-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathmain.py
61 lines (55 loc) · 1.89 KB
/
main.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
import dpkt
import socket
import pygeoip
from typing import Dict
gi = pygeoip.GeoIP('GeoLiteCity.dat')
def retKML(dstip: str, srcip: str) -> str:
dst: Dict[str, float] = gi.record_by_name(dstip)
src: Dict[str, float] = gi.record_by_name('x.xxx.xxx.xxx')
try:
dstlongitude: float = dst['longitude']
dstlatitude: float = dst['latitude']
srclongitude: float = src['longitude']
srclatitude: float = src['latitude']
kml: str = (
'<Placemark>\n'
'<name>%s</name>\n'
'<extrude>1</extrude>\n'
'<tessellate>1</tessellate>\n'
'<styleUrl>#transBluePoly</styleUrl>\n'
'<LineString>\n'
'<coordinates>%6f, %6f\n%6f, %6f</coordinates>\n'
'</LineString>\n'
'</Placemark>\n'
)%(dstip, dstlongitude, dstlatitude, srclongitude, srclatitude)
return kml
except:
return ''
def plotIPs(pcap: dpkt.pcap.Reader) -> str:
kmlPts: str = ''
for(ts, buf) in pcap:
try:
eth: dpkt.ethernet.Ethernet = dpkt.ethernet.Ethernet(buf)
ip: dpkt.ip.IP = eth.data
src: str = socket.inet_ntoa(ip.src)
dst: str = socket.inet_ntoa(ip.dst)
KML: str = retKML(dst, src)
kmlPts += KML
except:
pass
return kmlPts
def main() -> None:
f = open('wire.pcap', 'rb')
pcap: dpkt.pcap.Reader = dpkt.pcap.Reader(f)
kmlheader = '<?xml version="1.0" encoding="UTF-8"?> \n<kml xmlns="https://www.opengis.net/kml/2.2">\n<Document>\n'\
'<Style id="transBluePoly">'\
'<LineStyle>'\
'<width>1.5</width>'\
'<color>501400E6</color>'\
'</LineStyle>'\
'</Style>'
kmlfooter: str = '</Document>\n</kml>\n'
kmldoc: str = kmlheader + plotIPs(pcap) + kmlfooter
print(kmldoc)
if __name__ == "__main__":
main()