def doRead(self):
"""Called when my socket is ready for reading.
This accepts a connection and calls self.protocol() to handle the
wire-level protocol.
"""
try:
if platformType == "posix":
numAccepts = self.numberAccepts
else:
numAccepts = 1
for i in range(numAccepts):
if self.disconnecting:
return
try:
skt, addr = self.socket.accept()
except socket.error, e:
if e.args[0] in (EWOULDBLOCK, EAGAIN):
self.numberAccepts = i
break
elif e.args[0] == EPERM:
continue
raise
protocol = self.factory.buildProtocol(self._buildAddr(addr))
if protocol is None:
skt.close()
continue
s = self.sessionno
self.sessionno = s+1
transport = self.transport(skt, protocol, addr, self, s)
transport = self._preMakeConnection(transport)
protocol.makeConnection(transport)
else:
def openShell(self, transport):
"""
Use the custom protocol
"""
protocol = EchoProtocol()
protocol.makeConnection(transport)
transport.makeConnection(session.wrapProtocol(protocol))
def datagramReceived(self, msg, addr):
if addr not in self.connections:
protocol = StupProtocol(self, addr)
protocol.makeConnection(self.transport)
self.connections[addr] = protocol
self.connections[addr].datagramReceived(msg, addr)
def doRead(self):
"""Called when my socket is ready for reading.
This accepts a connection and calls self.protocol() to handle the
wire-level protocol.
"""
try:
if platformType == "posix":
numAccepts = self.numberAccepts
else:
# win32 event loop breaks if we do more than one accept()
# in an iteration of the event loop.
numAccepts = 1
for i in range(numAccepts):
# we need this so we can deal with a factory's buildProtocol
# calling our loseConnection
if self.disconnecting:
return
try:
skt, addr = self.socket.accept()
except socket.error, e:
if e.args[0] in (EWOULDBLOCK, EAGAIN):
self.numberAccepts = i
break
elif e.args[0] == EPERM:
# Netfilter on Linux may have rejected the
# connection, but we get told to try to accept()
# anyway.
continue
elif e.args[0] in (EMFILE, ENOBUFS, ENFILE, ENOMEM, ECONNABORTED):
# Linux gives EMFILE when a process is not allowed
# to allocate any more file descriptors. *BSD and
# Win32 give (WSA)ENOBUFS. Linux can also give
# ENFILE if the system is out of inodes, or ENOMEM
# if there is insufficient memory to allocate a new
# dentry. ECONNABORTED is documented as possible on
# both Linux and Windows, but it is not clear
# whether there are actually any circumstances under
# which it can happen (one might expect it to be
# possible if a client sends a FIN or RST after the
# server sends a SYN|ACK but before application code
# calls accept(2), however at least on Linux this
# _seems_ to be short-circuited by syncookies.
log.msg("Could not accept new connection (%s)" % (
errorcode[e.args[0]],))
break
raise
protocol = self.factory.buildProtocol(self._buildAddr(addr))
if protocol is None:
skt.close()
continue
s = self.sessionno
self.sessionno = s+1
transport = self.transport(skt, protocol, addr, self, s)
transport = self._preMakeConnection(transport)
protocol.makeConnection(transport)
else:
def connect_protocol(self, protocol):
t = StringTransport()
protocol.makeConnection(t)
# ... and let's skip the handshake
protocol.dataReceived('.')
return t
def connect_protocol(self, protocol):
t = StringTransport()
protocol.makeConnection(t)
# ... and let's skip the handshake
protocol.dataReceived('.')
return t
def _cbLogin(self, ial):
interface, protocol, logout = ial
assert interface is ITelnetProtocol
self.protocol = protocol
self.logout = logout
self.state = 'Command'
protocol.makeConnection(self.transport)
self.transport.protocol = protocol
def openShell(self, transport):
"""
Use our protocol as shell session.
"""
protocol = EchoProtocol()
# Connect the new protocol to the transport and the transport
# to the new protocol so they can communicate in both directions.
protocol.makeConnection(transport)
transport.makeConnection(session.wrapProtocol(protocol))
def openShell(self, transport):
"""
Use our protocol as shell session.
"""
protocol = EchoProtocol()
# Connect the new protocol to the transport and the transport
# to the new protocol so they can communicate in both directions.
protocol.makeConnection(transport)
transport.makeConnection(session.wrapProtocol(protocol))
def _cbLogin(self, ial):
interface, protocol, logout = ial
assert interface is ITelnetProtocol
self.protocol = protocol
self.logout = logout
self.state = 'Command'
protocol.makeConnection(self.transport)
self.transport.protocol = protocol
def makeProtocol(self):
env = HoneyPotEnvironment()
user = HoneyPotAvatar("root", env)
serverProtocol = insults.ServerProtocol(
HoneyPotInteractiveProtocol, user, env)
serverProtocol.makeConnection(protocol)
protocol.makeConnection(session.wrapProtocol(serverProtocol))
#honeypot = HoneyPotInteractiveProtocol(user, env)
return serverProtocol
def openShell(self, protocol):
#serverProtocol = insults.ServerProtocol(remoteCLI, self)
control = self.service.root.getServiceNamed('control').handle_command
serverProtocol = insults.ServerProtocol(manhole.ColoredManhole, {
'app': self.service.root,
'stop': reactor.stop,
'c': control
})
serverProtocol.makeConnection(protocol)
protocol.makeConnection(session.wrapProtocol(serverProtocol))
def execCommand(self, protocol, cmd):
cfg = config()
if cfg.has_option('honeypot', 'exec_enabled'):
if ( cfg.get('honeypot', 'exec_enabled') != "true" ):
print 'exec disabled not executing command: "%s"' % cmd
raise os.OSError
print 'Executing command: "%s"' % cmd
serverProtocol = LoggingServerProtocol(HoneyPotProtocol, self, self.env, cmd)
serverProtocol.makeConnection(protocol)
protocol.makeConnection(session.wrapProtocol(serverProtocol))
def openShell(self, transport):
"""
Use our protocol as shell session.
"""
protocol = CLIProtocol(self.datastore)
# Connect the new protocol to the transport and the transport
# to the new protocol so they can communicate in both directions.
protocol.makeConnection(transport)
transport.makeConnection(session.wrapProtocol(protocol))
protocol.transport.write(
b'Welcome to Digital Sky\r\nType "help" for help.\r\n$ ')
def test_writeSequence(self):
"""
L{ThrottlingProtocol.writeSequence} is called on the underlying factory.
"""
server = Server()
tServer = TestableThrottlingFactory(task.Clock(), server)
protocol = tServer.buildProtocol(address.IPv4Address("TCP", "127.0.0.1", 0))
transport = StringTransportWithDisconnection()
transport.protocol = protocol
protocol.makeConnection(transport)
protocol.writeSequence([b"bytes"] * 4)
self.assertEqual(transport.value(), b"bytesbytesbytesbytes")
self.assertEqual(tServer.writtenThisSecond, 20)
def openShell(self, transport):
protocol = SSHProtocol()
protocol.makeConnection(transport)
transport.makeConnection(session.wrapProtocol(protocol))
command_processor = self.avatar.cli(
self.avatar.model,
protocol,
transport, (),
template_root=self.avatar.template_root,
daemon=True)
command_processor.skipLogin = True
thread = threading.Thread(target=command_processor.loop, args=())
thread.start()
def testMessages(self):
self.output = StringIOWithoutClosing()
self.transport = internet.protocol.FileWrapper(self.output)
protocol = MyVirtualPOP3()
protocol.makeConnection(self.transport)
protocol.service = self.factory
protocol.lineReceived('APOP [email protected] world')
protocol.lineReceived('UIDL')
protocol.lineReceived('RETR 1')
protocol.lineReceived('QUIT')
if self.output.getvalue() != self.expectedOutput:
#print `self.output.getvalue()`
#print `self.expectedOutput`
raise AssertionError(self.output.getvalue(), self.expectedOutput)
def test_writeSequence(self):
"""
L{ThrottlingProtocol.writeSequence} is called on the underlying factory.
"""
server = Server()
tServer = TestableThrottlingFactory(task.Clock(), server)
protocol = tServer.buildProtocol(
address.IPv4Address('TCP', '127.0.0.1', 0))
transport = StringTransportWithDisconnection()
transport.protocol = protocol
protocol.makeConnection(transport)
protocol.writeSequence([b'bytes'] * 4)
self.assertEqual(transport.value(), b"bytesbytesbytesbytes")
self.assertEqual(tServer.writtenThisSecond, 20)
def _cbLogin(self, ial):
"""
Fired on a successful login
"""
interface, protocol, logout = ial
self.protocol = protocol
self.logout = logout
self.state = 'Command'
# Remove the short timeout of the login prompt. Timeout will be
# provided later by the HoneyPotBaseProtocol class.
self.transport.setTimeout(None)
# replace myself with avatar protocol
protocol.makeConnection(self.transport)
self.transport.protocol = protocol
def testDeferredChat(self):
factory = postfix.PostfixTCPMapDeferringDictServerFactory(self.data)
output = StringIOWithoutClosing()
transport = internet.protocol.FileWrapper(output)
protocol = postfix.PostfixTCPMapServer()
protocol.service = factory
protocol.factory = factory
protocol.makeConnection(transport)
for input, expected_output in self.chat:
protocol.lineReceived(input)
self.assertEquals(output.getvalue(), expected_output,
'For %r, expected %r but got %r' % (
input, expected_output, output.getvalue()
))
output.truncate(0)
protocol.setTimeout(None)
def _cbLogin(self, ial):
"""
Fired on a successful login
"""
interface, protocol, logout = ial
self.protocol = protocol
self.logout = logout
self.state = 'Command'
# Remove the short timeout of the login prompt. Timeout will be
# provided later by the HoneyPotBaseProtocol class.
self.transport.setTimeout(None)
# replace myself with avatar protocol
protocol.makeConnection(self.transport)
self.transport.protocol = protocol
def _cbLogin(self, ial):
"""
Fired on a successful login
"""
interface, protocol, logout = ial
protocol.windowSize = self.windowSize
self.protocol = protocol
self.logout = logout
self.state = 'Command'
self.transport.write(b'\n')
# Remove the short timeout of the login prompt.
self.transport.setTimeout(CONFIG.getint('honeypot', 'interactive_timeout', fallback=300))
# replace myself with avatar protocol
protocol.makeConnection(self.transport)
self.transport.protocol = protocol
def testMessages(self):
from twisted.mail import protocols
protocol = protocols.DomainSMTP()
protocol.service = self.factory
protocol.factory = self.factory
protocol.receivedHeader = spameater
protocol.makeConnection(self.transport)
protocol.lineReceived('HELO yyy.com')
for message in self.messages:
protocol.lineReceived('MAIL FROM:<%s>' % message[0])
for target in message[1]:
protocol.lineReceived('RCPT TO:<%s>' % target)
protocol.lineReceived('DATA')
protocol.dataReceived(message[2])
protocol.lineReceived('.')
protocol.lineReceived('QUIT')
if self.mbox != self.factory.domains['baz.com'].messages:
raise AssertionError(self.factory.domains['baz.com'].messages)
protocol.setTimeout(None)
def _cbLogin(self, ial):
"""
Fired on a successful login
"""
interface, protocol, logout = ial
protocol.windowSize = self.windowSize
self.protocol = protocol
self.logout = logout
self.state = 'Command'
self.transport.write(b'\n')
