I am new in autoit, I want to extract all ip address from this string in array format
#include <MsgBoxConstants.au3>
#include <StringConstants.au3>
#include <array.au3>
$str = "ghg shjsja 192.168.1.2 hbkjNKKSJKKN HKJCBKJLKKL 12.15.14.45
KJBKJABCKBNDKQ djfsjdkfhnwk kjwenfkjdsnf knfflksnf KHBKJABCKJQDH
1.1.1.1 2.2.2.2"
$copy = StringRegExp($str,"((\d{1,3}\.){3}\d{1,3})",3)
MsgBox(0,"",$copy[0])`
i am getting all ip when i skip one step, means i will get second ip when i use $copy[2]. i want to extract all ip without skipping the step.
$str = "ghg shjsja 192.168.1.2 hbkjNKKSJKKN HKJCBKJLKKL 12.15.14.45 " & _
"KJBKJABCKBNDKQ djfsjdkfhnwk kjwenfkjdsnf knfflksnf KHBKJABCKJQDH " & _
"1.1.1.1 2.2.2.2"
$copy = StringRegExp($str, "((?:\d{1,3}\.){3}\d{1,3})", 3)
For $i = 0 To UBound($copy) -1
ConsoleWrite($copy[$i] & #CRLF)
MsgBox(0, "", $copy[$i])
Next
Will output
192.168.1.2
12.15.14.45
1.1.1.1
2.2.2.2
instead of
192.168.1.2
1.
12.15.14.45
14.
1.1.1.1
1.
2.2.2.2
2.
The ?: at the start of the inner capture group makes
it not capture and be just a group. The outer group
captures the inner group along with other characters
within the outer capture group as a single [step|capture].
Related
I currently have formed a KQL that extracts ipv4 address from a string. similarly I would need to extract ipv6 address from the string
ipv4 extract query:
datatable (ipv4text:string)
[
'This is a random text that has IP address 128.0.0.20 that has to be extracted'
]
|extend pv4addr = extract("(([0-9]{1,3})\\.([0-9]{1,3})\\.([0-9]{1,3})\\.(([0-9]{1,3})))",1,ipv4text)
I tried the below but not sure if it covers all the edge cases
datatable (ipv6:string)
[
'IPv6 test 198.192.0.127 2345:5:2CA1:0000:0000:567:5673:256/127 in a random string'
]
|extend Ipv6Address = extract(#"(([0-9a-fA-F]{1,4}\:){7,7}[0-9a-fA-F]{1,4})|([0-9a-fA-F]{1,4}\:){1,7}\:",1,ipv6)
Can any of you one provide a complete KQL(or suggestions/hints) to extract IPV6 address?
Thanks.
The regex patterns can be simplified.
Below are the "happy paths". If it's there it will be extracted.
Theoretically you might get false positives, although less unlikely with a real-life data.
If needed, we can add some protection layers.
datatable (ipv4text:string)
[
'This is a random text that has IP address 128.0.0.20 that has to be extracted'
]
| project pv4addr = extract(#"(\d{1,3}\.){3}\d{1,3}", 0, ipv4text)
pv4addr
128.0.0.20
Fiddle
IPV6 can become a mess (see https://en.wikipedia.org/wiki/IPv6_address#Representation).
I would go with finding a full IPV6 representation (8 xdigit tokens, separated by colon) or any expression built of xdigit/colon/period that contains 2 adjacent colons.
datatable (ipv6:string)
[
'IPv6 test 198.192.0.127 2345:5:2CA1:0000:0000:567:5673:256/127 in a random string'
,'IPv6 test 198.192.0.127 2345:5:2CA1::567:5673:256/127 in a random string'
,'IPv6 test 198.192.0.127 ::ffff:198.192.0.127 in a random string'
,'IPv6 test 198.192.0.127 ::1 in a random string'
,'IPv6 test 198.192.0.127 :: in a random string'
]
| project pv6addr = extract(#"([[:xdigit:]]{1,4}:){7}[[:xdigit:]]{1,4}|[[:xdigit:]:.]*::[[:xdigit:]:.]*", 0, ipv6)
pv6addr
2345:5:2CA1:0000:0000:567:5673:256
2345:5:2CA1::567:5673:256
::ffff:198.192.0.127
::1
::
Fiddle
I am getting an error when running the following code in python 3, I look all over but could not find a right way to do it. any help will be appreciated.
