Last active
March 15, 2023 07:02
-
-
Save sudarshan-suresh/52efd05a683d79c0c2b2cf8c7579c4f7 to your computer and use it in GitHub Desktop.
Retrieve data from encoded packet data without using third party libraries
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# simple class to retrive data from hexcode ,in this section it will retrieve source mac address , destination mac address | |
from com.talentica.ether_types import ether_types | |
from com.talentica.helper import create_hexcode_from_decoded_data_latin1 | |
class Ether: | |
# IEEE standard 802.1Q-2005 | |
ether_vlan_priorities = { | |
0: 'Best Effort', | |
1: 'Background', | |
2: 'Excellent Effort', | |
3: 'Critical Applications', | |
4: 'Voice, < 10ms latency and jitter, Drop Eligible', | |
5: 'Voice, < 10ms latency and jitter', | |
6: 'Internetwork Control', | |
7: 'Network Control' | |
} | |
def __init__(self, decoded_data): | |
self.current_index = 0 | |
self.data = dict() | |
self.destination_address = ':'.join(decoded_data[self.current_index:self.current_index + 6]) | |
self.data['dst_mac'] = self.destination_address | |
self.current_index += 6 | |
self.source_address = ':'.join(decoded_data[self.current_index:self.current_index + 6]) | |
self.data['src_mac'] = self.source_address | |
self.current_index += 6 | |
proto_type = ''.join(decoded_data[self.current_index: self.current_index + 2]) | |
self.data['type'] = ether_types.get(proto_type) | |
self.current_index += 2 | |
vlan_details = decoded_data[self.current_index] + decoded_data[self.current_index + 1] | |
self.current_index += 2 | |
# convert it to int and then to binary, remove prefix 0b and fill upto 16 bit | |
if proto_type == '8100': | |
vlan_details_bin = bin(int(vlan_details, 16))[2:].zfill(16) | |
vlan_priority = int(vlan_details_bin[0:3], 2) | |
vlan_priority = Ether.ether_vlan_priorities.get(vlan_priority) | |
vlan_dei = 'Ineligible' if int(vlan_details_bin[3], 2) == 0 else 'Eligible' | |
vlan_id = int(vlan_details_bin[4:], 2) | |
self.data['vlan_priority'] = vlan_priority | |
self.data['vlan_dei'] = vlan_dei | |
self.data['vlan_id'] = vlan_id | |
v_type = decoded_data[self.current_index] + decoded_data[self.current_index + 1] | |
self.data['v_type'] = ether_types.get(v_type, v_type) | |
def get_data(self): | |
return self.data | |
if __name__ == '__main__': | |
encoded_wired_data = '////////0E3Gwu+KgQAAAY/9vu8EAy4BAwU5duAKAgJsRwABAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==' | |
decoded_wired_data = create_hexcode_from_decoded_data_latin1(encoded_wired_data) | |
ether_data = Ether(decoded_wired_data) | |
print(ether_data.get_data()) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ether_types = { | |
'0800': 'ipv4', | |
'0806': 'arp', | |
'0842': 'wake_on_lan', | |
'22f0': 'avtp', | |
'22f3': 'ietf_trill_protocol', | |
'22ea': 'stream_reservation_proto', | |
'6002': 'dec_mop_rc', | |
'6003': 'decnet_phase_4', | |
'6004': 'dec_lat', | |
'8035': 'rarp', | |
'809b': 'ethertalk', | |
'80f3': 'aarp', | |
'8100': 'vlan_tagged_frame', | |
'8102': 'slpp', | |
'8103': 'vlacp', | |
'8137': 'ipx', | |
'8204': 'qnx_qnet', | |
'86dd': 'ipv6', | |
'8808': 'ethernet_flow_control', | |
'8809': 'lacp', | |
'8819': 'cobranet', | |
'8847': 'mpls_unicast', | |
'8848': 'mpls_multicast', | |
'8863': 'pppoe_discovery_stage', | |
'8864': 'pppoe_session_stage', | |
'887b': 'homeplug_1_0_mme', | |
'888e': 'eap_over_lan', | |
'8892': 'profinet_proto', | |
'889a': 'hyper_scsi', | |
'88a2': 'ata_over_ethernet', | |
'88a4': 'ethercat_proto', | |
'88a8': 'service_vlan', | |
'88ab': 'ethernet_powerlink', | |
'88b8': 'goose', | |
'88b9': 'gse', | |
'88ba': 'sampled_value_trans', | |
'88bf': 'mikrotik_romon', | |
'88cc': 'lldp', | |
'88cd': 'sercos_3', | |
'88e1': 'home_plug_green', | |
'88e3': 'mrp', | |
'88e5': 'mac_sec', | |
'88e7': 'pbb', | |
'88f7': 'ptp', | |
'88f8': 'nc_si', | |
'88fb': 'prp', | |
'8902': 'cfm', | |
'8906': 'fcoe', | |
'8914': 'fcoe_initilization_proto', | |
'8915': 'roce', | |
'891d': 'tte', | |
'893a': 'ieee_proto_1905_1', | |
'892f': 'hsr', | |
'9000': 'ethernet_config_testing_proto', | |
'f1c1': 'redundancy_tag', | |
'888e': 'port_based_nac_802_1x', | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# method used for retrieving hex dump values after decoding the encoded packet using base64. | |
@staticmethod | |
def create_hexcode_from_decoded_data_latin1(pkt_encoded): | |
pkt_decoded = base64.b64decode(pkt_encoded).decode('latin-1') | |
hex_data_list = [] | |
for x in pkt_decoded: | |
byte_data = bytes(x, 'latin-1') | |
hex_data = ' '.join('{:02x}'.format(x) for x in byte_data) | |
hex_data_list.append(hex_data) | |
return hex_data_list |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment