From d0a2b836e64850367637fa8f5d24a8e18d55862f Mon Sep 17 00:00:00 2001 From: Max Duijsens Date: Sun, 30 Aug 2015 15:49:21 +0200 Subject: [PATCH] Add SSL Support --- cowrie/commands/curl.py | 21 +++++++++++++-------- cowrie/commands/wget.py | 21 +++++++++++++-------- 2 files changed, 26 insertions(+), 16 deletions(-) diff --git a/cowrie/commands/curl.py b/cowrie/commands/curl.py index cfa4420..d958d2c 100644 --- a/cowrie/commands/curl.py +++ b/cowrie/commands/curl.py @@ -12,9 +12,11 @@ import getopt import hashlib from twisted.web import client -from twisted.internet import reactor +from twisted.internet import reactor, ssl from twisted.python import log +from OpenSSL import SSL + from cowrie.core.honeypot import HoneyPotCommand from cowrie.core.fs import * @@ -112,11 +114,7 @@ class command_curl(HoneyPotCommand): host = parsed.hostname port = parsed.port or (443 if scheme == 'https' else 80) path = parsed.path or '/' - if scheme == 'https': - self.writeln('Sorry, SSL not supported in this release') - self.exit() - return None - elif scheme != 'http': + if scheme != 'http' and scheme != 'https': raise exceptions.NotImplementedError except: self.writeln('%s: Unsupported scheme.' % (url,)) @@ -132,8 +130,15 @@ class command_curl(HoneyPotCommand): out_addr = None if self.honeypot.env.cfg.has_option('honeypot', 'out_addr'): out_addr = (self.honeypot.env.cfg.get('honeypot', 'out_addr'), 0) - self.connection = reactor.connectTCP( - host, port, factory, bindAddress=out_addr) + + if scheme == 'https': + contextFactory = ssl.ClientContextFactory() + contextFactory.method = SSL.SSLv23_METHOD + reactor.connectSSL(host, port, factory, contextFactory) + else: #can only be http + self.connection = reactor.connectTCP( + host, port, factory, bindAddress=out_addr) + return factory.deferred def handle_CTRL_C(self): diff --git a/cowrie/commands/wget.py b/cowrie/commands/wget.py index 8b90bf3..1bd23dc 100644 --- a/cowrie/commands/wget.py +++ b/cowrie/commands/wget.py @@ -10,9 +10,11 @@ import getopt import hashlib from twisted.web import client -from twisted.internet import reactor +from twisted.internet import reactor, ssl from twisted.python import log +from OpenSSL import SSL + from cowrie.core.honeypot import HoneyPotCommand from cowrie.core.fs import * @@ -112,11 +114,7 @@ class command_wget(HoneyPotCommand): host = parsed.hostname port = parsed.port or (443 if scheme == 'https' else 80) path = parsed.path or '/' - if scheme == 'https': - self.writeln('Sorry, SSL not supported in this release') - self.exit() - return None - elif scheme != 'http': + if scheme != 'http' and scheme != 'https': raise exceptions.NotImplementedError except: self.writeln('%s: Unsupported scheme.' % (url,)) @@ -132,8 +130,15 @@ class command_wget(HoneyPotCommand): out_addr = None if self.honeypot.env.cfg.has_option('honeypot', 'out_addr'): out_addr = (self.honeypot.env.cfg.get('honeypot', 'out_addr'), 0) - self.connection = reactor.connectTCP( - host, port, factory, bindAddress=out_addr) + + if scheme == 'https': + contextFactory = ssl.ClientContextFactory() + contextFactory.method = SSL.SSLv23_METHOD + reactor.connectSSL(host, port, factory, contextFactory) + else: #can only be http, since we raised an error above for unknown schemes + self.connection = reactor.connectTCP( + host, port, factory, bindAddress=out_addr) + return factory.deferred def handle_CTRL_C(self):