diff --git a/cowrie/core/honeypot.py b/cowrie/core/honeypot.py index ed20c0b..3cd45d4 100644 --- a/cowrie/core/honeypot.py +++ b/cowrie/core/honeypot.py @@ -154,11 +154,31 @@ class HoneyPotShell(object): continue if tok == '||': continue + if tok == '$?': + tok = "0" + elif tok[0] == '$': + env_rex = re.compile('^\$([_a-zA-Z0-9]+)$') + env_search = env_rex.search(tok) + if env_search != None: + env_match = env_search.group(1) + if env_match in list(self.environ.keys()): + tok = self.environ[env_match] + else: + continue + env_rex = re.compile('^\${([_a-zA-Z0-9]+)}$') + env_search = env_rex.search(tok) + if env_search != None: + env_match = env_search.group(1) + if env_match in list(self.environ.keys()): + tok = self.environ[env_match] + else: + continue tokens.append(tok) except Exception as e: self.protocol.terminal.write( 'bash: syntax error: unexpected end of file\n') # Could run runCommand here, but i'll just clear the list instead + log.msg( "exception: {}".format(e) ) self.cmdpending = [] self.showPrompt() return diff --git a/cowrie/core/shlex.py b/cowrie/core/shlex.py index 27fb72f..4e4ace5 100644 --- a/cowrie/core/shlex.py +++ b/cowrie/core/shlex.py @@ -63,7 +63,7 @@ class shlex: # _pushback_chars is a push back queue used by lookahead logic self._pushback_chars = deque() # these chars added because allowed in file names, args, wildcards - self.wordchars += '~-./*?=$:' + self.wordchars += '{}~-./*?=$:' #remove any punctuation chars from wordchars self.wordchars = ''.join(c for c in self.wordchars if c not in self.punctuation_chars)