aljaz/cowrie
1
0
Fork 0
mirror of https://github.com/aljazceru/cowrie.git synced 2025-12-17 22:14:19 +01:00
Code Issues Packages Projects Releases Wiki Activity

Reimplement running commands in a bit more sane way - should allow for easier

Browse Source 
interactive commands (eg. passwd).

Fix history (uparrow)



git-svn-id: https://kippo.googlecode.com/svn/trunk@20 951d7100-d841-11de-b865-b3884708a8e2
This commit is contained in:
desaster
2009-11-17 21:49:37 +00:00
parent 29569cb639
commit 12f83ccb6f
3 changed files with 99 additions and 98 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
commands/base.py
View File

@@ -99,7 +99,7 @@ class command_quit(HoneyPotCommand):
def call(self, args):
self.honeypot.terminal.reset()
self.honeypot.writeln('Connection to server closed.')
self.honeypot.prompt = 'localhost:%(path)s# '
self.honeypot.hostname = 'localhost'
class command_clear(HoneyPotCommand):
def call(self, args):
@@ -140,23 +140,25 @@ class command_pwd(HoneyPotCommand):
self.honeypot.writeln(self.honeypot.cwd)
class command_passwd(HoneyPotCommand):
def call(self, args):
def start(self):
self.honeypot.terminal.write('Enter new UNIX password: ')
self.callback = callback_passwd1
self.honeypot.password_input = True
self.callbacks = [self.ask_again, self.finish]
class callback_passwd1(HoneyPotCommand):
def call(self, args):
def ask_again(self):
self.honeypot.terminal.write('Retype new UNIX password: ')
self.callback = callback_passwd2
class callback_passwd2(HoneyPotCommand):
def call(self, args):
def finish(self):
self.honeypot.password_input = False
self.honeypot.writeln('Sorry, passwords do not match')
self.honeypot.writeln(
'passwd: Authentication information cannot be recovered')
self.honeypot.writeln('passwd: password unchanged')
self.exit()
def lineReceived(self, line):
print 'passwd input:', line
self.callbacks.pop(0)()
class command_nop(HoneyPotCommand):
def call(self, args):

45
commands/ssh.py
View File

@@ -1,8 +1,8 @@
from core.Kippo import HoneyPotCommand
class command_ssh(HoneyPotCommand):
def call(self, args):
if not len(args.strip()):
def start(self):
if not len(self.args.strip()):
for l in (
'usage: ssh [-1246AaCfgKkMNnqsTtVvXxY] [-b bind_address] [-c cipher_spec]',
' [-D [bind_address:]port] [-e escape_char] [-F configfile]',
@@ -12,33 +12,34 @@ class command_ssh(HoneyPotCommand):
' [-w local_tun[:remote_tun]] [user@]hostname [command]',
):
self.honeypot.writeln(l)
self.exit()
return
self.honeypot.writeln('The authenticity of host \'127.0.0.4 (127.0.0.4)\' can\'t be established.')
self.honeypot.writeln('RSA key fingerprint is 9c:30:97:8e:9e:f8:0d:de:04:8d:76:3a:7b:4b:30:f8.')
self.host = self.args.strip()
self.honeypot.writeln('The authenticity of host \'187.42.2.9 (187.42.2.9)\' can\'t be established.')
self.honeypot.writeln('RSA key fingerprint is 9d:30:97:8a:9e:48:0d:de:04:8d:76:3a:7b:4b:30:f8.')
self.honeypot.terminal.write('Are you sure you want to continue connecting (yes/no)? ')
self.callback = (callback_connect, args)
self.callbacks = [self.yesno, self.finish]
class callback_connect(HoneyPotCommand):
def call(self, line, args):
def yesno(self, args):
host = args.strip()
self.honeypot.writeln(
'Warning: Permanently added \'%s\' (RSA) to the list of known hosts.' % \
host)
self.honeypot.terminal.write('%s\'s password: ' % args)
self.honeypot.terminal.write('%s\'s password: ' % self.host)
self.honeypot.password_input = True
self.callback = (callback_done, args)
class callback_done(HoneyPotCommand):
def call(self, line, args):
user = 'root'
if args.count('@'):
user, rest = args.split('@', 1)
else:
rest = args
host = rest.strip().split('.')
if len(host) and host[0].isalpha():
host = host[0]
else:
host = 'localhost'
def finish(self, args):
user, rest, host = 'root', self.host, 'localhost'
if self.host.count('@'):
user, rest = self.host.split('@', 1)
rest = rest.strip().split('.')
if len(rest) and rest[0].isalpha():
host = rest[0]
self.honeypot.hostname = host
self.honeypot.password_input = False
self.honeypot.prompt = '%s:%%(path)s# ' % host
self.exit()
def lineReceived(self, line):
print 'ssh input:', line
self.callbacks.pop(0)(line)

