def post_processer(self):
while True:
attack_event = self.post_queue.get()
gen_dork_list.collect_dork(attack_event)
for logger in self.loggers:
logger.insert(attack_event)
if self.options["hpfeeds"] == "True":
self.hpfeeds_logger.handle_send("glastopf.events",
json.dumps(attack_event.event_dict()))
if attack_event.file_name != None:
with file("files/" + attack_event.file_name, 'r') as file_handler:
file_content = file_handler.read()
self.hpfeeds_logger.handle_send("glastopf.files",
attack_event.file_name + " " + base64.b64encode(file_content))
def test_automated_extension(self):
"""Objective: Test if the database extends on new requests to the honeypot.
Input: A test request with URL: http://localhost:8080/test.php?c=test
Expected Results: An entry in the 'inurl' db table containing '/test.php'.
Notes: The test adds the '/test.php' entry to the database."""
attack_event = attack.AttackEvent()
attack_event.matched_pattern = "internal_test"
attack_event.parsed_request = util.HTTPRequest()
attack_event.parsed_request.url = "/test.php?c=test"
print "Attack event prepared."
gen_dork_list.collect_dork(attack_event)
print "Done collecting the path from the event and writing to the database."
sql = "SELECT * FROM inurl WHERE content = ?"
db = dork_db.DorkDB()
self.cursor = db.conn.cursor()
cnt = self.cursor.execute(sql,
(attack_event.parsed_request.url.split('?')[0],)).fetchall()
self.cursor.close()
print "Done fetching the entries matching the request URL"
self.assertTrue(len(cnt) > 0)
print "Number of entries in the database matching our URL:",
print len(cnt),
print "which equates our expectation."
