def __init__(self, path, config=None):
logger.debug('hpfeedhandler init')
port = config.get("port")
if port is None:
port = self.default_port
try:
port = int(port)
except (TypeError, ValueError):
logger.warning("Unable to convert value '%s' for port to int" %
port)
port = self.default_port
self.client = hpfeeds.client.new(config['server'], port,
config['ident'], config['secret'])
ihandler.__init__(self, path)
self.tags = config['tags']
logger.debug('Set tags to: {}'.format(self.tags))
self.dynip_resolve = config.get('dynip_resolve', '')
self.dynip_timer = None
self.ownip = None
if isinstance(self.dynip_resolve,
str) and self.dynip_resolve.startswith("http"):
if pyev is None:
logger.debug(
'You are missing the python pyev binding in your dionaea installation.'
)
else:
logger.debug('hpfeedihandler will use dynamic IP resolving!')
self.loop = pyev.default_loop()
self.dynip_timer = pyev.Timer(2., 300, self.loop,
self._dynip_resolve)
self.dynip_timer.start()
def __init__(self, path):
logger.debug("%s ready!" % (self.__class__.__name__))
ihandler.__init__(self, path)
self.apikey = g_dionaea.config(
)['modules']['python']['virustotal']['apikey']
self.cookies = {}
self.loop = pyev.default_loop()
self.backlog_timer = pyev.Timer(0, 20, self.loop,
self.__handle_backlog_timeout)
self.backlog_timer.start()
p = g_dionaea.config()['modules']['python']['virustotal']['file']
self.dbh = sqlite3.connect(p)
self.cursor = self.dbh.cursor()
self.cursor.execute("""
CREATE TABLE IF NOT EXISTS backlogfiles (
backlogfile INTEGER PRIMARY KEY,
status TEXT NOT NULL, -- new, submit, query, comment
md5_hash TEXT NOT NULL,
path TEXT NOT NULL,
timestamp INTEGER NOT NULL,
scan_id TEXT,
lastcheck_time INTEGER,
submit_time INTEGER
);""")
def __init__(self, path, config=None):
logger.debug("%s ready!" % (self.__class__.__name__))
ihandler.__init__(self, path)
self.apikey = config.get("apikey")
comment = config.get("comment")
if comment is None:
comment = "This sample was captured in the wild and uploaded by the dionaea honeypot.\n#honeypot #malware #networkworm"
self.comment = comment
self.cookies = {}
self.loop = pyev.default_loop()
self.backlog_timer = pyev.Timer(0, 20, self.loop,
self.__handle_backlog_timeout)
self.backlog_timer.start()
p = config.get("file")
self.dbh = sqlite3.connect(p)
self.cursor = self.dbh.cursor()
self.cursor.execute("""
CREATE TABLE IF NOT EXISTS backlogfiles (
backlogfile INTEGER PRIMARY KEY,
status TEXT NOT NULL, -- new, submit, query, comment
md5_hash TEXT NOT NULL,
path TEXT NOT NULL,
timestamp INTEGER NOT NULL,
scan_id TEXT,
lastcheck_time INTEGER,
submit_time INTEGER
);""")
def __init__(self, path):
logger.debug("%s ready!" % (self.__class__.__name__))
ihandler.__init__(self, path)
self.apikey = g_dionaea.config()['modules']['python'][
'virustotal']['apikey']
self.cookies = {}
self.loop = pyev.default_loop()
self.backlog_timer = pyev.Timer(
0, 20, self.loop, self.__handle_backlog_timeout)
self.backlog_timer.start()
p = g_dionaea.config()['modules']['python']['virustotal']['file']
self.dbh = sqlite3.connect(p)
self.cursor = self.dbh.cursor()
self.cursor.execute("""
CREATE TABLE IF NOT EXISTS backlogfiles (
backlogfile INTEGER PRIMARY KEY,
status TEXT NOT NULL, -- new, submit, query, comment
md5_hash TEXT NOT NULL,
path TEXT NOT NULL,
timestamp INTEGER NOT NULL,
scan_id TEXT,
lastcheck_time INTEGER,
submit_time INTEGER
);""")
def __init__(self, path, config=None):
logger.debug("%s ready!" % (self.__class__.__name__))
ihandler.__init__(self, path)
self.bucket_name = config.get("bucket_name")
self.region_name = config.get("region_name")
self.access_key_id = config.get("access_key_id")
self.secret_access_key = config.get("secret_access_key")
self.endpoint_url = config.get("endpoint_url")
self.verify = config.get("verify")
self.s3_dest_folder = config.get("s3_dest_folder")
self.s3 = ''
self.loop = pyev.default_loop()
def __init__(self, path, config=None):
logger.debug('hpfeedhandler init')
self.client = hpclient(config['server'], int(config['port']), config['ident'], config['secret'])
ihandler.__init__(self, path)
self.dynip_resolve = config.get('dynip_resolve', '')
self.dynip_timer = None
self.ownip = None
if self.dynip_resolve and 'http' in self.dynip_resolve:
if pyev is None:
logger.debug('You are missing the python pyev binding in your dionaea installation.')
else:
logger.debug('hpfeedihandler will use dynamic IP resolving!')