130
core/Kippo.py
View File

@@ -14,39 +14,83 @@ from core import ttylog
from core.fstypes import *
import config
class HoneyPotCommand(object):
def __init__(self, honeypot, args):
self.honeypot = honeypot
self.args = args
def start(self):
self.call(self.args)
self.exit()
def call(self, *args):
self.honeypot.writeln('Hello World! [%s]' % repr(args))
def exit(self):
self.honeypot.cmdstack.pop()
self.honeypot.cmdstack[-1].resume()
def lineReceived(self, line):
print 'Unhandled input: %s' % line
def resume(self):
pass
class HoneyPotShell(object):
def __init__(self, honeypot):
self.honeypot = honeypot
self.showPrompt()
def lineReceived(self, line):
cmdAndArgs = line.split(' ', 1)
if len(cmdAndArgs) > 1:
cmd, args = cmdAndArgs
else:
cmd, args = cmdAndArgs[0], ''
cmdclass = self.honeypot.getCommand(cmd)
if cmdclass:
obj = cmdclass(self.honeypot, args)
self.honeypot.cmdstack.append(obj)
obj.start()
else:
self.honeypot.writeln('bash: %s: command not found' % cmd)
self.showPrompt()
def resume(self):
self.showPrompt()
def showPrompt(self):
prompt = '%s:%%(path)s# ' % self.honeypot.hostname
path = self.honeypot.cwd
if path == '/root':
path = '~'
attrs = {'path': path}
self.honeypot.terminal.write(prompt % attrs)
class HoneyPotProtocol(recvline.HistoricRecvLine):
def __init__(self, user, env):
self.user = user
self.env = env
self.cwd = '/root'
self.hostname = config.fake_hostname
self.fs = HoneyPotFilesystem(deepcopy(self.env.fs))
self.prompt = '%s:%%(path)s# ' % config.fake_hostname
self.next_callback = None
self.password_input = False
self.cmdstack = []
def connectionMade(self):
recvline.HistoricRecvLine.connectionMade(self)
self.showPrompt()
self.cmdstack = [HoneyPotShell(self)]
# Overriding to prevent terminal.reset()
def initializeScreen(self):
self.setInsertMode()
def showPrompt(self):
path = self.cwd
if path == '/root':
path = '~'
attrs = {
'path': path,
}
self.terminal.write(self.prompt % attrs)
def getCommand(self, cmd, args):
def getCommand(self, cmd):
if not len(cmd.strip()):
return None
path = None
if cmd in self.env.commands:
return self.env.commands[cmd](self)
return self.env.commands[cmd]
if cmd[0] in ('.', '/'):
path = self.fs.resolve_path(cmd, self.cwd)
if not self.fs.exists(path):
@@ -58,53 +102,15 @@ class HoneyPotProtocol(recvline.HistoricRecvLine):
path = i
break
if path in self.env.commands:
return self.env.commands[path](self)
return self.env.commands[path]
return None
def lineReceived(self, line):
line = line.strip()
if line:
# Hack to allow password prompts, etc
if self.next_callback:
print 'INPUT: %s' % line
cmd = self.next_callback
args = None
if type(()) == type(cmd):
cmd, args = cmd
obj = cmd(self)
try:
if args:
obj.call(line, args)
else:
obj.call(line)
self.next_callback = obj.callback
del obj
except Exception, e:
print e
self.writeln("Segmentation fault")
else:
print 'CMD: %s' % line
cmdAndArgs = line.split(' ', 1)
cmd = cmdAndArgs[0]
args = ''
if len(cmdAndArgs) > 1:
args = cmdAndArgs[1]
obj = self.getCommand(cmd, args)
if obj:
try:
obj.call(args)
self.next_callback = obj.callback
del obj
except Exception, e:
print e
self.writeln("Segmentation fault")
else:
self.writeln('bash: %s: command not found' % cmd)
if not self.next_callback:
self.showPrompt()
if len(self.cmdstack):
self.cmdstack[-1].lineReceived(line)
def keystrokeReceived(self, keyID, modifier):
if type(keyID) == type(''):
ttylog.ttylog_write(self.terminal.ttylog_file, len(keyID),
ttylog.DIR_READ, time.time(), keyID)
recvline.HistoricRecvLine.keystrokeReceived(self, keyID, modifier)
@@ -123,14 +129,6 @@ class HoneyPotProtocol(recvline.HistoricRecvLine):
self.terminal.write(data)
self.terminal.nextLine()
class HoneyPotCommand(object):
def __init__(self, honeypot):
self.honeypot = honeypot
self.callback = None
def call(self, *args):
self.honeypot.writeln('Hello World!')
class LoggingServerProtocol(insults.ServerProtocol):
def connectionMade(self):
self.ttylog_file = './log/tty/%s-%s.log' % \