aljaz/cowrie
1
0
Fork 0
mirror of https://github.com/aljazceru/cowrie.git synced 2025-12-17 14:04:28 +01:00
Code Issues Packages Projects Releases Wiki Activity

Changes to the MySQL schema to be more like jfbethlehem's SQLite schema.

Browse Source 
An update2.sql is provided that might update the schema without data loss,
however if you value your data, it's a good idea to create a backup first.



git-svn-id: https://kippo.googlecode.com/svn/trunk@127 951d7100-d841-11de-b865-b3884708a8e2
This commit is contained in:
desaster
2010-06-17 17:11:22 +00:00
parent bd23dd9fd4
commit 7cb8e06949
3 changed files with 86 additions and 43 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
doc/sql/mysql.sql
View File

@@ -8,7 +8,6 @@ CREATE TABLE IF NOT EXISTS `auth` (
PRIMARY KEY (`id`) PRIMARY KEY (`id`)
) ; ) ;
CREATE TABLE IF NOT EXISTS `input` ( CREATE TABLE IF NOT EXISTS `input` (
`id` int(11) NOT NULL auto_increment, `id` int(11) NOT NULL auto_increment,
`session` int(11) NOT NULL, `session` int(11) NOT NULL,
@@ -20,14 +19,25 @@ CREATE TABLE IF NOT EXISTS `input` (
KEY `session` (`session`,`timestamp`,`realm`) KEY `session` (`session`,`timestamp`,`realm`)
) ; ) ;
CREATE TABLE IF NOT EXISTS `sensors` (
`id` int(11) NOT NULL auto_increment,
`ip` varchar(15) NOT NULL,
PRIMARY KEY (`id`)
) ;
CREATE TABLE IF NOT EXISTS `session` ( CREATE TABLE IF NOT EXISTS `sessions` (
`id` int(11) NOT NULL auto_increment, `id` int(11) NOT NULL auto_increment,
`starttime` datetime NOT NULL, `starttime` datetime NOT NULL,
`endtime` datetime default NULL, `endtime` datetime default NULL,
`sensor` varchar(50) NOT NULL, `sensor` int(4) NOT NULL,
`ip` varchar(15) NOT NULL default '', `ip` varchar(15) NOT NULL default '',
`ttylog` mediumblob,
PRIMARY KEY (`id`), PRIMARY KEY (`id`),
KEY `starttime` (`starttime`,`sensor`) KEY `starttime` (`starttime`,`sensor`)
) ; ) ;
CREATE TABLE IF NOT EXISTS `ttylog` (
`id` int(11) NOT NULL auto_increment,
`session` int(11) NOT NULL,
`ttylog` mediumblob NOT NULL,
PRIMARY KEY (`id`)
) ;

30
doc/sql/update2.sql Normal file
View File

@@ -0,0 +1,30 @@
--
-- WARNING: Existing data may be lost & messed up
--
ALTER TABLE `session` RENAME `sessions` ;
CREATE TABLE IF NOT EXISTS `sensors` (
`id` int(11) NOT NULL auto_increment,
`ip` varchar(15) NOT NULL,
PRIMARY KEY (`id`)
) ;
INSERT INTO `sensors` (`ip`) (SELECT DISTINCT `sensor` FROM `sessions`) ;
UPDATE `sessions` SET `sensor` =
(SELECT `id` FROM `sensors` WHERE `sensors`.`ip` = `sessions`.`sensor`) ;
ALTER TABLE `sessions` CHANGE `sensor` `sensor` INT( 4 ) NOT NULL ;
CREATE TABLE IF NOT EXISTS `ttylog` (
`id` int(11) NOT NULL auto_increment,
`session` int(11) NOT NULL,
`ttylog` mediumblob NOT NULL,
PRIMARY KEY (`id`)
) ;
INSERT INTO `ttylog` (`session`, `ttylog`)
(SELECT `id`, `ttylog` FROM `sessions` WHERE LENGTH(`ttylog`) > 0) ;
ALTER TABLE `sessions` DROP `ttylog` ;