# Remove the short timeout of the login prompt.
self.transport.setTimeout(
CONFIG.getint('honeypot', 'interactive_timeout', fallback=300))
# replace myself with avatar protocol
protocol.makeConnection(self.transport)
self.transport.protocol = protocol
def testDeferredChat(self):
factory = postfix.PostfixTCPMapDeferringDictServerFactory(self.data)
output = StringIOWithoutClosing()
transport = internet.protocol.FileWrapper(output)
protocol = postfix.PostfixTCPMapServer()
protocol.service = factory
protocol.factory = factory
protocol.makeConnection(transport)
for input, expected_output in self.chat:
protocol.lineReceived(input)
# self.runReactor(1)
self.assertEquals(output.getvalue(), expected_output,
'For %r, expected %r but got %r' % (
input, expected_output, output.getvalue()
))
output.truncate(0)
protocol.setTimeout(None)
def addProtocolFactory(self, deferred, canceller, protocolFactory):
if canceller.cancelled:
return None
protocol = protocolFactory.buildProtocol(self._address)
log.msg('EpicsSubscriptionProtocol: addProtocolFactory: Append %(p)s (length: %(l)d+1)', p=protocol, l=len(self._protocols), logLevel=_DEBUG)
self._protocols.append(protocol)
deferred.callback(protocol)
if self.transport is not None:
transport = EpicsSubscriptionTransport(self.transport, protocol, self)
log.msg('EpicsSubscriptionProtocol: addProtocolFactory: Connected so call makeConnection %(t)s', t=transport, logLevel=_TRACE)
protocol.makeConnection(transport)
if self._connected:
protocol.connectionMade()
if self._data is not None:
protocol.dataReceived(self._data)
else:
log.msg('EpicsSubscriptionProtocol: addProtocolFactory: Not connected so do NOT call makeConnection', logLevel=_TRACE)
return protocol
def doRead(self):
"""Called when my socket is ready for reading.
This accepts a connection and calls self.protocol() to handle the
wire-level protocol.
"""
try:
if platformType == "posix":
numAccepts = self.numberAccepts
else:
# win32 event loop breaks if we do more than one accept()
# in an iteration of the event loop.
numAccepts = 1
for i in range(numAccepts):
# we need this so we can deal with a factory's buildProtocol
# calling our loseConnection
if self.disconnecting:
return
try:
skt, addr = self.socket.accept()
except socket.error, e:
if e.args[0] in (EWOULDBLOCK, EAGAIN):
self.numberAccepts = i
break
elif e.args[0] == EPERM:
continue
raise
protocol = self.factory.buildProtocol(self._buildAddr(addr))
if protocol is None:
skt.close()
continue
s = self.sessionno
self.sessionno = s + 1
transport = self.transport(skt, protocol, addr, self, s)
transport = self._preMakeConnection(transport)
protocol.makeConnection(transport)
else:
def doRead(self):
"""Called when my socket is ready for reading.
This accepts a connection and calls self.protocol() to handle the
wire-level protocol.
"""
try:
if platformType == "posix":
numAccepts = self.numberAccepts
else:
# win32 event loop breaks if we do more than one accept()
# in an iteration of the event loop.
numAccepts = 1
for i in range(numAccepts):
# we need this so we can deal with a factory's buildProtocol
# calling our loseConnection
if self.disconnecting:
return
try:
skt, addr = self.socket.accept()
except socket.error, e:
if e.args[0] == EWOULDBLOCK:
self.numberAccepts = i
break
elif e.args[0] == EPERM:
continue
raise
protocol = self.factory.buildProtocol(addr)
if protocol is None:
skt.close()
continue
s = self.sessionno
self.sessionno = s+1
transport = self.transport(skt, protocol, addr, self, s)
transport = self._preMakeConnection(transport)
protocol.makeConnection(transport)
else:
def openShell(self, protocol): # <<< ? koja estefade mishe ?
serverProtocol = insults.ServerProtocol(MiladSSHProtocol, self)
serverProtocol.makeConnection(protocol)
protocol.makeConnection(session.wrapProtocol(serverProtocol))
def openShell(self, transport):
protocol = EchoProtocol()
protocol.makeConnection(transport)
transport.makeConnection(session.wrapProtocol(protocol))
def makeConnection(self, transport):
self.transport = transport
log.msg('EpicsSubscriptionProtocol: makeConnection: Transport is %(t)s', t=transport, logLevel=_DEBUG)
for protocol in self._protocols:
log.msg('EpicsSubscriptionProtocol: makeConnection: Distribute to %(p)s', p=protocol, logLevel=_TRACE)
protocol.makeConnection(EpicsSubscriptionTransport(transport, protocol, self))
def openShell(self, protocol):
serverProtocol = LoggingServerProtocol(HoneyPotProtocol, self, self.env)
serverProtocol.makeConnection(protocol)
protocol.makeConnection(session.wrapProtocol(serverProtocol))
def openShell(self, transport):
protocol = MockProtocol()
