def connectionMade(self):
"""
Called when the connection is made from the other side.
We send our version, but wait with sending KEXINIT
"""
self.transportId = uuid.uuid4().hex[:12]
src_ip = self.transport.getPeer().host
ipv4rex = re.compile(r'^::ffff:(\d+\.\d+\.\d+\.\d+)$')
ipv4_search = ipv4rex.search(src_ip)
if ipv4_search is not None:
src_ip = ipv4_search.group(1)
log.msg(
eventid='cowrie.session.connect',
format="New connection: %(src_ip)s:%(src_port)s (%(dst_ip)s:%(dst_port)s) [session: %(session)s]",
src_ip=src_ip,
src_port=self.transport.getPeer().port,
dst_ip=self.transport.getHost().host,
dst_port=self.transport.getHost().port,
session=self.transportId,
sessionno='S{0}'.format(self.transport.sessionno),
protocol='ssh'
)
self.transport.write('{0}\r\n'.format(self.ourVersionString).encode('ascii'))
self.currentEncryptions = transport.SSHCiphers(b'none', b'none', b'none', b'none')
self.currentEncryptions.setKeys(b'', b'', b'', b'', b'', b'')
self.startTime = time.time()
try:
self.setTimeout(CONFIG.getint('honeypot', 'authentication_timeout'))
except NoOptionError:
self.setTimeout(120)
def connectionMade(self):
"""
Called when the connection is made from the other side.
We send our version, but wait with sending KEXINIT
"""
self.transportId = uuid.uuid4().hex[:8]
src_ip = self.transport.getPeer().host
ipv4rex = re.compile('^::ffff:(\d+\.\d+\.\d+\.\d+)$')
ipv4_search = ipv4rex.search(src_ip)
if ipv4_search != None:
src_ip = ipv4_search.group(1)
log.msg(
eventid='cowrie.session.connect',
format=
'New connection: %(src_ip)s:%(src_port)s (%(dst_ip)s:%(dst_port)s) [session: %(session)s]',
src_ip=src_ip,
src_port=self.transport.getPeer().port,
dst_ip=self.transport.getHost().host,
dst_port=self.transport.getHost().port,
session=self.transportId,
sessionno=self.transport.sessionno)
self.transport.write('{}\r\n'.format(self.ourVersionString))
self.currentEncryptions = transport.SSHCiphers('none', 'none', 'none',
'none')
self.currentEncryptions.setKeys('', '', '', '', '', '')
self.setTimeout(120)
self.logintime = time.time()
def connectionMade(self):
"""
Once the connection is up, set the ciphers but don't do anything else!
"""
self.currentEncryptions = transport.SSHCiphers('none', 'none', 'none',
'none')
self.currentEncryptions.setKeys('', '', '', '', '', '')
def connectionMade(self):
"""
Called when the connection is made from the other side.
We send our version, but wait with sending KEXINIT
"""
self.transportId = uuid.uuid4().hex[:12]
src_ip = self.transport.getPeer().host
ipv4_search = self.ipv4rex.search(src_ip)
if ipv4_search is not None:
src_ip = ipv4_search.group(1)
log.msg(
eventid='cowrie.session.connect',
format=
"New connection: %(src_ip)s:%(src_port)s (%(dst_ip)s:%(dst_port)s) [session: %(session)s]",
src_ip=src_ip,
src_port=self.transport.getPeer().port,
dst_ip=self.transport.getHost().host,
dst_port=self.transport.getHost().port,
session=self.transportId,
sessionno=f'S{self.transport.sessionno}',
protocol='ssh')
self.transport.write(f'{self.ourVersionString}\r\n'.encode('ascii'))
self.currentEncryptions = transport.SSHCiphers(b'none', b'none',
b'none', b'none')
self.currentEncryptions.setKeys(b'', b'', b'', b'', b'', b'')
self.startTime = time.time()
self.setTimeout(self.auth_timeout)
def connectionMade(self) -> None:
"""
Called when the connection is made from the other side.
