From 3b3f1300b904919288c51c9ad3dde381751b6790 Mon Sep 17 00:00:00 2001 From: Michel Oosterhof Date: Sun, 9 Nov 2014 16:05:34 +0400 Subject: [PATCH 1/5] add sleep command --- txtcmds/bin/sleep | 0 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 txtcmds/bin/sleep diff --git a/txtcmds/bin/sleep b/txtcmds/bin/sleep new file mode 100644 index 0000000..e69de29 From 4cfa58e73d84edfa1af2fc695f3aa7ff1f535212 Mon Sep 17 00:00:00 2001 From: Michel Oosterhof Date: Sun, 9 Nov 2014 16:26:09 +0400 Subject: [PATCH 2/5] support additional emacs ctrl keys (c-a, c-b, c-f, c-p, c-n, c-e) --- kippo/core/protocol.py | 28 ++++++++++++++++++++-------- 1 file changed, 20 insertions(+), 8 deletions(-) diff --git a/kippo/core/protocol.py b/kippo/core/protocol.py index 0eab281..8c682ce 100644 --- a/kippo/core/protocol.py +++ b/kippo/core/protocol.py @@ -167,10 +167,17 @@ class HoneyPotInteractiveProtocol(HoneyPotBaseProtocol, recvline.HistoricRecvLin transport.factory.sessions[transport.transport.sessionno] = self self.keyHandlers.update({ - '\x04': self.handle_CTRL_D, - '\x15': self.handle_CTRL_U, - '\x03': self.handle_CTRL_C, + '\x01': self.handle_HOME, # CTRL-A + '\x02': self.handle_LEFT, # CTRL-B + '\x03': self.handle_CTRL_C, # CTRL-C + '\x04': self.handle_CTRL_D, # CTRL-D + '\x05': self.handle_END, # CTRL-E + '\x06': self.handle_RIGHT, # CTRL-F '\x09': self.handle_TAB, + '\x0B': self.handle_CTRL_K, # CTRL-K + '\x0E': self.handle_DOWN, # CTRL-N + '\x10': self.handle_UP, # CTRL-P + '\x15': self.handle_CTRL_U, # CTRL-U }) # this doesn't seem to be called upon disconnect, so please use @@ -207,6 +214,16 @@ class HoneyPotInteractiveProtocol(HoneyPotBaseProtocol, recvline.HistoricRecvLin def handle_CTRL_C(self): self.cmdstack[-1].ctrl_c() + def handle_CTRL_D(self): + self.call_command(self.commands['exit']) + + def handle_TAB(self): + self.cmdstack[-1].handle_TAB() + + def handle_CTRL_K(self): + self.terminal.eraseToLineEnd() + self.lineBuffer = self.lineBuffer[0:self.lineBufferIndex] + def handle_CTRL_U(self): for i in range(self.lineBufferIndex): self.terminal.cursorBackward() @@ -214,11 +231,6 @@ class HoneyPotInteractiveProtocol(HoneyPotBaseProtocol, recvline.HistoricRecvLin self.lineBuffer = self.lineBuffer[self.lineBufferIndex:] self.lineBufferIndex = 0 - def handle_CTRL_D(self): - self.call_command(self.commands['exit']) - - def handle_TAB(self): - self.cmdstack[-1].handle_TAB() class LoggingServerProtocol(insults.ServerProtocol): def connectionMade(self): From 92013388da65e22ffb5d27fac7b644ed81577f16 Mon Sep 17 00:00:00 2001 From: Michel Oosterhof Date: Sun, 9 Nov 2014 16:30:27 +0400 Subject: [PATCH 3/5] add sync command --- txtcmds/bin/sync | 0 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 txtcmds/bin/sync diff --git a/txtcmds/bin/sync b/txtcmds/bin/sync new file mode 100644 index 0000000..e69de29 From ad9124365812c668cb4d328e390c3e1e761ec33a Mon Sep 17 00:00:00 2001 From: Michel Oosterhof Date: Sun, 9 Nov 2014 17:28:06 +0400 Subject: [PATCH 4/5] move fscopy out of sftp/protocol into avatar. rename user to avatar --- kippo/core/honeypot.py | 4 ++-- kippo/core/protocol.py | 20 ++++++++++---------- kippo/core/ssh.py | 10 +++++----- 3 files changed, 17 insertions(+), 17 deletions(-) diff --git a/kippo/core/honeypot.py b/kippo/core/honeypot.py index 2ef409c..4b20b2a 100644 --- a/kippo/core/honeypot.py +++ b/kippo/core/honeypot.py @@ -2,10 +2,10 @@ # See the COPYRIGHT file for more information import twisted -from copy import deepcopy, copy import os import shlex import re +import copy.copy from twisted.python import log from kippo.core import fs @@ -97,7 +97,7 @@ class HoneyPotShell(object): return # probably no reason to be this comprehensive for just PATH... - envvars = copy(self.envvars) + envvars = copy.copy(self.envvars) cmd = None while len(cmdAndArgs): piece = cmdAndArgs.pop(0) diff --git a/kippo/core/protocol.py b/kippo/core/protocol.py index 8c682ce..d33f914 100644 --- a/kippo/core/protocol.py +++ b/kippo/core/protocol.py @@ -5,13 +5,13 @@ import os import random import time import struct +import copy.copy from twisted.conch import recvline from twisted.conch.ssh import transport from twisted.conch.insults import insults from twisted.internet import protocol from twisted.python import log -from copy import deepcopy, copy from kippo.core import ttylog, fs from kippo.core.config import config @@ -20,13 +20,13 @@ import kippo.core.honeypot from kippo import core class HoneyPotBaseProtocol(insults.TerminalProtocol): - def __init__(self, user, env): - self.user = user + def __init__(self, avatar, env): + self.user = avatar self.env = env self.hostname = self.env.cfg.get('honeypot', 'hostname') - self.fs = fs.HoneyPotFilesystem(deepcopy(self.env.fs)) - if self.fs.exists(user.home): - self.cwd = user.home + self.fs = avatar.fs + if self.fs.exists(avatar.home): + self.cwd = avatar.home else: self.cwd = '/' # commands is also a copy so we can add stuff on the fly @@ -134,9 +134,9 @@ class HoneyPotBaseProtocol(insults.TerminalProtocol): class HoneyPotExecProtocol(HoneyPotBaseProtocol): - def __init__(self, user, env, execcmd): + def __init__(self, avatar, env, execcmd): self.execcmd = execcmd - HoneyPotBaseProtocol.__init__(self, user, env) + HoneyPotBaseProtocol.__init__(self, avatar, env) def connectionMade(self): HoneyPotBaseProtocol.connectionMade(self) @@ -153,9 +153,9 @@ class HoneyPotExecProtocol(HoneyPotBaseProtocol): class HoneyPotInteractiveProtocol(HoneyPotBaseProtocol, recvline.HistoricRecvLine): - def __init__(self, user, env): + def __init__(self, avatar, env): recvline.HistoricRecvLine.__init__(self) - HoneyPotBaseProtocol.__init__(self, user, env) + HoneyPotBaseProtocol.__init__(self, avatar, env) def connectionMade(self): HoneyPotBaseProtocol.connectionMade(self) diff --git a/kippo/core/ssh.py b/kippo/core/ssh.py index dd2b1c9..6d761f5 100644 --- a/kippo/core/ssh.py +++ b/kippo/core/ssh.py @@ -5,6 +5,7 @@ import os import copy import time import uuid +import copy.deepcopy from zope.interface import implementer @@ -261,17 +262,17 @@ class HoneyPotAvatar(avatar.ConchUser): avatar.ConchUser.__init__(self) self.username = username self.env = env + self.fs = fs.HoneyPotFilesystem(copy.deepcopy(self.env.fs)) + self.channelLookup.update({'session': HoneyPotSSHSession}) self.channelLookup['direct-tcpip'] = KippoOpenConnectForwardingClient - userdb = core.auth.UserDB() - self.uid = self.gid = userdb.getUID(self.username) - # sftp support enabled only when option is explicitly set if self.env.cfg.has_option('honeypot', 'sftp_enabled'): if ( self.env.cfg.get('honeypot', 'sftp_enabled') == "true" ): self.subsystemLookup['sftp'] = filetransfer.FileTransferServer + self.uid = self.gid = core.auth.UserDB().getUID(self.username) if not self.uid: self.home = '/root' else: @@ -445,8 +446,7 @@ class KippoSFTPServer: def __init__(self, avatar): self.avatar = avatar - # FIXME we should not copy fs here, but do this at avatar instantiation - self.fs = fs.HoneyPotFilesystem(copy.deepcopy(self.avatar.env.fs)) + self.fs = self.avatar.env.fs def _absPath(self, path): home = self.avatar.home From 658de4b65792b832a9e89cf3ac0dc583a17f2e63 Mon Sep 17 00:00:00 2001 From: Michel Oosterhof Date: Sun, 9 Nov 2014 17:28:53 +0400 Subject: [PATCH 5/5] ignore all in log/* not just log/kippo.log* --- .gitignore | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index 65c18ef..c0b8620 100644 --- a/.gitignore +++ b/.gitignore @@ -6,7 +6,7 @@ data/ssh_host_dsa_key.pub data/ssh_host_rsa_key data/ssh_host_rsa_key.pub dl/* -log/kippo.log* +log/* log/tty/* kippo-textlog.log private.key