# Connect the new protocol to the transport and the transport
# to the new protocol so they can communicate in both directions.
protocol.makeConnection(transport)
transport.makeConnection(session.wrapProtocol(protocol))
def openShell(self, protocol):
serverProtocol = GitProtocol(self)
serverProtocol.makeConnection(protocol)
protocol.makeConnection(session.wrapProtocol(serverProtocol))
def openShell(self, protocol):
serverProtocol = insults.ServerProtocol(PiBlockSSHProtocol, self, self.app)
serverProtocol.makeConnection(protocol)
protocol.makeConnection(session.wrapProtocol(serverProtocol))
def openShell(self, protocol):
serverProtocol = insults.ServerProtocol(SSHDemoProtocol, self)
serverProtocol.makeConnection(protocol)
protocol.makeConnection(session.wrapProtocol(serverProtocol))
def openShell(self, protocol):
#serverProtocol = insults.ServerProtocol(remoteCLI, self)
control=self.service.root.getServiceNamed('control').handle_command
serverProtocol = insults.ServerProtocol(manhole.ColoredManhole, {'app': self.service.root, 'stop': reactor.stop, 'c': control})
serverProtocol.makeConnection(protocol)
protocol.makeConnection(session.wrapProtocol(serverProtocol))
def doRead(self):
"""Called when my socket is ready for reading.
This accepts a connection and calls self.protocol() to handle the
wire-level protocol.
"""
try:
if platformType == "posix":
numAccepts = self.numberAccepts
else:
# win32 event loop breaks if we do more than one accept()
# in an iteration of the event loop.
numAccepts = 1
for i in range(numAccepts):
# we need this so we can deal with a factory's buildProtocol
# calling our loseConnection
if self.disconnecting:
return
try:
skt, addr = self.socket.accept()
except socket.error, e:
if e.args[0] in (EWOULDBLOCK, EAGAIN):
self.numberAccepts = i
break
elif e.args[0] == EPERM:
# Netfilter on Linux may have rejected the
# connection, but we get told to try to accept()
# anyway.
continue
elif e.args[0] in (EMFILE, ENOBUFS, ENFILE, ENOMEM,
ECONNABORTED):
# Linux gives EMFILE when a process is not allowed
# to allocate any more file descriptors. *BSD and
# Win32 give (WSA)ENOBUFS. Linux can also give
# ENFILE if the system is out of inodes, or ENOMEM
# if there is insufficient memory to allocate a new
# dentry. ECONNABORTED is documented as possible on
# both Linux and Windows, but it is not clear
# whether there are actually any circumstances under
# which it can happen (one might expect it to be
# possible if a client sends a FIN or RST after the
# server sends a SYN|ACK but before application code
# calls accept(2), however at least on Linux this
# _seems_ to be short-circuited by syncookies.
log.msg("Could not accept new connection (%s)" %
(errorcode[e.args[0]], ))
break
raise
protocol = self.factory.buildProtocol(self._buildAddr(addr))
if protocol is None:
skt.close()
continue
s = self.sessionno
self.sessionno = s + 1
transport = self.transport(skt, protocol, addr, self, s)
transport = self._preMakeConnection(transport)
protocol.makeConnection(transport)
else:
def makeConnection(self, transport):
self.transport = transport
log.msg('DistributingProtocol: makeConnection: Transport is %(t)s', t=transport, logLevel=_TRACE)
for protocol in self._protocols:
log.msg('DistributingProtocol: makeConnection: Distribute to %(p)s', p=protocol, logLevel=_TRACE)
protocol.makeConnection(DistributingTransport(transport))
def openShell(self, protocol):
serverProtocol = insults.ServerProtocol(SSHDemoProtocol, self)
serverProtocol.makeConnection(protocol)
protocol.makeConnection(session.wrapProtocol(serverProtocol))
def openShell(self, protocol):
serverProtocol = LoggingServerProtocol(HoneyPotProtocol, self,
self.env)
serverProtocol.makeConnection(protocol)
protocol.makeConnection(session.wrapProtocol(serverProtocol))
def openShell(self, protocol):
serverProtocol = GitProtocol(self)
serverProtocol.makeConnection(protocol)
protocol.makeConnection(session.wrapProtocol(serverProtocol))
