diff --git a/pcap_anonymize/app_layer/__init__.py b/pcap_anonymize/app_layer/__init__.py index f5f408eeac16adec2ba79319418b2f88f6785422..667ee0f15abb7cce1af2a2c303edf0e9b27fa59e 100644 --- a/pcap_anonymize/app_layer/__init__.py +++ b/pcap_anonymize/app_layer/__init__.py @@ -36,6 +36,6 @@ def anonymize_app_layer(packet: Packet) -> None: sport = tcp.getfieldval("sport") dport = tcp.getfieldval("dport") if sport == 9999 or dport == 9999: - anonymize_tplink(packet) + anonymize_tplink(tcp) except: pass diff --git a/pcap_anonymize/app_layer/http.py b/pcap_anonymize/app_layer/http.py index 36cfbd482349d693befe15c892c3242abe41c206..7a418c3043c955326e4ebf02c2294622f89cd269 100644 --- a/pcap_anonymize/app_layer/http.py +++ b/pcap_anonymize/app_layer/http.py @@ -40,14 +40,22 @@ def get_http_layer(packet: Packet) -> HTTP: # HTTP layer could not be retrieved directly. # Try to get it from the Raw layer. - raw_load = packet.getlayer(Raw).getfieldval("load") - http = HTTPRequest(raw_load) - if http.haslayer(HTTPRequest): - return http - http = HTTPResponse(raw_load) - if http.haslayer(HTTPResponse): - return http + raw_load = packet.getlayer(Raw).getfieldval("load") + try: + http = HTTPRequest(raw_load) + if http.haslayer(HTTPRequest): + return http + except ValueError: + pass + + try: + http = HTTPResponse(raw_load) + if http.haslayer(HTTPResponse): + return http + except ValueError: + pass + raise AttributeError(f"HTTP layer not found in packet {packet.summary()}") diff --git a/pcap_anonymize/cli.py b/pcap_anonymize/cli.py new file mode 100644 index 0000000000000000000000000000000000000000..dcdbb3394acdb095074c6d12c8ce21035a9c7fa2 --- /dev/null +++ b/pcap_anonymize/cli.py @@ -0,0 +1,15 @@ +import os +import argparse +from .pcap_anonymize import anonymize_pcap + + +def main() -> None: + """ + Main function for the CLI. + """ + parser = argparse.ArgumentParser(description="Anonymize a PCAP traffic capture.") + parser.add_argument("input", type=os.PathLike, help="Path to the input PCAP file.") + parser.add_argument("-o", "--output", type=os.PathLike, help="Path to the output PCAP file.") + args = parser.parse_args() + + anonymize_pcap(args.input, args.output) diff --git a/pcap_anonymize/pcap_anonymize.py b/pcap_anonymize/pcap_anonymize.py index 873987c3b0099783661cf7891d1dbfc391515e80..81c78cc2c661483ab44899b6bb6934785197643d 100644 --- a/pcap_anonymize/pcap_anonymize.py +++ b/pcap_anonymize/pcap_anonymize.py @@ -17,21 +17,25 @@ packets = [] ### FUNCTIONS ### -def recompute_checksums(packet: Packet) -> Packet: +def rebuild_packet(packet: Packet) -> Packet: """ - Recompute a given packet's checksums. + Rebuild a packet: + recompute its lengths and checksums. Args: - packet (scapy.Packet): scapy packet to recompute checksums for + packet (scapy.Packet): scapy packet to rebuild Returns: - (scapy.Packet): packet with recomputed checksums + scapy.Packet: rebuilt packet """ + fields_to_delete = ["len", "chksum"] + for layer_class in packet.layers(): layer = packet.getlayer(layer_class) - try: - delattr(layer, "chksum") - except AttributeError: - pass + for field in fields_to_delete: + try: + delattr(layer, field) + except AttributeError: + pass return packet.__class__(bytes(packet)) @@ -53,7 +57,7 @@ def anonymize_packet(packet: Packet) -> None: anonymize_app_layer(packet) # Recompute packet checksums - packet = recompute_checksums(packet) + packet = rebuild_packet(packet) packets.append(packet) diff --git a/test/app_layer/test_tplink.py b/test/app_layer/test_tplink.py index 35afc45168e11ba26b3ea354f4cf233b09561d97..a71099db90d0633ac5a1ffa8e79bfa7f1d80e9fe 100644 --- a/test/app_layer/test_tplink.py +++ b/test/app_layer/test_tplink.py @@ -17,5 +17,6 @@ def test_anonymize_tplink() -> None: anonymize_tplink(packet) # Check if payload was correctly deleted + assert packet.haslayer(TCP) assert not packet.haslayer(Raw) assert not hasattr(packet, "load")