#!/bin/python3
# We use this script to check the same part in a network packet
# present as hex like below
#
# 97:C1:19:E2:4B:1A:1F:D4:A8:95:6B:16:2F:4E:1C:CB:81:06:5F:95
# D7:7A:19:28:EB:E0:4A:1D:A8:D6:C3:68:6F:DF:CA:E6:8D:E2:A3:1B
#
# if there are same part exist, the result like this
#
# 97:C1:19:E2:4B:1A:1F:D4:A8:95:6B:16:2F:4E:1C:CB:81:06:5F:95
# D7:7A:19:28:EB:E0:4A:1D:A8:D6:C3:68:6F:DF:CA:E6:8D:E2:A3:1B
# ^^ ^^
#
# with a ^ below the part
# there can be more two messages in the file
import sys
if len(sys.argv) == 2:
message_box = open(sys.argv[1])
else:
print('Usage: ' + sys.argv[0] + ' file')
sys.exit()
message_original = []
messages = []
for message in message_box:
message_original.append(message.rstrip())
messages.append(message.rstrip().split(":"))
if len(messages) < 2:
print('Sorry, there should be at least two message')
sys.exit()
min_length = len(messages[0])
for message in messages:
if min_length > len(message):
min_length = len(message)
same_position = []
for i in range(min_length):
value = messages[0][i]
isSame = True
for j in range(1, len(messages)):
if value != messages[j][i]:
isSame = False
break
if (isSame):
same_position.append(i)
for message in message_original:
print(message)
if len(same_position) == 0:
print('No same position exist')
else:
for i in range(min_length):
if i in same_position:
print('^^', end = '')
else:
print(' ', end = '')
if i == min_length - 1:
print('')
else:
print(' ', end = '')
print('With offset:', end = ' ')
for offset in same_position:
print(offset, end = ' ')
print('')
该脚本可对保存在指定文件中的十六进制进行比较,获取相同的部分,打印出来。工作需要分析网络数据包,找特征,靠眼看实在是太伤眼睛了。只好写个脚本做一下比较。有时间了在对脚本进行扩充,争取还可以比较出本组相同部分跟另外一组的差异。
扫一扫
5656
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