raise TypeError('unicode strings are not supported, please encode to bytes: {!r}'.format(seq))
TypeError: unicode strings are not supported, please encode to bytes: 'relay read 7\n\r'
I need to send the following string via serial port: relay read #of relay.
import sys
import serial
if (len(sys.argv) < 2):
print ("Usage: relayread.py <PORT> <RELAYNUM>\nEg: relayread.py COM1 0")
sys.exit(0)
else:
portName = sys.argv[1];
relayNum = sys.argv[2];
#Open port for communication
serPort = serial.Serial(portName, 19200, timeout=1)
if (int(relayNum) < 10):
relayIndex = str(relayNum)
else:
relayIndex = chr(55 + int(relayNum))
serPort.write("relay read "+ relayIndex + "\n\r")
response = serPort.read(25)
if(response.find("on") > 0):
print ("Relay " + str(relayNum) +" is ON")
elif(response.find("off") > 0):
print ("Relay " + str(relayNum) +" is OFF")
#Close the port
serPort.close()
Use the string's encode method to construct the corresponding byte sequence.
In this case all of the characters in the string are in the ASCII range so it doesn't really matter which encoding scheme you use. (Differences between encoding schemes generally only matter when you're dealing with non-ASCII characters, ones whose ord() value is greater than 127.) So in this case you don't even need to specify a particular encoding scheme, you can simply use the encode method with no argument and let Python apply the platform's default encoding.
To do that, change this:
serPort.write("relay read "+ relayIndex + "\n\r")
to this:
serPort.write(("relay read "+ relayIndex + "\n\r").encode())
You'll probably have to do the reverse operation to get a string from the byte sequence returned by serPort.read. Change this:
response = serPort.read(25)
to:
response = serPort.read(25).decode()
BTW, it's typical for line endings in transmitted data to be represented by a Carriage Return followed by a Line Feed, or "\r\n". In your serPort.write call you're using the reverse of that, "\n\r". That's unusual but if that's what your device needs then so be it.
According to what I have researched there are no illegal characters in the PWD= field of a SQL Server Connection String.
However, using SQL Server Express 2008 I changed the SA password to a GUID, specifically:
{85C86BD7-B15F-4C51-ADDA-3B6A50D89386}
So when connecting via ODBC I use this connection string:
"Driver={SQL Server};Server=.\\MyInstance;Database=Master;UID=SA;PWD={85C86BD7-B15F-4C51-ADDA-3B6A50D89386};"
But it comes back as Login failed for SA.
However, if I change the SA password to something just as long but without {}- it succeeds! Are there certain characters in PWD= that need to be escaped? I tried all different combinations with no luck.
As Microsoft's documentation states (emphasis added) --
Connection strings used by ODBC have the following syntax:
connection-string ::= empty-string[;] | attribute[;] | attribute; connection-string
empty-string ::=
attribute ::= attribute-keyword=[{]attribute-value[}]
attribute-value ::= character-string
attribute-keyword ::= identifier
Attribute values can optionally be enclosed in braces, and it is good practice to do so. This avoids problems when attribute values contain non-alphanumeric characters. The first closing brace in the value is assumed to terminate the value, so values cannot contain closing brace characters.
I would suggest you simply remove the braces when you set the password, and then the connect string you provided above should work fine.
ADDITION
I dug a bit further on Microsoft's site, and found some ABNF rules which may be relevant --
SC = %x3B ; Semicolon
LCB = %x7B ; Left curly brackets
RCB = %x7D ; Right curly brackets
EQ = %x3D ; Equal sign
ESCAPEDRCB = 2RCB ; Double right curly brackets
SpaceStr = *(SP) ; Any number (including 0) spaces
ODBCConnectionString = *(KeyValuePair SC) KeyValuePair [SC]
KeyValuePair = (Key EQ Value / SpaceStr)
Key = SpaceStr KeyName
KeyName = (nonSP-SC-EQ *nonEQ)
Value = (SpaceStr ValueFormat1 SpaceStr) / (ValueContent2)
ValueFormat1 = LCB ValueContent1 RCB
ValueContent1 = *(nonRCB / ESCAPEDRCB)
ValueContent2 = SpaceStr / SpaceStr (nonSP-LCB-SC) *nonSC
nonRCB = %x01-7C / %x7E- FFFF ; not "}"
nonSP-LCB-SC = %x01-1F / %x21-3A / %x3C-7A / %x7C- FFFF ; not space, "{" or ";"
nonSP-SC-EQ = %x01-1F / %x21-3A / %x3C / %x3E- FFFF ; not space, ";" or "="
nonEQ = %x01-3C / %x3E- FFFF ; not "="
nonSC = %x01-003A / %x3C- FFFF ; not ";"
...
ValueFormat1 is recommended to use when there is a need for Value to contain LCB, RCB, or EQ. ValueFormat1 MUST be used when the Value contains SC or starts with LCB.
ValueContent1 MUST be enclosed by LCB and RCB. Spaces before the enclosing LCB and after the enclosing RCB MUST be ignored.
ValueContent1 MUST be contained in ValueFormat1. If there is an RCB in the ValueContent1, it MUST use the two-character sequence ESCAPEDRCB to represent the one-character value RCB.
All of which comes down to... I believe the following connect string should work for you (note that there are 2 left/open braces and 3 right/close braces on the PWD value) --
"Driver={SQL Server};Server=.\\MyInstance;Database=Master;UID=SA;PWD={{85C86BD7-B15F-4C51-ADDA-3B6A50D89386}}};"
According to this page, the only legal "special character" in a name (I think they're talking about the DSN) is the UNDERSCORE:
The ODBC specification (and the SQL specification) states that names
must be in the format of " letter[digit | letter | _]...". The only
special character allowed is an underscore.
There was no reference to "the ODBC Specification". This page says it's the the ODBC 4.0 Spec.
I am using gawk 4.1.1 to parse Cisco IOS configuration files, comparing switch configs to the routers above them, to eventually pull out IP addresses. My problem is I need to skip a record (interface) if I have already processed the vlan before. The catch is I am processing multiple files from different sites, and each site has it's own vlans.
So I thought an array of arrays would work best, where array[pop] could be array[den01], array[nyc01], etc. Dynamically creating those index-arrays from the variable pop, pulled from a text file.
The data processing works fine, except that it produces duplicate vlan numbers at a given site. The "dbfile" contains every vlan seen on every switch, from every site, and some people have redundant links so their vlan shows up twice.
Below is a snippet of my code:
#!/bin/bash
for i in `cat dbfile` ]; do
# set lots of variables to pull into awk
awk -v i=$i -v name=$name -v intname=$intname -v cvupfile=$cvupfile -v pop=$pop -v cid=$cid -v custvlan=$custvlan 'BEGIN { RS="!"; FS=" "; array[pop][0] = "" }
{
if ( $1 ~ "interface" && $2 ~ "Vlan" )
{
# trim Vlan ID so only the actual vlan number remains
seenvlan=gensub(/^Vlan/, "", "g", $2)
if ( seenvlan == custvlan )
{
# this is where trouble starts. I never get this IF to be true
if ( custvlan in array[pop] )
{
print "Duplicate VLAN found!"
}
else
{
# vlan is unique, make index for it
array[pop][custvlan]=custvlan
# debug output
for ( i in array )
print "This is first element: " i
for ( j in array[i] )
print "This is second element: " array[i][j]
print "Here is value from array: " array[pop][custvlan]
exit
}
}
}
}
END {
}' $crt
done
Here is some sample output. It shows 3 records processed. The fact that "This is the second element" is printed twice seems like a clue, but I'm not sure what it means. I am making a bunch of null indexes under array[pop]?
This is first element: den01
This is second element:
This is second element: 235
Here is value from array: 235
This is first element: den01
This is second element:
This is second element: 279
Here is value from array: 279
This is first element: den01
This is second element:
This is second element: 131
Here is value from array: 131
i am writing a code to search tcp payload of every packet in a libpcap file, to search for a string.
so what i am trying to do is,
pcap_handle_in = pcap_open_offline(infile, pcap_errbuf);
.
.
.
while (pcap_next_ex(pcap_handle_in, &pcap_header, &pcap_packet) > 0) {
.
.
if (memmem(packet, len, search, strlen(search))) {
found++;
}
it is working fine, but it will print also those packets , containing this string as a sub-string.
i want to eliminate this sub-string packets. but coudn figure out how.
suggestions pls..