GithubHelp home page GithubHelp logo

kaganjd / sealion Goto Github PK

View Code? Open in Web Editor NEW
9.0 9.0 1.0 1.56 MB

WIP Toolkit for using network data in p5.js sketches. ARP, ARP. ๐ŸŒŠ

JavaScript 33.00% Python 64.18% HTML 1.46% Dockerfile 0.45% CSS 0.91%

sealion's People

Contributors

dependabot[bot] avatar kaganjd avatar miamiww avatar

Stargazers

 avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar

Watchers

 avatar  avatar  avatar  avatar  avatar

Forkers

miamiww

sealion's Issues

Server routes to control sniffer

Converting final comment from PR #5 as an issue for the future.

I think you're going to want to have the following end points that the p5 client can hit. I know you're using sockets so doesn't need to be REST just describing it in those terms since it makes the actions clearer

  • GET /interfaces: this is more for debug but will be useful in the future

  • POST /config: allow the client to update the config dict

  • POST /sniffer: args include start or stop

  • GET /status: is the sniffer running?

  • Listener for errors? Not sure if this works but it might be nice to have your try/catch errors bubble up to the client. Lets wait to implement this though

missing link to websocket

Hi,
I've been trying to reproduce and understand your code, however, I can't find how do you establish WebSocket link and use the async def dequeue_packets(ws): to deliver msg to ws link
you explanation appreciated

Enumerate network interfaces

If this is going to work well we will need to be have clarity on what network interface we are sniffing on.
The names change depending on OS and sometimes hardware. Things that will helkp in the long term

  1. Being able to list all network interface
  2. Determining what the active network interface (does scapy tell you that?)
  3. Getting all the info for the active interface this could include
  • Gateway IP
  • Subnet
  • Proxy Info if any

Having this information available will help in the future

un-summarize packets before sending?

Currently, the Sea Lion sniff methods use Scapy's sniff() under the hood here and Scapy's pkt.summary() (Scapy docs here- search "pkt.summary()") to send a summary of the packet instead of having each attribute (dst, src, etc.) broken out. Should we send un-summarized/raw packets so users of the lib have access to those individual attributes if they want them?

implement packet permissions check, set, and restore for Linux

Possible steps

  1. Research packet forwarding permissions you need to set on Linux (may be the same as Darwin/Mac OS X)
  2. Add some logic that checks which OS the server is running on (this kind of thing should work: utils.py), then routes to the correct permissions functions
  3. Add each command for Linux as a constant in config.py
  4. In main.py, rename:
  • check_permissions --> check_darwin_permissions
  • set_permissions --> set_darwin_permissions
  • restore_permissions --> restore_darwin_permissions
  1. Write functions for:
  • check_linux_permission
  • set_linux_permissions
  • restore_linux_permissions
  1. See if it works!

Server is Resource Hungry

If left on for a period of time the server begins to use increasing amounts of CPU. After 20 minutes it is using 100% of my CPU. It is unclear what it is doing. This is the case both when it is connected to the client side and when it is waiting to connect.

decide whether packetCount should be an arg in sniff methods

pro:

  • sea lion is currently written so that count is an arg
  • scapy accepts this arg in its sniff method; if someone has a set number of packets they want, they can just pass count in, i.e.
function setup() {
  createCanvas(400, 400);
  background(0);

  sl.sniffSocket.open()
    .then(() => sl.sniffSelf(10))
    .then(() => sl.sniffSocket.close())
}

function draw() {
  const lineHeight = 40
  textSize(lineHeight)
  textAlign(LEFT, CENTER)

  if (sl.packetList) {
    for (i=0; i < sl.packetList.length; i++) {
      fill(0, 255, 255);
      text(sl.packetList[i], 0, i*40)
    }
  }
}

con:

  • adds complexity; we could just have sniffer is on/off and then controls around that (not in sea lion but as part of the p5 sketch), i.e.
function setup() {
  createCanvas(400, 400);
  background(0);
  
  sl.sniffSocket.open()
    .then(() => sl.sniffSelf(FOREVER))
}

function draw() {
  if (sl.packetList) {
    if (sl.packetList.length === 9) {   // note: packetList does not actually reliably ++ by 1
      drawPackets(9)
    }
  }
}

function drawPackets(num) {
  textSize(40)
  textAlign(LEFT, CENTER)
  for (i=0; i < num; i++) {
    fill(0, 255, 255);
    text(sl.packetList[i], 0, i*40)
  }
  sl.sniffSocket.close()
}

update readme

based on user feedback

  • specify python3
  • link to virtualenv docs for people unfamiliar
  • add src before main.py
  • clarify that you have to run npm build on client to get started, not just for development
  • add more info at beginning readme about what sea lion is

implement ping/pong on instantiating a new SeaLion

Currently, we have to instantiate SeaLion inside a function and then start the sniffer shortly after, like:

function openSniff() {
  let sl = new SeaLion(hostname, port);
  sl.sniffer.listener.on("packet", function(data) {
    packets.push(data);
  });
  sl.sniffer.start();
}

This is because if we don't start the sniffer soon after creating SeaLion, the WebSocket connection idles and dies. But we need to be able to instantiate SeaLion globally and then have functions open, close, log packets, etc. on that instance.

Possible fix is to ping/pong to keep the (SeaLion's? sniffer's?) WebSocket connection alive. One implementation: https://stackoverflow.com/questions/10585355/sending-websocket-ping-pong-frame-from-browser

consistency between get_sniffer_config on server & sniff methods on client

it's confusing that client sniffSelf() function takes params that are set/reset on the server side.

client: https://github.com/kaganjd/sealion/blob/master/client/src/index.js#L28-L36

server: https://github.com/kaganjd/sealion/blob/master/server/src/utils.py#L46-L53

options:

  • make all keys that are set on the server side available on the client side, incl store and lfilter + options listed here
  • keep those keys out of client and remove them from the server

either way, seems like instead of setting count to 5 in the server side config, set to "". client side should throw an error if no value is passed in anyway.

sniff methods block getNetworkInfo

even though getNetworkInfo comes first in the library, and even when getNetworkInfo comes first in setup(), if a sniff or ping method is also in the sketch, the sniff/ping will run first and block getNetworkInfo from ever happening

GUI Error Display

Currently GUI does not display any error messages within itself. For example, if the wrong password is given at permissions check the error is printed to the console rather than sending a message to the UI. The way to implement this might be to add a status box within the GUI UI and a queue to look for errors within the GUI class, which would then be printed to the status box.

update api docs

Once the API is finalized, the docs site should be updated to reflect the latest version. Currently very out of date!

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.