Update the uptime command to display real uptime of the honeypot, and zero

load. This closes issue #47 Also added a small change to ps output. git-svn-id: https://kippo.googlecode.com/svn/trunk@217 951d7100-d841-11de-b865-b3884708a8e2
2025-12-17 14:04:28 +01:00 · 2012-04-08 16:41:34 +00:00
parent ace3015574
commit 0eaf51c48e
3 changed files with 48 additions and 6 deletions
--- a/kippo/commands/base.py
+++ b/kippo/commands/base.py
@@ -6,6 +6,7 @@ from kippo.core.honeypot import HoneyPotCommand
 from twisted.internet import reactor
 from kippo.core.config import config
 from kippo.core.userdb import UserDB
+from kippo.core import utils

 commands = {}

@@ -16,14 +17,17 @@ commands['/usr/bin/whoami'] = command_whoami

 class command_uptime(HoneyPotCommand):
    def call(self):
-        self.writeln(' %s up 14 days,  3:53,  0 users,  load average: 0.08, 0.02, 0.01' % \
-            time.strftime('%H:%M:%S'))
+        if len(self.args):
+            secs = int(self.args[0])
+            self.honeypot.uptime(time.time() - secs)
+        self.writeln(' %s up %s,  1 user,  load average: 0.00, 0.00, 0.00' % \
+            (time.strftime('%H:%M:%S'), utils.uptime(self.honeypot.uptime())))
 commands['/usr/bin/uptime'] = command_uptime

 class command_w(HoneyPotCommand):
    def call(self):
-        self.writeln(' %s up 14 days,  3:53,  1 user,  load average: 0.08, 0.02, 0.01' % \
-            time.strftime('%H:%M:%S'))
+        self.writeln(' %s up %s,  1 user,  load average: 0.00, 0.00, 0.00' % \
+            (time.strftime('%H:%M:%S'), utils.uptime(self.honeypot.uptime())))
        self.writeln('USER     TTY      FROM              LOGIN@   IDLE   JCPU   PCPU WHAT')
        self.writeln('%-8s pts/0    %s %s    0.00s  0.00s  0.00s w' % \
            (self.honeypot.user.username,
@@ -116,7 +120,7 @@ class command_ps(HoneyPotCommand):
            ('root      ', '2110', '  0.0', '  0.0', '   1764', '   504', ' tty5     ', 'Ss+  ', 'Nov06', '   0:00 ', '/sbin/getty 38400 tty5',),
            ('root      ', '2112', '  0.0', '  0.0', '   1764', '   508', ' tty6     ', 'Ss+  ', 'Nov06', '   0:00 ', '/sbin/getty 38400 tty6',),
            ('root      ', '2133', '  0.0', '  0.1', '   2180', '   620', ' ?        ', 'S<s  ', 'Nov06', '   0:00 ', 'dhclient3 -pf /var/run/dhclient.eth0.pid -lf /var/lib/dhcp3/dhclien',),
-            ('root      ', '4969', '  0.0', '  0.1', '   5416', '  1024', ' ?        ', 'Ss   ', 'Nov08', '   0:00 ', '/usr/sbin/sshd',),
+            ('root      ', '4969', '  0.0', '  0.1', '   5416', '  1024', ' ?        ', 'Ss   ', 'Nov08', '   0:00 ', '/usr/sbin/sshd: %s@pts/0' % user,),
            ('%s'.ljust(8) % user, '5673', '  0.0', '  0.2', '   2924', '  1540', ' pts/0    ', 'Ss   ', '04:30', '   0:00 ', '-bash',),
            ('%s'.ljust(8) % user, '5679', '  0.0', '  0.1', '   2432', '   928', ' pts/0    ', 'R+   ', '04:32', '   0:00 ', 'ps %s' % ' '.join(self.args),)
            )
@@ -243,6 +247,7 @@ class command_reboot(HoneyPotCommand):
        self.writeln('Connection to server closed.')
        self.honeypot.hostname = 'localhost'
        self.honeypot.cwd = '/root'
+        self.honeypot.uptime(time.time())
        self.exit()
 commands['/sbin/reboot'] = command_reboot

--- a/kippo/core/honeypot.py
+++ b/kippo/core/honeypot.py
@@ -390,6 +390,13 @@ class HoneyPotProtocol(recvline.HistoricRecvLine):
        transport = self.terminal.transport.session.conn.transport
        transport.interactors.remove(interactor)

+    def uptime(self, reset = None):
+        transport = self.terminal.transport.session.conn.transport
+        r = time.time() - transport.factory.starttime
+        if reset:
+            transport.factory.starttime = reset
+        return r
+
 class LoggingServerProtocol(insults.ServerProtocol):
    def connectionMade(self):
        transport = self.transport.session.conn.transport
@@ -420,7 +427,6 @@ class LoggingServerProtocol(insults.ServerProtocol):
        insults.ServerProtocol.connectionLost(self, reason)

 class HoneyPotSSHSession(session.SSHSession):
-
    def request_env(self, data):
        print 'request_env: %s' % (repr(data))

@@ -574,6 +580,9 @@ class HoneyPotSSHFactory(factory.SSHFactory):
        # protocol^Wwhatever instances are kept here for the interact feature
        self.sessions = {}

+        # for use by the uptime command
+        self.starttime = time.time()
+
        # convert old pass.db root passwords
        passdb_file = '%s/pass.db' % (cfg.get('honeypot', 'data_path'),)
        if os.path.exists(passdb_file):
--- a/kippo/core/utils.py
+++ b/kippo/core/utils.py
@@ -53,4 +53,32 @@ def tail(the_file, lines_2find=20):
    #we read at least 21 line breaks from the bottom, block by block for speed
    #21 to ensure we don't get a half line
 
+# Gives a human-readable uptime string
+# Thanks to http://thesmithfam.org/blog/2005/11/19/python-uptime-script/
+# (modified to look like the real uptime command)
+def uptime(total_seconds):
+     total_seconds = float(total_seconds)
+ 
+     # Helper vars:
+     MINUTE  = 60
+     HOUR    = MINUTE * 60
+     DAY     = HOUR * 24
+ 
+     # Get the days, hours, etc:
+     days    = int(total_seconds / DAY)
+     hours   = int((total_seconds % DAY) / HOUR)
+     minutes = int((total_seconds % HOUR) / MINUTE)
+ 
+     # 14 days,  3:53
+     # 11 min
+
+     s = ''
+     if days > 0:
+         s += str(days) + " " + (days == 1 and "day" or "days" ) + ", "
+     if len(s) > 0 or hours > 0:
+         s += '%s:%s' % (str(hours).rjust(2), str(minutes).rjust(2, '0'))
+     else:
+         s += '%s min' % (str(minutes))
+     return s
+
 # vim: set sw=4 et: