mirror of
https://github.com/aljazceru/cowrie.git
synced 2025-12-17 22:14:19 +01:00
Log SSH fingerprints
This commit is contained in:
g0tmi1k
@@ -160,8 +160,10 @@ class LoggingServerProtocol(insults.ServerProtocol):
|
||||
|
||||
if self.ttylog_open:
|
||||
size = self.ttylog_size[self.ttylog_file]
|
||||
log.msg(eventid='COW0012', format='Closing TTY Log: %(ttylog)s',
|
||||
ttylog=self.ttylog_file, size=size)
|
||||
log.msg(eventid='COW0012',
|
||||
format='Closing TTY Log: %(ttylog)s',
|
||||
ttylog=self.ttylog_file,
|
||||
size=size)
|
||||
ttylog.ttylog_close(self.ttylog_file, time.time())
|
||||
self.ttylog_open = False
|
||||
|
||||
|
||||
@@ -190,4 +190,8 @@ class Output(cowrie.core.output.Output):
|
||||
'INSERT INTO `ttylog` (`session`, `ttylog`, `size`) VALUES (%s, %s, %s)',
|
||||
(entry["session"], entry["ttylog"], entry["size"]))
|
||||
|
||||
elif entry["eventid"] == 'COW0016':
|
||||
self.simpleQuery(
|
||||
'INSERT INTO `keyfingerprints` (`session`, `username`, `fingerprint`) VALUES (%s, %s, %s)',
|
||||
(entry["session"], entry["username"], entry["fingerprint"]))
|
||||
# vim: set sw=4 et:
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
CREATE TABLE `auth` (
|
||||
CREATE TABLE IF NOT EXISTS `auth` (
|
||||
`id` int(11) NOT NULL auto_increment,
|
||||
`session` char(32) NOT NULL,
|
||||
`success` tinyint(1) NOT NULL,
|
||||
@@ -8,13 +8,13 @@ CREATE TABLE `auth` (
|
||||
PRIMARY KEY (`id`)
|
||||
) ;
|
||||
|
||||
CREATE TABLE `clients` (
|
||||
CREATE TABLE IF NOT EXISTS `clients` (
|
||||
`id` int(4) NOT NULL auto_increment,
|
||||
`version` varchar(50) NOT NULL,
|
||||
PRIMARY KEY (`id`)
|
||||
) ;
|
||||
|
||||
CREATE TABLE `input` (
|
||||
CREATE TABLE IF NOT EXISTS `input` (
|
||||
`id` int(11) NOT NULL auto_increment,
|
||||
`session` char(32) NOT NULL,
|
||||
`timestamp` datetime NOT NULL,
|
||||
@@ -25,13 +25,13 @@ CREATE TABLE `input` (
|
||||
KEY `session` (`session`,`timestamp`,`realm`)
|
||||
) ;
|
||||
|
||||
CREATE TABLE `sensors` (
|
||||
CREATE TABLE IF NOT EXISTS `sensors` (
|
||||
`id` int(11) NOT NULL auto_increment,
|
||||
`ip` varchar(15) NOT NULL,
|
||||
PRIMARY KEY (`id`)
|
||||
) ;
|
||||
|
||||
CREATE TABLE `sessions` (
|
||||
CREATE TABLE IF NOT EXISTS `sessions` (
|
||||
`id` char(32) NOT NULL,
|
||||
`starttime` datetime NOT NULL,
|
||||
`endtime` datetime default NULL,
|
||||
@@ -43,7 +43,7 @@ CREATE TABLE `sessions` (
|
||||
KEY `starttime` (`starttime`,`sensor`)
|
||||
) ;
|
||||
|
||||
CREATE TABLE `ttylog` (
|
||||
CREATE TABLE IF NOT EXISTS `ttylog` (
|
||||
`id` int(11) NOT NULL auto_increment,
|
||||
`session` char(32) NOT NULL,
|
||||
`ttylog` varchar(100) NOT NULL,
|
||||
@@ -51,7 +51,7 @@ CREATE TABLE `ttylog` (
|
||||
PRIMARY KEY (`id`)
|
||||
) ;
|
||||
|
||||
CREATE TABLE `downloads` (
|
||||
CREATE TABLE IF NOT EXISTS `downloads` (
|
||||
`id` int(11) NOT NULL auto_increment,
|
||||
`session` CHAR( 32 ) NOT NULL,
|
||||
`timestamp` datetime NOT NULL,
|
||||
@@ -61,3 +61,11 @@ CREATE TABLE `downloads` (
|
||||
PRIMARY KEY (`id`),
|
||||
KEY `session` (`session`,`timestamp`)
|
||||
) ;
|
||||
|
||||
CREATE TABLE IF NOT EXISTS `keyfingerprints` (
|
||||
`id` int(11) NOT NULL auto_increment,
|
||||
`session` CHAR( 32 ) NOT NULL,
|
||||
`username` varchar(100) NOT NULL,
|
||||
`fingerprint` varchar(100) NOT NULL,
|
||||
PRIMARY KEY (`id`)
|
||||
) ;
|
||||
|
||||
7
doc/sql/update10.sql
Normal file
7
doc/sql/update10.sql
Normal file
@@ -0,0 +1,7 @@
|
||||
CREATE TABLE `keyfingerprints` (
|
||||
`id` int(11) NOT NULL auto_increment,
|
||||
`session` CHAR( 32 ) NOT NULL,
|
||||
`username` varchar(100) NOT NULL,
|
||||
`fingerprint` varchar(100) NOT NULL,
|
||||
PRIMARY KEY (`id`),
|
||||
) ;
|
||||
Reference in New Issue
Block a user