythonLib.h"
//+---------------------------------------------------------------------------+
//| py_getBID : Returns the unique Binary IDentifier
//+---------------------------------------------------------------------------+
PyObject * py_getBID(__attribute__((unused))PyObject* self, __attribute__((unused))PyObject *noarg) {
char str_bid[37];
#ifdef BID
strncpy(str_bid,STR(BID), sizeof str_bid - 1);
#else
printf("The macro which established the BID has not been defined when compiling the lib, default one will be returned.\n");
strncpy(str_bid, STR(DEFAULT_BID), sizeof str_bid - 1);
#endif
str_bid[sizeof str_bid -1]='\0';
return Py_BuildValue("s", str_bid);
}