81
kippo/dblog/mysql.py
View File

@@ -10,68 +10,71 @@ class DBLogger(dblog.DBLogger):
passwd = cfg.get('database', 'password'), passwd = cfg.get('database', 'password'),
reconnect = True) reconnect = True)
def query(self, sql, params = None): def query(self, sql, params):
cursor = self.db.cursor() cursor = self.db.cursor()
try: try:
if params is None: cursor.execute(sql, params)
cursor.execute(sql)
else:
cursor.execute(sql, params)
return cursor return cursor
except MySQLdb.MySQLError: except MySQLdb.MySQLError, e:
print 'MySQL error:', e
return None return None
def createSession(self, peerIP, peerPort, hostIP, hostPort): def createSession(self, peerIP, peerPort, hostIP, hostPort):
sql = 'INSERT INTO `session` (`starttime`, `sensor`, `ip`)' + \ sensorid = self.getSensorID(self.getSensor() or hostIP)
' VALUES (FROM_UNIXTIME(%s), %s, %s)' cursor = self.query(
params = (self.nowUnix(), self.getSensor() or hostIP, peerIP) 'INSERT INTO `sessions` (`starttime`, `sensor`, `ip`)' + \
cursor = self.query(sql, params) ' VALUES (FROM_UNIXTIME(%s), %s, %s)',
if cursor is not None: (self.nowUnix(), sensorid, peerIP))
return int(cursor.lastrowid) if not cursor:
else:
return None return None
return int(cursor.lastrowid)
def getSensorID(self, ip):
cursor = self.query(
'SELECT `id` FROM `sensors` WHERE `ip` = %s', (ip,))
if cursor.rowcount:
return cursor.fetchone()[0]
cursor = self.query(
'INSERT INTO `sensors` (`ip`) VALUES (%s)', (ip,))
return cursor.lastrowid
def handleConnectionLost(self, session, args): def handleConnectionLost(self, session, args):
sql = 'UPDATE `session` SET `endtime` = FROM_UNIXTIME(%s)' + \ self.query(
', `ttylog` = %s WHERE `id` = %s' 'INSERT INTO `ttylog` (`session`, `ttylog`) VALUES (%s, %s)',
params = (self.nowUnix(), self.ttylog(session), session) (session, self.ttylog(session)))
self.query(sql, params) self.query('UPDATE `sessions` SET `endtime` = FROM_UNIXTIME(%s)' + \
' WHERE `id` = %s',
(self.nowUnix(), session))
def handleLoginFailed(self, session, args): def handleLoginFailed(self, session, args):
sql = 'INSERT INTO `auth` (`session`, `success`' + \ self.query('INSERT INTO `auth` (`session`, `success`' + \
', `username`, `password`, `timestamp`)' + \ ', `username`, `password`, `timestamp`)' + \
' VALUES (%s, %s, %s, %s, FROM_UNIXTIME(%s))' ' VALUES (%s, %s, %s, %s, FROM_UNIXTIME(%s))',
params = (session, 0, args['username'], args['password'], (session, 0, args['username'], args['password'], self.nowUnix()))
self.nowUnix())
self.query(sql, params)
def handleLoginSucceeded(self, session, args): def handleLoginSucceeded(self, session, args):
sql = 'INSERT INTO `auth` (`session`, `success`' + \ self.query('INSERT INTO `auth` (`session`, `success`' + \
', `username`, `password`, `timestamp`)' + \ ', `username`, `password`, `timestamp`)' + \
' VALUES (%s, %s, %s, %s, FROM_UNIXTIME(%s))' ' VALUES (%s, %s, %s, %s, FROM_UNIXTIME(%s))',
params = (session, 1, args['username'], args['password'], (session, 1, args['username'], args['password'], self.nowUnix()))
self.nowUnix())
self.query(sql, params)
def handleCommand(self, session, args): def handleCommand(self, session, args):
sql = 'INSERT INTO `input`' + \ self.query('INSERT INTO `input`' + \
' (`session`, `timestamp`, `success`, `input`)' + \ ' (`session`, `timestamp`, `success`, `input`)' + \
' VALUES (%s, FROM_UNIXTIME(%s), %s, %s)' ' VALUES (%s, FROM_UNIXTIME(%s), %s, %s)',
params = (session, self.nowUnix(), 1, args['input']) (session, self.nowUnix(), 1, args['input']))
self.query(sql, params)
def handleUnknownCommand(self, session, args): def handleUnknownCommand(self, session, args):
sql = 'INSERT INTO `input`' + \ self.query('INSERT INTO `input`' + \
' (`session`, `timestamp`, `success`, `input`)' + \ ' (`session`, `timestamp`, `success`, `input`)' + \
' VALUES (%s, FROM_UNIXTIME(%s), %s, %s)' ' VALUES (%s, FROM_UNIXTIME(%s), %s, %s)',
params = (session, self.nowUnix(), 0, args['input']) (session, self.nowUnix(), 0, args['input']))
self.query(sql, params)
def handleInput(self, session, args): def handleInput(self, session, args):
sql = 'INSERT INTO `input`' + \ self.query('INSERT INTO `input`' + \
' (`session`, `timestamp`, `realm`, `input`)' + \ ' (`session`, `timestamp`, `realm`, `input`)' + \
' VALUES (%s, FROM_UNIXTIME(%s), %s, %s)' ' VALUES (%s, FROM_UNIXTIME(%s), %s, %s)',
params = (session, self.nowUnix(), args['realm'], args['input']) (session, self.nowUnix(), args['realm'], args['input']))
self.query(sql, params)
# vim: set sw=4 et: # vim: set sw=4 et: