def handle_incident(self, icd): logger.debug("storing file") p = icd.path md5 = md5file(p) n = g_dionaea.config()['downloads']['dir'] + '/' + md5 i = incident("dionaea.download.complete.hash") i.file = n i.url = icd.url if hasattr(icd, 'con'): i.con = icd.con i.md5hash = md5 i.report() try: f = os.stat(n) i = incident("dionaea.download.complete.again") logger.debug("file %s already existed" % md5) except OSError: logger.debug("saving new file %s to %s" % (md5, n)) os.link(p, n) i = incident("dionaea.download.complete.unique") i.file = n if hasattr(icd, 'con'): i.con = icd.con i.url = icd.url i.md5hash = md5 i.report()
def handle_incident(self, icd): logger.debug("storing file") p = icd.path md5 = md5file(p) n = g_dionaea.config()["downloads"]["dir"] + "/" + md5 i = incident("dionaea.download.complete.hash") i.file = n i.url = icd.url if hasattr(icd, "con"): i.con = icd.con i.md5hash = md5 i.report() try: f = os.stat(n) i = incident("dionaea.download.complete.again") logger.debug("file %s already existed" % md5) except OSError: logger.debug("saving new file %s to %s" % (md5, n)) os.link(p, n) i = incident("dionaea.download.complete.unique") i.file = n if hasattr(icd, "con"): i.con = icd.con i.url = icd.url i.md5hash = md5 i.report()
def handle_incident(self, icd): logger.debug("storing file") p = icd.path # ToDo: use sha1 or sha256 md5 = md5file(p) # ToDo: use sys.path.join() n = os.path.join(self.download_dir, md5) i = incident("dionaea.download.complete.hash") i.file = n i.url = icd.url if hasattr(icd, 'con'): i.con = icd.con i.md5hash = md5 i.report() try: os.stat(n) i = incident("dionaea.download.complete.again") logger.debug("file %s already existed" % md5) except OSError: logger.debug("saving new file %s to %s" % (md5, n)) os.link(p, n) i = incident("dionaea.download.complete.unique") i.file = n if hasattr(icd, 'con'): i.con = icd.con i.url = icd.url i.md5hash = md5 i.report()
def handle_incident_dionaea_download_complete_unique(self, icd): cookie = str(uuid.uuid4()) i = incident("dionaea.upload.request") i._url = self.backendurl i.sha512 = sha512file(icd.file) i.md5 = md5file(icd.file) i.email = self.email i.user = self.user i.set('pass', self.passwd) mr = submithttp_report(i.sha512, i.md5, icd.file) if hasattr(icd, 'con'): i.source_host = str( struct.unpack('!I', socket.inet_aton(icd.con.remote.host))[0] ) i.source_port = str(icd.con.remote.port) i.target_host = str( struct.unpack('!I', socket.inet_aton(icd.con.local.host))[0] ) i.target_port = str(icd.con.local.port) mr.saddr, mr.sport, mr.daddr, mr.dport = i.source_host, i.source_port, i.target_host, i.target_port if hasattr(icd, 'url'): i.url = icd.url i.trigger = icd.url try: i.filename = urlparse(icd.url).path.split('/')[-1] mr.filename = i.filename except: pass mr.download_url = icd.url i.filetype = filetype(icd.file) mr.filetype = i.filetype i._callback = "dionaea.modules.python.submithttp.result" i._userdata = cookie self.cookies[cookie] = mr i.report()
def handle_incident_dionaea_download_complete_unique(self, icd): logger.warning('handle_incident_dionaea_download_complete_unique') cookie = str(uuid.uuid4()) i = incident("dionaea.upload.request") i._url = self.backendurl i.sha512 = sha512file(icd.file) i.md5 = md5file(icd.file) i.email = self.email i.user = self.user i.set('pass', self.passwd) mr = submithttp_report(i.sha512, i.md5, icd.file) if hasattr(icd, 'con'): i.source_host = str( struct.unpack('!I', socket.inet_aton(icd.con.remote.host))[0]) i.source_port = str(icd.con.remote.port) i.target_host = str( struct.unpack('!I', socket.inet_aton(icd.con.local.host))[0]) i.target_port = str(icd.con.local.port) mr.saddr, mr.sport, mr.daddr, mr.dport = i.source_host, i.source_port, i.target_host, i.target_port if hasattr(icd, 'url'): i.url = icd.url i.trigger = icd.url try: i.filename = urlparse(icd.url).path.split('/')[-1] mr.filename = i.filename except: pass mr.download_url = icd.url i.filetype = filetype(icd.file) mr.filetype = i.filetype i._callback = "dionaea.modules.python.submithttp.result" i._userdata = cookie self.cookies[cookie] = mr i.report()
dionaea_config = g_dionaea.config().get("dionaea") self.download_dir = dionaea_config.get("download.dir") if self.download_dir is None: raise LoaderError("Setting download.dir not configured") else: if not os.path.isdir(self.download_dir): raise LoaderError("'%s' is not a directory", self.download_dir) if not os.access(self.download_dir, os.W_OK): raise LoaderError("Not allowed to create files in the '%s' directory", self.dow nload_dir) def handle_incident(self, icd): logger.debug("storing file") p = icd.path # ToDo: use sha1 or sha256 md5 = md5file(p) # ToDo: use sys.path.join() n = os.path.join(self.download_dir, md5) i = incident("dionaea.download.complete.hash") i.file = n i.url = icd.url if hasattr(icd, 'con'): i.con = icd.con i.md5hash = md5 i.report() try: os.stat(n) i = incident("dionaea.download.complete.again") logger.debug("file %s already existed" % md5) except OSError: