diff options
| author | Vladimir Gavrilov <105977161+0xA50C1A1@users.noreply.github.com> | 2023-12-20 14:42:25 +0300 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-12-20 12:42:25 +0100 |
| commit | 149067b3fc4f3daafaa0cb8c2a5dab376b3ae975 (patch) | |
| tree | aee15872d08500c3c29adda2ec76d0dbc88811eb /tests/cfgs/default/result/jsonrpc.pcap.out | |
| parent | 33f11cb10f0bc598fc8e3d97d25bab87078aa294 (diff) | |
Add JSON-RPC protocol dissector (#2217)
* Add JSON-RPC protocol dissector
* Small fixes
* Improve detection
Diffstat (limited to 'tests/cfgs/default/result/jsonrpc.pcap.out')
| -rw-r--r-- | tests/cfgs/default/result/jsonrpc.pcap.out | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/tests/cfgs/default/result/jsonrpc.pcap.out b/tests/cfgs/default/result/jsonrpc.pcap.out new file mode 100644 index 000000000..22b6759fa --- /dev/null +++ b/tests/cfgs/default/result/jsonrpc.pcap.out @@ -0,0 +1,27 @@ +DPI Packets (TCP): 10 (5.00 pkts/flow) +Confidence DPI : 2 (flows) +Num dissector calls: 151 (75.50 diss/flow) +LRU cache ookla: 0/0/0 (insert/search/found) +LRU cache bittorrent: 0/0/0 (insert/search/found) +LRU cache zoom: 0/0/0 (insert/search/found) +LRU cache stun: 0/0/0 (insert/search/found) +LRU cache tls_cert: 0/0/0 (insert/search/found) +LRU cache mining: 0/0/0 (insert/search/found) +LRU cache msteams: 0/0/0 (insert/search/found) +LRU cache stun_zoom: 0/0/0 (insert/search/found) +Automa host: 1/0 (search/found) +Automa domain: 1/0 (search/found) +Automa tls cert: 0/0 (search/found) +Automa risk mask: 0/0 (search/found) +Automa common alpns: 0/0 (search/found) +Patricia risk mask: 0/0 (search/found) +Patricia risk mask IPv6: 0/0 (search/found) +Patricia risk: 0/0 (search/found) +Patricia risk IPv6: 0/0 (search/found) +Patricia protocols: 4/0 (search/found) +Patricia protocols IPv6: 0/0 (search/found) + +JSON-RPC 16 2815 2 + + 1 TCP 192.168.8.251:51084 <-> 179.99.210.200:80 [proto: 7.375/HTTP.JSON-RPC][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 6][cat: RPC/16][4 pkts/1322 bytes <-> 4 pkts/843 bytes][Goodput ratio: 81/73][< 1 sec][Hostname/SNI: mdotti.dyndns.org][bytes ratio: 0.221 (Upload)][IAT c2s/s2c min/avg/max/stddev: 102/0 34/34 102/101 48/48][Pkt Len c2s/s2c min/avg/max/stddev: 60/54 330/211 1124/566 458/209][URL: mdotti.dyndns.org/zabbix/jsrpc.php?output=json-rpc][StatusCode: 200][Req Content-Type: application/json-rpc][Content-Type: application/json-rpc][Server: Apache/2.2.16 (Debian)][User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36][Risk: ** HTTP Obsolete Server **][Risk Score: 50][Risk Info: Obsolete Apache server 2.2.16][PLAIN TEXT (POST /zabbix/jsrpc.php)][Plen Bins: 0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,33,0,0,0,0,0,0,0,0,0,0,0,0,0,0] + 2 TCP 127.0.0.1:36646 <-> 127.0.0.1:8080 [proto: 375/JSON-RPC][IP: 0/Unknown][ClearText][Confidence: DPI][DPI packets: 4][cat: RPC/16][4 pkts/378 bytes <-> 4 pkts/272 bytes][Goodput ratio: 28/0][0.01 sec][bytes ratio: 0.163 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 10/0 3/0 10/0 5/0][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 94/68 172/74 45/3][PLAIN TEXT (sonrpc)][Plen Bins: 0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0] |