self.loop = pyev.default_loop()
self.dynip_timer = pyev.Timer(2., 300, self.loop, self._dynip_resolve)
self.dynip_timer.start()
def __init__(self, path):
logger.debug("%s ready!" % (self.__class__.__name__))
ihandler.__init__(self, path)
mwsconfig = g_dionaea.config()['modules']['python']['submit_http']
self.backendurl = mwsconfig['url']
self.email = 'email' in mwsconfig and mwsconfig['email'] or '*****@*****.**'
self.user = '******' in mwsconfig and mwsconfig['user'] or ''
self.passwd = 'pass' in mwsconfig and mwsconfig['pass'] or ''
self.cookies = {}
# heartbeats
dinfo = g_dionaea.version()
self.software = 'dionaea {0} {1}/{2} - {3} {4}'.format(
dinfo['dionaea']['version'],
dinfo['compiler']['os'],
dinfo['compiler']['arch'],
dinfo['compiler']['date'],
dinfo['compiler']['time'],
)
self.loop = pyev.default_loop()
def __init__(self, path, config=None):
logger.debug('hpfeedhandler init')
self.client = hpclient(config['server'], int(config['port']),
config['ident'], config['secret'])
ihandler.__init__(self, path)
self.dynip_resolve = config.get('dynip_resolve', '')
self.dynip_timer = None
self.ownip = None
if self.dynip_resolve and 'http' in self.dynip_resolve:
if pyev is None:
logger.debug(
'You are missing the python pyev binding in your dionaea installation.'
)
else:
logger.debug('hpfeedihandler will use dynamic IP resolving!')
self.loop = pyev.default_loop()
self.dynip_timer = pyev.Timer(2., 300, self.loop,
self._dynip_resolve)
self.dynip_timer.start()
def __init__(self, path, config=None):
logger.debug("%s ready!" % (self.__class__.__name__))
ihandler.__init__(self, path)
self.backendurl = config.get("url")
self.email = config.get("email")
self.user = config.get("user", "")
self.passwd = config.get("pass", "")
self.cookies = {}
# heartbeats
#dinfo = g_dionaea.version()
#self.software = 'dionaea {0} {1}/{2} - {3} {4}'.format(
# dinfo['dionaea']['version'],
# dinfo['compiler']['os'],
# dinfo['compiler']['arch'],
# dinfo['compiler']['date'],
# dinfo['compiler']['time'],
#)
self.loop = pyev.default_loop()
def __init__(self, path, config=None):
logger.debug("%s ready!" % (self.__class__.__name__))
ihandler.__init__(self, path)
self.backendurl = config.get("url")
self.email = config.get("email")
self.user = config.get("user", "")
self.passwd = config.get("pass", "")
self.cookies = {}
# heartbeats
#dinfo = g_dionaea.version()
#self.software = 'dionaea {0} {1}/{2} - {3} {4}'.format(
# dinfo['dionaea']['version'],
# dinfo['compiler']['os'],
# dinfo['compiler']['arch'],
# dinfo['compiler']['date'],
# dinfo['compiler']['time'],
#)
self.loop = pyev.default_loop()
def __init__(self, path):
logger.debug("%s ready!" % (self.__class__.__name__))
ihandler.__init__(self, path)
mwsconfig = g_dionaea.config()['modules']['python']['mwserv']
self.backendurl = mwsconfig['url']
self.maintainer = mwsconfig['maintainer']
self.guid = mwsconfig['guid']
self.secret = mwsconfig['secret']
self.cookies = {}
# heartbeats
dinfo = g_dionaea.version()
self.software = 'dionaea {0} {1}/{2} - {3} {4}'.format(
dinfo['dionaea']['version'],
dinfo['compiler']['os'],
dinfo['compiler']['arch'],
dinfo['compiler']['date'],
dinfo['compiler']['time'],
)
self.loop = pyev.default_loop()
self.heartbeat_timer = pyev.Timer(5., 120, self.loop, self._heartbeat)
self.heartbeat_timer.start()
import logging
import random
import os
import datetime
import tempfile
from dionaea.core import connection, g_dionaea, incident
from dionaea import pyev, ServiceLoader
from dionaea.sip.extras import msg_to_icd, SipConfig, ErrorWithResponse
from dionaea.sip import rfc3261
from dionaea.sip import rfc4566
from dionaea.sip import rfc2617 # auth
g_default_loop = pyev.default_loop()
logger = logging.getLogger('sip')
logger.setLevel(logging.DEBUG)
_SipCall_sustain_timeout = 20
class AuthenticationError(Exception):
"""Exception class for errors occuring during SIP authentication"""
# Dictionary with SIP sessions (key is Call-ID)
g_call_ids = {}
def cleanup(watcher, events):
logger.debug("Cleanup")
import logging
import random
import os
import datetime
import tempfile
from dionaea.core import connection, g_dionaea, incident
from dionaea import pyev, ServiceLoader
from dionaea.sip.extras import msg_to_icd, SipConfig, ErrorWithResponse
from dionaea.sip import rfc3261
from dionaea.sip import rfc4566
from dionaea.sip import rfc2617 # auth
g_default_loop = pyev.default_loop()
g_timer_cleanup = None
logger = logging.getLogger('sip')
logger.setLevel(logging.DEBUG)
_SipCall_sustain_timeout = 20
class AuthenticationError(Exception):
"""Exception class for errors occuring during SIP authentication"""
# Dictionary with SIP sessions (key is Call-ID)
g_call_ids = {}
