Fix ps to resemble the real thing a bit more

git-svn-id: https://kippo.googlecode.com/svn/trunk@206 951d7100-d841-11de-b865-b3884708a8e2
2025-12-18 06:24:20 +01:00 · 2011-04-07 18:31:41 +00:00
parent 6bf84474e6
commit adf8346d5b
1 changed files with 58 additions and 44 deletions
--- a/kippo/commands/base.py
+++ b/kippo/commands/base.py
@@ -79,50 +79,64 @@ commands['/bin/uname'] = command_uname

 class command_ps(HoneyPotCommand):
    def call(self):
-        if len(self.args) and self.args[0].strip().count('a'):
-            output = (
-                'USER       PID %%CPU %%MEM    VSZ   RSS TTY      STAT START   TIME COMMAND',
-                'root         1  0.0  0.1   2100   688 ?        Ss   Nov06   0:07 init [2]  ',
-                'root         2  0.0  0.0      0     0 ?        S<   Nov06   0:00 [kthreadd]',
-                'root         3  0.0  0.0      0     0 ?        S<   Nov06   0:00 [migration/0]',
-                'root         4  0.0  0.0      0     0 ?        S<   Nov06   0:00 [ksoftirqd/0]',
-                'root         5  0.0  0.0      0     0 ?        S<   Nov06   0:00 [watchdog/0]',
-                'root         6  0.0  0.0      0     0 ?        S<   Nov06   0:17 [events/0]',
-                'root         7  0.0  0.0      0     0 ?        S<   Nov06   0:00 [khelper]',
-                'root        39  0.0  0.0      0     0 ?        S<   Nov06   0:00 [kblockd/0]',
-                'root        41  0.0  0.0      0     0 ?        S<   Nov06   0:00 [kacpid]',
-                'root        42  0.0  0.0      0     0 ?        S<   Nov06   0:00 [kacpi_notify]',
-                'root       170  0.0  0.0      0     0 ?        S<   Nov06   0:00 [kseriod]',
-                'root       207  0.0  0.0      0     0 ?        S    Nov06   0:01 [pdflush]',
-                'root       208  0.0  0.0      0     0 ?        S    Nov06   0:00 [pdflush]',
-                'root       209  0.0  0.0      0     0 ?        S<   Nov06   0:00 [kswapd0]',
-                'root       210  0.0  0.0      0     0 ?        S<   Nov06   0:00 [aio/0]',
-                'root       748  0.0  0.0      0     0 ?        S<   Nov06   0:00 [ata/0]',
-                'root       749  0.0  0.0      0     0 ?        S<   Nov06   0:00 [ata_aux]',
-                'root       929  0.0  0.0      0     0 ?        S<   Nov06   0:00 [scsi_eh_0]',
-                'root      1014  0.0  0.0      0     0 ?        D<   Nov06   0:03 [kjournald]',
-                'root      1087  0.0  0.1   2288   772 ?        S<s  Nov06   0:00 udevd --daemon',
-                'root      1553  0.0  0.0      0     0 ?        S<   Nov06   0:00 [kpsmoused]',
-                'root      2054  0.0  0.2  28428  1508 ?        Sl   Nov06   0:01 /usr/sbin/rsyslogd -c3',
-                'root      2103  0.0  0.2   2628  1196 tty1     Ss   Nov06   0:00 /bin/login --     ',
-                'root      2105  0.0  0.0   1764   504 tty2     Ss+  Nov06   0:00 /sbin/getty 38400 tty2',
-                'root      2107  0.0  0.0   1764   504 tty3     Ss+  Nov06   0:00 /sbin/getty 38400 tty3',
-                'root      2109  0.0  0.0   1764   504 tty4     Ss+  Nov06   0:00 /sbin/getty 38400 tty4',
-                'root      2110  0.0  0.0   1764   504 tty5     Ss+  Nov06   0:00 /sbin/getty 38400 tty5',
-                'root      2112  0.0  0.0   1764   508 tty6     Ss+  Nov06   0:00 /sbin/getty 38400 tty6',
-                'root      2133  0.0  0.1   2180   620 ?        S<s  Nov06   0:00 dhclient3 -pf /var/run/dhclient.eth0.pid -lf /var/lib/dhcp3/dhclien',
-                'root      4969  0.0  0.1   5416  1024 ?        Ss   Nov08   0:00 /usr/sbin/sshd',
-                'root      5673  0.0  0.2   2924  1540 pts/0    Ss   04:30   0:00 -bash',
-                'root      5679  0.0  0.1   2432   928 pts/0    R+   04:32   0:00 ps %s' % ' '.join(self.args),
-                )
-        else:
-            output = (
-                '  PID TTY          TIME CMD',
-                ' 5673 pts/0    00:00:00 bash',
-                ' 5677 pts/0    00:00:00 ps %s' % ' '.join(self.args),
-                )
-        for l in output:
-            self.writeln(l)
+        user = self.honeypot.user.username
+        args = ''
+        if len(self.args):
+            args = self.args[0].strip()
+        _user, _pid, _cpu, _mem, _vsz, _rss, _tty, _stat, \
+            _start, _time, _command = range(11)
+        output = (
+            ('USER      ', ' PID', ' %CPU', ' %MEM', '    VSZ', '   RSS', ' TTY      ', 'STAT ', 'START', '   TIME ', 'COMMAND',),
+            ('root      ', '   1', '  0.0', '  0.1', '   2100', '   688', ' ?        ', 'Ss   ', 'Nov06', '   0:07 ', 'init [2]  ',),
+            ('root      ', '   2', '  0.0', '  0.0', '      0', '     0', ' ?        ', 'S<   ', 'Nov06', '   0:00 ', '[kthreadd]',),
+            ('root      ', '   3', '  0.0', '  0.0', '      0', '     0', ' ?        ', 'S<   ', 'Nov06', '   0:00 ', '[migration/0]',),
+            ('root      ', '   4', '  0.0', '  0.0', '      0', '     0', ' ?        ', 'S<   ', 'Nov06', '   0:00 ', '[ksoftirqd/0]',),
+            ('root      ', '   5', '  0.0', '  0.0', '      0', '     0', ' ?        ', 'S<   ', 'Nov06', '   0:00 ', '[watchdog/0]',),
+            ('root      ', '   6', '  0.0', '  0.0', '      0', '     0', ' ?        ', 'S<   ', 'Nov06', '   0:17 ', '[events/0]',),
+            ('root      ', '   7', '  0.0', '  0.0', '      0', '     0', ' ?        ', 'S<   ', 'Nov06', '   0:00 ', '[khelper]',),
+            ('root      ', '  39', '  0.0', '  0.0', '      0', '     0', ' ?        ', 'S<   ', 'Nov06', '   0:00 ', '[kblockd/0]',),
+            ('root      ', '  41', '  0.0', '  0.0', '      0', '     0', ' ?        ', 'S<   ', 'Nov06', '   0:00 ', '[kacpid]',),
+            ('root      ', '  42', '  0.0', '  0.0', '      0', '     0', ' ?        ', 'S<   ', 'Nov06', '   0:00 ', '[kacpi_notify]',),
+            ('root      ', ' 170', '  0.0', '  0.0', '      0', '     0', ' ?        ', 'S<   ', 'Nov06', '   0:00 ', '[kseriod]',),
+            ('root      ', ' 207', '  0.0', '  0.0', '      0', '     0', ' ?        ', 'S    ', 'Nov06', '   0:01 ', '[pdflush]',),
+            ('root      ', ' 208', '  0.0', '  0.0', '      0', '     0', ' ?        ', 'S    ', 'Nov06', '   0:00 ', '[pdflush]',),
+            ('root      ', ' 209', '  0.0', '  0.0', '      0', '     0', ' ?        ', 'S<   ', 'Nov06', '   0:00 ', '[kswapd0]',),
+            ('root      ', ' 210', '  0.0', '  0.0', '      0', '     0', ' ?        ', 'S<   ', 'Nov06', '   0:00 ', '[aio/0]',),
+            ('root      ', ' 748', '  0.0', '  0.0', '      0', '     0', ' ?        ', 'S<   ', 'Nov06', '   0:00 ', '[ata/0]',),
+            ('root      ', ' 749', '  0.0', '  0.0', '      0', '     0', ' ?        ', 'S<   ', 'Nov06', '   0:00 ', '[ata_aux]',),
+            ('root      ', ' 929', '  0.0', '  0.0', '      0', '     0', ' ?        ', 'S<   ', 'Nov06', '   0:00 ', '[scsi_eh_0]',),
+            ('root      ', '1014', '  0.0', '  0.0', '      0', '     0', ' ?        ', 'D<   ', 'Nov06', '   0:03 ', '[kjournald]',),
+            ('root      ', '1087', '  0.0', '  0.1', '   2288', '   772', ' ?        ', 'S<s  ', 'Nov06', '   0:00 ', 'udevd --daemon',),
+            ('root      ', '1553', '  0.0', '  0.0', '      0', '     0', ' ?        ', 'S<   ', 'Nov06', '   0:00 ', '[kpsmoused]',),
+            ('root      ', '2054', '  0.0', '  0.2', '  28428', '  1508', ' ?        ', 'Sl   ', 'Nov06', '   0:01 ', '/usr/sbin/rsyslogd -c3',),
+            ('root      ', '2103', '  0.0', '  0.2', '   2628', '  1196', ' tty1     ', 'Ss   ', 'Nov06', '   0:00 ', '/bin/login --     ',),
+            ('root      ', '2105', '  0.0', '  0.0', '   1764', '   504', ' tty2     ', 'Ss+  ', 'Nov06', '   0:00 ', '/sbin/getty 38400 tty2',),
+            ('root      ', '2107', '  0.0', '  0.0', '   1764', '   504', ' tty3     ', 'Ss+  ', 'Nov06', '   0:00 ', '/sbin/getty 38400 tty3',),
+            ('root      ', '2109', '  0.0', '  0.0', '   1764', '   504', ' tty4     ', 'Ss+  ', 'Nov06', '   0:00 ', '/sbin/getty 38400 tty4',),
+            ('root      ', '2110', '  0.0', '  0.0', '   1764', '   504', ' tty5     ', 'Ss+  ', 'Nov06', '   0:00 ', '/sbin/getty 38400 tty5',),
+            ('root      ', '2112', '  0.0', '  0.0', '   1764', '   508', ' tty6     ', 'Ss+  ', 'Nov06', '   0:00 ', '/sbin/getty 38400 tty6',),
+            ('root      ', '2133', '  0.0', '  0.1', '   2180', '   620', ' ?        ', 'S<s  ', 'Nov06', '   0:00 ', 'dhclient3 -pf /var/run/dhclient.eth0.pid -lf /var/lib/dhcp3/dhclien',),
+            ('root      ', '4969', '  0.0', '  0.1', '   5416', '  1024', ' ?        ', 'Ss   ', 'Nov08', '   0:00 ', '/usr/sbin/sshd',),
+            ('%s'.ljust(8) % user, '5673', '  0.0', '  0.2', '   2924', '  1540', ' pts/0    ', 'Ss   ', '04:30', '   0:00 ', '-bash',),
+            ('%s'.ljust(8) % user, '5679', '  0.0', '  0.1', '   2432', '   928', ' pts/0    ', 'R+   ', '04:32', '   0:00 ', 'ps %s' % ' '.join(self.args),)
+            )
+        for i in range(len(output)):
+            if i != 0:
+                if 'a' not in args and output[i][_user].strip() != user:
+                    continue
+                elif 'a' not in args and 'x' not in args \
+                        and output[i][_tty].strip() != 'pts/0':
+                    continue
+            l = [_pid, _tty, _time, _command]
+            if 'a' in args or 'x' in args:
+                l = [_pid, _tty, _stat, _time, _command]
+            if 'u' in args:
+                l = [_user, _pid, _cpu, _mem, _vsz, _rss, _tty, _stat,
+                    _start, _time, _command]
+            s = ''.join([output[i][x] for x in l])
+            if 'w' not in args:
+                s = s[:80]
+            self.writeln(s)
 commands['/bin/ps'] = command_ps

 class command_id(HoneyPotCommand):