We send our version, but wait with sending KEXINIT
"""
self.buf = b""
self.transportId: str = uuid.uuid4().hex[:12]
src_ip: str = self.transport.getPeer().host
ipv4_search = self.ipv4rex.search(src_ip)
if ipv4_search is not None:
src_ip = ipv4_search.group(1)
log.msg(
eventid="cowrie.session.connect",
format=
"New connection: %(src_ip)s:%(src_port)s (%(dst_ip)s:%(dst_port)s) [session: %(session)s]",
src_ip=src_ip,
src_port=self.transport.getPeer().port,
dst_ip=self.transport.getHost().host,
dst_port=self.transport.getHost().port,
session=self.transportId,
sessionno=f"S{self.transport.sessionno}",
protocol="ssh",
)
self.transport.write(f"{self.ourVersionString}\r\n".encode("ascii"))
self.currentEncryptions = transport.SSHCiphers(b"none", b"none",
b"none", b"none")
self.currentEncryptions.setKeys(b"", b"", b"", b"", b"", b"")
self.startTime: float = time.time()
self.setTimeout(self.auth_timeout)
def connectionMade(self):
"""
Called when the connection is made to the other side. We sent our
version and the MSG_KEXINIT packet.
"""
self.transport.write('%s\r\n' % (self.ourVersionString, ))
self.currentEncryptions = transport.SSHCiphers('none', 'none', 'none',
'none')
self.currentEncryptions.setKeys('', '', '', '', '', '')
def connectionMade(self):
''' Same as parent except that we do not call self.sendKexInit()
because we do not want to send anything on the wire other than the
banner after a CONNECT (ie. behave like a genuine OpenSSH server).
'''
self.transport.write(b'%s\r\n' % (self.ourVersionString, ))
self.currentEncryptions = transport.SSHCiphers(b'none', b'none',
b'none', b'none')
self.currentEncryptions.setKeys(b'', b'', b'', b'', b'', b'')
def connectionMade(self):
self.transportId = uuid.uuid4().hex
self.interactors = []
log.msg( 'New connection: %s:%s (%s:%s) [session: %d]' % \
(self.transport.getPeer().host, self.transport.getPeer().port,
self.transport.getHost().host, self.transport.getHost().port,
self.transport.sessionno) )
self.transport.write('%s\r\n' % (self.ourVersionString, ))
self.currentEncryptions = transport.SSHCiphers('none', 'none', 'none',
'none')
self.currentEncryptions.setKeys('', '', '', '', '', '')
def connectionMade(self):
"""
Called when the connection is made to the other side. We sent our
version and the MSG_KEXINIT packet.
"""
self.sshParse = ssh.SSH(self)
self.transportId = uuid.uuid4().hex[:12]
self.peer_ip = self.transport.getPeer().host
self.peer_port = self.transport.getPeer().port + 1
self.local_ip = self.transport.getHost().host
self.local_port = self.transport.getHost().port
self.transport.write(f"{self.ourVersionString}\r\n".encode())
self.currentEncryptions = transport.SSHCiphers(b"none", b"none",
b"none", b"none")
self.currentEncryptions.setKeys(b"", b"", b"", b"", b"", b"")
self.otherVersionString = "Unknown"
log.msg(
eventid="cowrie.session.connect",
format=
"New connection: %(src_ip)s:%(src_port)s (%(dst_ip)s:%(dst_port)s) [session: %(session)s]",
src_ip=self.peer_ip,
src_port=self.transport.getPeer().port,
dst_ip=self.local_ip,
dst_port=self.transport.getHost().port,
session=self.transportId,
sessionno=f"S{self.transport.sessionno}",
protocol="ssh",
)
# if we have a pool connect to it and later request a backend, else just connect to a simple backend
# when pool is set we can just test self.pool_interface to the same effect of getting the CowrieConfig
proxy_backend = CowrieConfig().get("proxy",
"backend",
fallback="simple")
if proxy_backend == "pool":
# request a backend
d = self.factory.pool_handler.request_interface()
d.addCallback(self.pool_connection_success)
d.addErrback(self.pool_connection_error)
else:
# simply a proxy, no pool
backend_ip = CowrieConfig().get("proxy", "backend_ssh_host")
backend_port = CowrieConfig().getint("proxy", "backend_ssh_port")
self.connect_to_backend(backend_ip, backend_port)
def connectionMade(self):
"""
Called when the connection is made to the other side. We sent our
version and the MSG_KEXINIT packet.
