Building the Log Parser
We are finally ready to start writing some code. The first thing we do is open our script and check whether a log filename was passed (the only mandatory argument). If not, the script dies and prints the script usage; otherwise, it continues:
#!/usr/bin/perl use strict; # Check for mandatory arguments or print out usage info unless (@ARGV) { die "Usage: $0 LogFile\n"; }
Now that we know a command-line argument was passed, we assume it was the log file name and attempt to open the file. If we cannot open the file, the script dies and prints an error message:
# Attempt to open the input file open(IN, "<", $ARGV[0]) or die"ERROR: Can't open file $ARGV[0].\n";
Before we go any further, it is imperative that we be familiar with
the structure and format of the log file we are parsing. Provided
that the proxy server you are using is logging the raw HTTP requests
and responses (most of them do), the logic to generate test requests
from our Perl script should be virtually identical, with the
exception of the delimiter used to separate each log file entry.
Looking at the Burp log file shown in Example 8-6,
notice that each request and response is separated with a consistent
delimiter (”=" 54 x
).
Example 8-6. Excerpt from Burp proxy log file
====================================================== http://www.myserver.com/192.168.0.1:80 ====================================================== GET /blah.jsp HTTP/1.0 Accept: */* Accept-Language: en-us Pragma: no-cache User-Agent: ...
Get Network Security Tools now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.