Merge pull request #98 from odedshimon/clear-results

Implement a "Clear Results" button and upgrade to SharpPcap 6.0

BruteShark/BruteSharkDesktop/MainForm.cs

@@ -47,22 +47,6 @@ public MainForm()
             _processor.BuildTcpSessions = true;
             _processor.BuildUdpSessions = true;
 
-            // Create the user controls. 
-            _networkMapUserControl = new NetworkMapUserControl();
-            _networkMapUserControl.Dock = DockStyle.Fill;
-            _sessionsExplorerUserControl = new SessionsExplorerUserControl();
-            _sessionsExplorerUserControl.Dock = DockStyle.Fill;
-            _hashesUserControl = new HashesUserControl();
-            _hashesUserControl.Dock = DockStyle.Fill;
-            _passwordsUserControl = new GenericTableUserControl();
-            _passwordsUserControl.Dock = DockStyle.Fill;
-            _filesUserControl = new FilesUserControl();
-            _filesUserControl.Dock = DockStyle.Fill;
-            _dnsResponseUserControl = new DnsResponseUserControl();
-            _dnsResponseUserControl.Dock = DockStyle.Fill;
-            _voipCallsUserControl = new VoipCallsUserControl();
-            _voipCallsUserControl.Dock = DockStyle.Fill;
-
             // Contract the events.
             _sniffer.UdpPacketArived += (s, e) => _analyzer.Analyze(CommonUi.Casting.CastProcessorUdpPacketToAnalyzerUdpPacket(e.Packet));
             _sniffer.TcpPacketArived += (s, e) => _analyzer.Analyze(CommonUi.Casting.CastProcessorTcpPacketToAnalyzerTcpPacket(e.Packet));
@@ -80,12 +64,31 @@ public MainForm()
             _analyzer.ParsedItemDetected += (s, e) => SwitchToMainThreadContext(() => OnParsedItemDetected(s, e));
             _analyzer.UpdatedItemProprertyDetected += (s, e) => SwitchToMainThreadContext(() => OnUpdatedItemProprertyDetected(s, e));
 
+            InitilizeModulesUserControls();
             InitilizeFilesIconsList();
             InitilizeModulesCheckedListBox();
             InitilizeInterfacesComboBox();
             this.modulesTreeView.ExpandAll();
         }
 
+        private void InitilizeModulesUserControls()
+        {
+            _networkMapUserControl = new NetworkMapUserControl();
+            _networkMapUserControl.Dock = DockStyle.Fill;
+            _sessionsExplorerUserControl = new SessionsExplorerUserControl();
+            _sessionsExplorerUserControl.Dock = DockStyle.Fill;
+            _hashesUserControl = new HashesUserControl();
+            _hashesUserControl.Dock = DockStyle.Fill;
+            _passwordsUserControl = new GenericTableUserControl();
+            _passwordsUserControl.Dock = DockStyle.Fill;
+            _filesUserControl = new FilesUserControl();
+            _filesUserControl.Dock = DockStyle.Fill;
+            _dnsResponseUserControl = new DnsResponseUserControl();
+            _dnsResponseUserControl.Dock = DockStyle.Fill;
+            _voipCallsUserControl = new VoipCallsUserControl();
+            _voipCallsUserControl.Dock = DockStyle.Fill;
+        }
+
         private void InitilizeInterfacesComboBox()
         {
             foreach (string interfaceName in _sniffer.AvailiableDevicesNames)
@@ -284,6 +287,13 @@ private void AddFile(string filePath)
 
         private void RunButton_Click(object sender, EventArgs e)
         {
+            // Reset all files status.
+            foreach (ListViewItem item in this.filesListView.Items)
+            {
+                item.ForeColor = Color.Black;
+                item.SubItems[2].Text = "Wait";
+            }
+
             new Thread(() => _processor.ProcessPcaps(this._files)).Start();
         }
 
@@ -489,6 +499,38 @@ private void exportResutlsButton_Click(object sender, EventArgs e)
             }
         }
 
+        private void clearResutlsButton_Click(object sender, EventArgs e)
+        {
+            _connections = new HashSet<PcapAnalyzer.NetworkConnection>();
+            _analyzer.Clear();
+
+            // Clear all modules user controls by recreating them. 
+            InitilizeModulesUserControls();
+
+            // Remove the items count of each module from the tree view (e.g "DNS (13)" -> "DNS").
+            foreach (var node in IterateAllNodes(modulesTreeView.Nodes))
+            {
+                var index = node.Text.LastIndexOf('(');
+
+                if (index > 0)
+                {
+                    node.Text = node.Text.Substring(0, index);
+                }
+            }
+        }
+
+        IEnumerable<TreeNode> IterateAllNodes(TreeNodeCollection nodes)
+        {
+            // Recursively iterate over all nodes and sub nodes.
+            foreach (TreeNode node in nodes)
+            {
+                yield return node;
+
+                foreach (var child in IterateAllNodes(node.Nodes))
+                    yield return child;
+            }
+        }
+
     }
 }
 

BruteShark/BruteSharkDesktopInstaller/Product.wxs

@@ -4,7 +4,7 @@
 	<Product 
 		Id="CE452A31-5E74-41BE-A768-EBEE7B325862" 
 		Name="BruteSharkDesktop" 
-		Language="1033" Version="1.2.9.0" 
+		Language="1033" Version="1.2.10.0" 
 		Manufacturer="Oded Shimon" 
 		UpgradeCode="9bec2dfd-0f30-466a-9077-cf86db101cac">
 

BruteShark/PcapAnalyzer/Analyzer.cs

@@ -19,6 +19,7 @@ public class Analyzer
 
         public Analyzer()
         {
+            _loadedModules = new List<IModule>();
             InitilyzeModulesList();
         }
 
@@ -42,8 +43,6 @@ public void AddModule(string module_name)
 
         private void InitilyzeModulesList()
         {
-            _loadedModules = new List<IModule>();
-
             // Create an instance for any available modules by looking for every class that 
             // implements IModule.
             this._availbleModules = AppDomain.CurrentDomain.GetAssemblies()
@@ -87,6 +86,19 @@ public void Analyze(object item)
                 }
             }
         }
-
+
+        public void Clear()
+        { 
+            // Recreate modules instances.
+            InitilyzeModulesList();
+
+            //  Replace the current loaded modules with the new clean modules.
+            foreach (var moduleName in this.LoadedModulesNames)
+            {
+                this.RemoveModule(moduleName);
+                this.AddModule(moduleName);
+            }
+        }
+
     }
 }

BruteShark/PcapProcessor/PcapProcessor.csproj

@@ -6,8 +6,8 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Haukcode.PcapngUtils" Version="1.2.70" />
-    <PackageReference Include="SharpPcap" Version="5.4.0" />
+    <PackageReference Include="Haukcode.PcapngUtils" Version="1.2.74" />
+    <PackageReference Include="SharpPcap" Version="6.0.0" />
   </ItemGroup>
 
 </Project>

BruteShark/PcapProcessor/Processor.cs

@@ -196,9 +196,9 @@ private void ProccessPcapNgPacket(PacketDotNet.Packet packet)
             ProcessPacket(packet);
         }
 
-        private void ProcessPcapPacket(object sender, CaptureEventArgs e)
+        private void ProcessPcapPacket(object sender, PacketCapture e)
         {
-            var packet = PacketDotNet.Packet.ParsePacket(e.Packet.LinkLayerType, e.Packet.Data);
+            var packet = PacketDotNet.Packet.ParsePacket(e.GetPacket().LinkLayerType, e.GetPacket().Data);
             ProcessPacket(packet);
         }
 

BruteShark/PcapProcessor/Sniffer.cs

@@ -1,7 +1,6 @@
 using PcapProcessor.Objects;
 using SharpPcap;
 using SharpPcap.LibPcap;
-using SharpPcap.Npcap;
 using System;
 using System.Collections.Generic;
 using System.Linq;
@@ -62,24 +61,10 @@ public void StartSniffing(CancellationToken ct)
             ClearOldSniffingsData();
             ICaptureDevice selectedDevice = GetSelectedDevice();
 
-            if (selectedDevice is NpcapDevice)
-            {
-                var nPcap = selectedDevice as SharpPcap.Npcap.NpcapDevice;
-                if (PromisciousMode)
-                {
-                    nPcap.Open(SharpPcap.Npcap.OpenFlags.Promiscuous, ReadTimeoutMilliseconds);
-                }
-                else
-                {
-                    nPcap.Open();
-                }
-
-                nPcap.Mode = CaptureMode.Packets;
-            }
-            else if (selectedDevice is SharpPcap.LibPcap.LibPcapLiveDevice)
+            if (selectedDevice is SharpPcap.LibPcap.LibPcapLiveDevice)
             {
                 var livePcapDevice = selectedDevice as SharpPcap.LibPcap.LibPcapLiveDevice;
-                livePcapDevice.Open(PromisciousMode ? DeviceMode.Promiscuous : DeviceMode.Normal);
+                livePcapDevice.Open(PromisciousMode ? SharpPcap.DeviceModes.Promiscuous : SharpPcap.DeviceModes.None);
             }
             else
             {
@@ -261,9 +246,9 @@ public static bool CheckCaptureFilter(string filter)
             return PcapDevice.CheckFilter(filter, out string outString);
         }
 
-        private void InsertPacketToQueue(object sender, CaptureEventArgs e)
+        private void InsertPacketToQueue(object sender, PacketCapture e)
         {
-            var packet = PacketDotNet.Packet.ParsePacket(e.Packet.LinkLayerType, e.Packet.Data);
+            var packet = PacketDotNet.Packet.ParsePacket(e.GetPacket().LinkLayerType, e.GetPacket().Data);
 
             lock (_packetsQueueLock)
             {

BruteShark/PcapProcessorTest/PcapProcessorTest.csproj

@@ -14,7 +14,7 @@
 		  <PrivateAssets>all</PrivateAssets>
 		  <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>
 		</PackageReference>
-		<PackageReference Include="SharpPcap" Version="5.4.0" />
+		<PackageReference Include="SharpPcap" Version="6.0.0" />
 	</ItemGroup>
 
 	<ItemGroup>