aljaz/cowrie
1
0
Fork 0
mirror of https://github.com/aljazceru/cowrie.git synced 2025-12-30 20:34:22 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' of https://github.com/micheloosterhof/cowrie

Browse Source
This commit is contained in:
Michel Oosterhof
2015-07-27 09:13:12 +00:00
parent 4c25d82f94 00477f777b
commit d545b59db6
3 changed files with 40 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
cowrie/core/honeypot.py
View File

@@ -26,7 +26,7 @@ class HoneyPotCommand(object):
self.exit()
def call(self):
self.honeypot.writeln('Hello World! [%s]' % repr(self.args))
self.honeypot.writeln('Hello World! [%s]' % (repr(self.args),))
def exit(self):
self.honeypot.cmdstack.pop()
@@ -38,7 +38,7 @@ class HoneyPotCommand(object):
self.exit()
def lineReceived(self, line):
log.msg('INPUT: %s' % line)
log.msg('INPUT: %s' % (line,))
def resume(self):
pass
@@ -57,7 +57,7 @@ class HoneyPotShell(object):
}
def lineReceived(self, line):
log.msg('CMD: %s' % line)
log.msg('CMD: %s' % (line,))
line = line[:500]
comment = re.compile('^\s*#')
for i in [x.strip() for x in re.split(';|&&|\n', line.strip())[:10]]:
@@ -134,7 +134,7 @@ class HoneyPotShell(object):
input=line, format='Command not found: %(input)s')
#self.honeypot.logDispatch('Command not found: %s' % (line,))
if len(line):
self.honeypot.writeln('bash: %s: command not found' % cmd)
self.honeypot.writeln('bash: %s: command not found' % (cmd,))
runOrPrompt()
def resume(self):
@@ -252,15 +252,20 @@ class HoneyPotShell(object):
self.honeypot.terminal.write(newbuf)
class HoneyPotEnvironment(object):
"""
"""
def __init__(self, cfg):
self.cfg = cfg
self.commands = {}
self.hostname = self.cfg.get('honeypot', 'hostname')
import cowrie.commands
for c in cowrie.commands.__all__:
module = __import__('cowrie.commands.%s' % c,
module = __import__('cowrie.commands.%s' % (c,),
globals(), locals(), ['commands'])
self.commands.update(module.commands)
self.fs = pickle.load(file(
cfg.get('honeypot', 'filesystem_file'), 'rb'))
self.fs = pickle.load(file(cfg.get('honeypot', 'filesystem_file'), 'rb'))
# vim: set sw=4 et:

11
cowrie/core/protocol.py
View File

@@ -53,10 +53,13 @@ class HoneyPotBaseProtocol(insults.TerminalProtocol):
self.kippoIP = self.cfg.get('honeypot', 'internet_facing_ip')
else:
# Hack to get ip
s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
s.connect(("8.8.8.8", 80))
self.kippoIP = s.getsockname()[0]
s.close()
try:
s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
s.connect(("8.8.8.8", 80))
self.kippoIP = s.getsockname()[0]
s.close()
except:
self.kippoIP = '192.168.0.1'
# this is only called on explicit logout, not on disconnect
# this indicates the closing of the channel/session, not the closing of the connection

36
cowrie/core/ssh.py
View File

@@ -88,9 +88,10 @@ class HoneyPotSSHFactory(factory.SSHFactory):
output.logDispatch(*msg, **args)
def __init__(self, cfg):
self.cfg = cfg
def startFactory(self):
# protocol^Wwhatever instances are kept here for the interact feature
self.sessions = {}
@@ -107,18 +108,18 @@ class HoneyPotSSHFactory(factory.SSHFactory):
# load db loggers
self.dbloggers = []
for x in cfg.sections():
for x in self.cfg.sections():
if not x.startswith('database_'):
continue
engine = x.split('_')[1]
dbengine = 'database_' + engine
lcfg = ConfigParser.ConfigParser()
lcfg = ConfigParser.SafeConfigParser()
lcfg.add_section(dbengine)
for i in cfg.options(x):
lcfg.set(dbengine, i, cfg.get(x, i))
for i in self.cfg.options(x):
lcfg.set(dbengine, i, self.cfg.get(x, i))
lcfg.add_section('honeypot')
for i in cfg.options('honeypot'):
lcfg.set('honeypot', i, cfg.get('honeypot', i))
for i in self.cfg.options('honeypot'):
lcfg.set('honeypot', i, self.cfg.get('honeypot', i))
log.msg('Loading dblog engine: %s' % (engine,))
dblogger = __import__(
'cowrie.dblog.%s' % (engine,),
@@ -126,20 +127,20 @@ class HoneyPotSSHFactory(factory.SSHFactory):
log.addObserver(dblogger.emit)
self.dbloggers.append(dblogger)
# load new output modules
# load output modules
self.output_plugins = [];
for x in cfg.sections():
for x in self.cfg.sections():
if not x.startswith('output_'):
continue
engine = x.split('_')[1]
output = 'output_' + engine
lcfg = ConfigParser.ConfigParser()
lcfg = ConfigParser.SafeConfigParser()
lcfg.add_section(output)
for i in cfg.options(x):
lcfg.set(output, i, cfg.get(x, i))
for i in self.cfg.options(x):
lcfg.set(output, i, self.cfg.get(x, i))
lcfg.add_section('honeypot')
for i in cfg.options('honeypot'):
lcfg.set('honeypot', i, cfg.get('honeypot', i))
for i in self.cfg.options('honeypot'):
lcfg.set('honeypot', i, self.cfg.get('honeypot', i))
log.msg('Loading output engine: %s' % (engine,))
output = __import__(
'cowrie.output.%s' % (engine,)
@@ -147,6 +148,11 @@ class HoneyPotSSHFactory(factory.SSHFactory):
log.addObserver(output.emit)
self.output_plugins.append(output)
factory.SSHFactory.startFactory(self)
def stopFactory(self):
factory.SSHFactory.stopFactory(self)
def buildProtocol(self, addr):
"""
Create an instance of the server side of the SSH protocol.
@@ -315,7 +321,7 @@ class HoneyPotAvatar(avatar.ConchUser):
self.username = username
self.env = env
self.fs = fs.HoneyPotFilesystem(copy.deepcopy(self.env.fs),self.env.cfg)
self.hostname = self.env.cfg.get('honeypot', 'hostname')
self.hostname = self.env.hostname
self.protocol = None
self.channelLookup.update({'session': HoneyPotSSHSession})