diff --git a/cowrie/core/honeypot.py b/cowrie/core/honeypot.py index e70511e..5c54693 100644 --- a/cowrie/core/honeypot.py +++ b/cowrie/core/honeypot.py @@ -26,7 +26,7 @@ class HoneyPotCommand(object): self.exit() def call(self): - self.honeypot.writeln('Hello World! [%s]' % repr(self.args)) + self.honeypot.writeln('Hello World! [%s]' % (repr(self.args),)) def exit(self): self.honeypot.cmdstack.pop() @@ -38,7 +38,7 @@ class HoneyPotCommand(object): self.exit() def lineReceived(self, line): - log.msg('INPUT: %s' % line) + log.msg('INPUT: %s' % (line,)) def resume(self): pass @@ -57,7 +57,7 @@ class HoneyPotShell(object): } def lineReceived(self, line): - log.msg('CMD: %s' % line) + log.msg('CMD: %s' % (line,)) line = line[:500] comment = re.compile('^\s*#') for i in [x.strip() for x in re.split(';|&&|\n', line.strip())[:10]]: @@ -134,7 +134,7 @@ class HoneyPotShell(object): input=line, format='Command not found: %(input)s') #self.honeypot.logDispatch('Command not found: %s' % (line,)) if len(line): - self.honeypot.writeln('bash: %s: command not found' % cmd) + self.honeypot.writeln('bash: %s: command not found' % (cmd,)) runOrPrompt() def resume(self): @@ -252,15 +252,20 @@ class HoneyPotShell(object): self.honeypot.terminal.write(newbuf) class HoneyPotEnvironment(object): + """ + """ def __init__(self, cfg): self.cfg = cfg + self.commands = {} + self.hostname = self.cfg.get('honeypot', 'hostname') + import cowrie.commands for c in cowrie.commands.__all__: - module = __import__('cowrie.commands.%s' % c, + module = __import__('cowrie.commands.%s' % (c,), globals(), locals(), ['commands']) self.commands.update(module.commands) - self.fs = pickle.load(file( - cfg.get('honeypot', 'filesystem_file'), 'rb')) + + self.fs = pickle.load(file(cfg.get('honeypot', 'filesystem_file'), 'rb')) # vim: set sw=4 et: diff --git a/cowrie/core/protocol.py b/cowrie/core/protocol.py index a78c24f..6ac07b0 100644 --- a/cowrie/core/protocol.py +++ b/cowrie/core/protocol.py @@ -53,10 +53,13 @@ class HoneyPotBaseProtocol(insults.TerminalProtocol): self.kippoIP = self.cfg.get('honeypot', 'internet_facing_ip') else: # Hack to get ip - s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) - s.connect(("8.8.8.8", 80)) - self.kippoIP = s.getsockname()[0] - s.close() + try: + s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) + s.connect(("8.8.8.8", 80)) + self.kippoIP = s.getsockname()[0] + s.close() + except: + self.kippoIP = '192.168.0.1' # this is only called on explicit logout, not on disconnect # this indicates the closing of the channel/session, not the closing of the connection diff --git a/cowrie/core/ssh.py b/cowrie/core/ssh.py index 371e6e6..fe23ce2 100644 --- a/cowrie/core/ssh.py +++ b/cowrie/core/ssh.py @@ -88,9 +88,10 @@ class HoneyPotSSHFactory(factory.SSHFactory): output.logDispatch(*msg, **args) def __init__(self, cfg): - self.cfg = cfg + def startFactory(self): + # protocol^Wwhatever instances are kept here for the interact feature self.sessions = {} @@ -107,18 +108,18 @@ class HoneyPotSSHFactory(factory.SSHFactory): # load db loggers self.dbloggers = [] - for x in cfg.sections(): + for x in self.cfg.sections(): if not x.startswith('database_'): continue engine = x.split('_')[1] dbengine = 'database_' + engine - lcfg = ConfigParser.ConfigParser() + lcfg = ConfigParser.SafeConfigParser() lcfg.add_section(dbengine) - for i in cfg.options(x): - lcfg.set(dbengine, i, cfg.get(x, i)) + for i in self.cfg.options(x): + lcfg.set(dbengine, i, self.cfg.get(x, i)) lcfg.add_section('honeypot') - for i in cfg.options('honeypot'): - lcfg.set('honeypot', i, cfg.get('honeypot', i)) + for i in self.cfg.options('honeypot'): + lcfg.set('honeypot', i, self.cfg.get('honeypot', i)) log.msg('Loading dblog engine: %s' % (engine,)) dblogger = __import__( 'cowrie.dblog.%s' % (engine,), @@ -126,20 +127,20 @@ class HoneyPotSSHFactory(factory.SSHFactory): log.addObserver(dblogger.emit) self.dbloggers.append(dblogger) - # load new output modules + # load output modules self.output_plugins = []; - for x in cfg.sections(): + for x in self.cfg.sections(): if not x.startswith('output_'): continue engine = x.split('_')[1] output = 'output_' + engine - lcfg = ConfigParser.ConfigParser() + lcfg = ConfigParser.SafeConfigParser() lcfg.add_section(output) - for i in cfg.options(x): - lcfg.set(output, i, cfg.get(x, i)) + for i in self.cfg.options(x): + lcfg.set(output, i, self.cfg.get(x, i)) lcfg.add_section('honeypot') - for i in cfg.options('honeypot'): - lcfg.set('honeypot', i, cfg.get('honeypot', i)) + for i in self.cfg.options('honeypot'): + lcfg.set('honeypot', i, self.cfg.get('honeypot', i)) log.msg('Loading output engine: %s' % (engine,)) output = __import__( 'cowrie.output.%s' % (engine,) @@ -147,6 +148,11 @@ class HoneyPotSSHFactory(factory.SSHFactory): log.addObserver(output.emit) self.output_plugins.append(output) + factory.SSHFactory.startFactory(self) + + def stopFactory(self): + factory.SSHFactory.stopFactory(self) + def buildProtocol(self, addr): """ Create an instance of the server side of the SSH protocol. @@ -315,7 +321,7 @@ class HoneyPotAvatar(avatar.ConchUser): self.username = username self.env = env self.fs = fs.HoneyPotFilesystem(copy.deepcopy(self.env.fs),self.env.cfg) - self.hostname = self.env.cfg.get('honeypot', 'hostname') + self.hostname = self.env.hostname self.protocol = None self.channelLookup.update({'session': HoneyPotSSHSession})