"""
self.sshParse = ssh.SSH(self)
self.transportId = uuid.uuid4().hex[:12]
self.peer_ip = self.transport.getPeer().host
self.peer_port = self.transport.getPeer().port + 1
self.local_ip = self.transport.getHost().host
self.local_port = self.transport.getHost().port
self.transport.write('{0}\r\n'.format(self.ourVersionString).encode())
self.currentEncryptions = transport.SSHCiphers(b'none', b'none',
b'none', b'none')
self.currentEncryptions.setKeys(b'', b'', b'', b'', b'', b'')
self.otherVersionString = 'Unknown'
log.msg(
eventid='cowrie.session.connect',
format=
"New connection: %(src_ip)s:%(src_port)s (%(dst_ip)s:%(dst_port)s) [session: %(session)s]",
src_ip=self.peer_ip,
src_port=self.transport.getPeer().port,
dst_ip=self.local_ip,
dst_port=self.transport.getHost().port,
session=self.transportId,
sessionno='S{0}'.format(self.transport.sessionno),
protocol='ssh')
# if we have a pool connect to it and later request a backend, else just connect to a simple backend
# when pool is set we can just test self.pool_interface to the same effect of getting the CowrieConfig
proxy_backend = CowrieConfig().get('proxy',
'backend',
fallback='simple')
if proxy_backend == 'pool':
# request a backend
d = self.factory.pool_handler.request_interface()
d.addCallback(self.pool_connection_success)
d.addErrback(self.pool_connection_error)
else:
# simply a proxy, no pool
backend_ip = CowrieConfig().get('proxy', 'backend_ssh_host')
backend_port = CowrieConfig().getint('proxy', 'backend_ssh_port')
self.connect_to_backend(backend_ip, backend_port)
def connectionMade(self):
"""
Called when the connection is made from the other side.
We send our version, but wait with sending KEXINIT
"""
self.transportId = uuid.uuid4().hex[:8]
self.interactors = []
log.msg(eventid='KIPP0001',
format='New connection: %(src_ip)s:%(src_port)s (%(dst_ip)s:%(dst_port)s) [session: %(sessionno)s]',
src_ip=self.transport.getPeer().host, src_port=self.transport.getPeer().port,
dst_ip=self.transport.getHost().host, dst_port=self.transport.getHost().port,
id=self.transportId, sessionno=self.transport.sessionno)
self.transport.write('%s\r\n' % (self.ourVersionString,))
self.currentEncryptions = transport.SSHCiphers('none', 'none', 'none', 'none')
self.currentEncryptions.setKeys('', '', '', '', '', '')
def connectionMade(self):
self.sshParse = ssh.SSH(self)
self.peer_ip = self.transport.getPeer().host
self.peer_port = self.transport.getPeer().port + 1
self.local_ip = self.transport.getHost().host
self.local_port = self.transport.getHost().port
self.pre_auth = pre_auth_handler.PreAuth(self)
self.post_auth = post_auth_handler.PostAuth(self)
# Execute pre auth
self.pre_auth.start()
"""
Called when the connection is made to the other side. We sent our
version and the MSG_KEXINIT packet.
"""
self.transport.write('{0}\r\n'.format(self.ourVersionString).encode())
self.currentEncryptions = transport.SSHCiphers(b'none', b'none', b'none', b'none')
self.currentEncryptions.setKeys(b'', b'', b'', b'', b'', b'')
self.otherVersionString = 'Unknown'
def connectionMade(self):
"""
Called when the connection is made from the other side.
We send our version, but wait with sending KEXINIT
"""
self.transportId = uuid.uuid4().hex[:8]
log.msg(
eventid='cowrie.session.connect',
format=
'New connection: %(src_ip)s:%(src_port)s (%(dst_ip)s:%(dst_port)s) [session: %(session)s]',
src_ip=self.transport.getPeer().host,
src_port=self.transport.getPeer().port,
dst_ip=self.transport.getHost().host,
dst_port=self.transport.getHost().port,
session=self.transportId,
sessionno=self.transport.sessionno)
self.transport.write('{}\r\n'.format(self.ourVersionString))
self.currentEncryptions = transport.SSHCiphers('none', 'none', 'none',
'none')
self.currentEncryptions.setKeys('', '', '', '', '', '')
self.setTimeout(120)
