问题访问/迭代 python 中的复杂字典对象
[英]Issue accessing/iterating complex dictionary objects in python
问题描述
So I'd like to preface this with I'm brand new to python...I'm trying to access values from a complex object.
因此,我想以我是 python 的新手作为开头...我正在尝试从复杂的 object 中访问值。 When using a for loop in a for loop I keep getting errors like...在 for 循环中使用 for 循环时,我不断收到错误,例如...
TypeError: object does not support assignment
or或者
AtributeError: 'str' object has no attribute 'syn'
...which I think are stemming from either assignment to scan.results object in section #1 connect(packet.s or improper construction of classes. In #2 area of the method connect_scan_exist we can see issues accessing value.flags.XX. I think it is due to the way I have constructed the supporting class objects that are utilized in the dictionary. ...我认为这是由于在第 1 节connect(packet.s或不正确的类构造中对 scan.results object 的任一项分配。在方法connect_scan_exist的 #2 区域中,我们可以看到访问 value.flags.XX 的问题。我认为这是由于我构建字典中使用的支持 class 对象的方式。
Method方法
# determine if a connect scan takes place
def connect_scan_exist(packets):
s = scan()
# 1. grab all TCP syn # 1. 抢全TCP syn
for key, value in packets.items():
# add tcp packets with syn that are not already entered
if ( value.packet_type == 'TCP'
and value.source_ip
and value.destination_ip
and value.destination_port
and value.flags.syn
and value.flags.ack == False
and value.flags.rst == False
and value.flags.fin == False):
s.results[str(value.source_ip) + '|'+ str(value.destination_ip) + '|' + str(value.destination_port)] = connect(packet.source_ip, packet.destination_ip, packet.destination_port, True, packet.timestamp, None, None, None, None)
# 2. iterate over all TCP syn looking for matching syn/ack # 2. 遍历所有 TCP syn 寻找匹配的 syn/ack
for skey, svalue in s.results.items():
for key, value in packets.items():
# print(len(value.flags))
if ( value.destination_ip == svalue.source_ip
and value.source_ip == svalue.destination_ip
and value.source_port == svalue.destination_port
# and value.scan_categories.is_null_scan ## <---this one works
and value.flags.syn
and value.flags.ack
and value.flags.rst == False
and value.flags.fin == False
and value.timestamp > svalue.source_syn_time
and svalue.destination_synack is None):
# update scan result with cooresponding syn/ack
s.results[str(value.source_ip) + '|' +
str(value.destination_ip) + '|' +
str(value.destination_port)].destination_synack = True
s.results[str(value.source_ip) + '|'+
str(value.destination_ip) + '|' +
str(value.destination_port)].destination_synack_time = value.timestamp
# 3. iterate over all TCP syn looking for matching ack # 3. 遍历所有 TCP syn 寻找匹配的ack
for skey, svalue in s.results.items():
for key, value in packets.items():
if ( value.source_ip == svalue.source_ip
and value.destination_ip == svalue.destination_ip
and value.destination_port == svalue.destination_port
and value.flags.syn == False
and value.flags.ack
and value.flags.rst == False
and value.flags.fin == False
and value.timestamp > svalue.source_synack_time
and svalue.source_ack is None):
# update scan result with cooresponding syn/ack
s.results[str(value.source_ip) + '|' +
str(value.destination_ip) + '|' +
str(value.destination_port)].source_ack = True
s.results[str(value.source_ip) + '|'+
str(value.destination_ip) + '|' +
str(value.destination_port)].source_ack_time = value.timestamp
# 4. remove all incomplete ? maybe
# 5. analysis
s.scanfound = (True if (len(s.results) > 10) else False)
s.description = 'Very primative observation. Found more than 10 entries starting with TCP Syn'
return s
Classes课程
# define connect scan class
class connect(object):
def __init__(self, src_ip=None, dst_ip=None, dst_port=None, src_syn=None, src_syn_time=None, dst_synack=None, dst_synack_time=None,
src_ack=None, src_ack_time=None):
self.source_ip = src_ip
self.destination_ip = dst_ip
self.destination_port = dst_port
self.source_syn = src_syn
self.source_syn_time = src_syn_time
self.destination_synack = dst_synack
self.destination_synack_time = dst_synack_time
self.source_ack = src_ack
self.source_ack_time = src_ack_time
# define half open scan class
class scan(object):
def __init__(self, scan=False, desc=None):
self.scanfound = scan
self.description = desc
self.results = dict()
# define generic packet class
class generic_packet(object):
def __init__(self, packet_type=None, time=None, src_mac=None, src=None, src_port=None, dst_mac=None, dst=None,
dst_port=None, seq=None, ack=None, flags=None, options=None, data=None):
self.packet_type = packet_type
self.timestamp = time
self.scan_categories = scan_type()
self.source_mac = src_mac
self.source_ip = src
self.source_port = src_port
self.destination_mac = dst_mac
self.destination_ip = dst
self.destination_port = dst_port
self.sequence = seq
self.acknowledge = ack
self.flags = flags # tcp_flags(flags)
self.options = options
self.data = data
1 个解决方案
解决方案1
1 已采纳 2019-11-21 14:28:52
When running the code it looks like some elements of packets are str , not tcp_flags .运行代码时,看起来packets的某些元素是str ,而不是tcp_flags 。
You can skip these elements adding this line 186:您可以跳过这些元素添加此行 186:
if not isinstance(value.flags, tcp_flags):
continue
Or since packets appears to contain TCP and UDP you can check for value.packet_type == 'TCP' in steps #2 and #3.或者由于数据包似乎包含 TCP 和 UDP,您可以在步骤 #2 和 #3 中检查value.packet_type == 'TCP' 。 The program is failing on UDP packets which have generic_packet.flags = None so the object has no syn,ack etc in scope.该程序在具有generic_packet.flags = None的 UDP 数据包上失败,因此 object 在 scope 中没有 syn、ack 等。
# determine if a connect scan takes place
def connect_scan_exist(packets):
s = scan()
# 1. grab all TCP syn
for key, value in packets.items():
# add tcp packets with syn that are not already entered
if ( value.packet_type == 'TCP'
and value.source_ip
and value.destination_ip
and value.destination_port
and value.flags.syn
and value.flags.ack == False
and value.flags.rst == False
and value.flags.fin == False):
s.results[str(value.source_ip) + '|'+ str(value.destination_ip) + '|' + str(value.destination_port)] = connect(packet.source_ip, packet.destination_ip, packet.destination_port, True, packet.timestamp, None, None, None, None)
# 2. iterate over all TCP syn looking for matching syn/ack
for skey, svalue in s.results.items():
for key, value in packets.items():
# print(len(value.flags))
if (value.packet_type == 'TCP'
and value.destination_ip == svalue.source_ip
and value.source_ip == svalue.destination_ip
and value.source_port == svalue.destination_port
# and value.scan_categories.is_null_scan ## <---this one works
and value.flags.syn
and value.flags.ack
and value.flags.rst == False
and value.flags.fin == False
and value.timestamp > svalue.source_syn_time
and svalue.destination_synack is None):
# update scan result with cooresponding syn/ack
s.results[str(value.source_ip) + '|' +
str(value.destination_ip) + '|' +
str(value.destination_port)].destination_synack = True
s.results[str(value.source_ip) + '|'+
str(value.destination_ip) + '|' +
str(value.destination_port)].destination_synack_time = value.timestamp
# 3. iterate over all TCP syn looking for matching ack
for skey, svalue in s.results.items():
for key, value in packets.items():
if ( **value.packet_type == 'TCP'**
and value.source_ip == svalue.source_ip
and value.destination_ip == svalue.destination_ip
and value.destination_port == svalue.destination_port
and value.flags.syn == False
and value.flags.ack
and value.flags.rst == False
and value.flags.fin == False
and value.timestamp > svalue.source_synack_time
and svalue.source_ack is None):
# update scan result with cooresponding syn/ack
s.results[str(value.source_ip) + '|' +
str(value.destination_ip) + '|' +
str(value.destination_port)].source_ack = True
s.results[str(value.source_ip) + '|'+
str(value.destination_ip) + '|' +
str(value.destination_port)].source_ack_time = value.timestamp
# 4. remove all incomplete ? maybe
# 5. analysis
s.scanfound = (True if (len(s.results) > 10) else False)
s.description = 'Very primative observation. Found more than 10 entries starting with TCP Syn'
return s
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.