From 39961246ae3c2c770e7dcd40f014510b9560c624 Mon Sep 17 00:00:00 2001
From: Mike Crute <mcrute@gmail.com>
Date: Tue, 16 Aug 2016 20:36:59 -0700
Subject: Add flow capture parsing

---
 reversing_tools/parse_mitm.py | 36 ++++++++++++++++++++++++++++++++++++
 reversing_tools/parse_pcap.py |  3 +++
 2 files changed, 39 insertions(+)
 create mode 100755 reversing_tools/parse_mitm.py

diff --git a/reversing_tools/parse_mitm.py b/reversing_tools/parse_mitm.py
new file mode 100755
index 0000000..ef61298
--- /dev/null
+++ b/reversing_tools/parse_mitm.py
@@ -0,0 +1,36 @@
+#!/usr/bin/env python
+
+import sys, os
+sys.path.insert(0, os.path.join(os.path.dirname(__file__), '..', 'python'))
+
+import json
+from cStringIO import StringIO
+from libmproxy.flow import FlowReader
+from inform import InformSerializer
+
+
+def make_serializer(from_file):
+    with open(from_file) as fp:
+        keystore = { i['mac']: i['x_authkey'] for i in json.load(fp) }
+
+    return InformSerializer("", keystore)
+
+
+def dumps_pretty(obj):
+    return json.dumps(obj, sort_keys=True, indent=4, separators=(',', ': '))
+
+
+if __name__ == "__main__":
+    ser = make_serializer("data/devices.json")
+
+    with open('data/mitm/reboot.txt', 'rb') as fp, open('test.out', 'w') as fp2:
+        read = FlowReader(fp)
+
+        for rec in read.stream():
+            res = ser.parse(StringIO(rec.response.content))
+            req = ser.parse(StringIO(rec.request.content))
+
+            print dumps_pretty(req.payload)
+            print dumps_pretty(res.payload)
+            print
+            print
diff --git a/reversing_tools/parse_pcap.py b/reversing_tools/parse_pcap.py
index c29c1d2..ed6f465 100755
--- a/reversing_tools/parse_pcap.py
+++ b/reversing_tools/parse_pcap.py
@@ -1,5 +1,8 @@
 #!/usr/bin/env python
 
+import sys, os
+sys.path.insert(0, os.path.join(os.path.dirname(__file__), '..', 'python'))
+
 import dpkt
 import json
 from cStringIO import StringIO
-- 
cgit v1.2.3