Example #1
0
 def start(self):
     """
     Start Output Plugin
     """
     self.timeout = [
         CowrieConfig().getint('output_reversedns', 'timeout', fallback=3)
     ]
Example #2
0
    def sendBackend(self, data):
        self.backend_buffer.append(data)

        if not self.client:
            return

        for packet in self.backend_buffer:
            self.client.transport.write(packet)
            # log raw packets if user sets so
            if CowrieConfig.getboolean("proxy", "log_raw", fallback=False):
                log.msg(b"to_backend - " + data)

            if self.ttylogEnabled and self.authStarted:
                cleanData = data.replace(
                    b"\x00",
                    b"\n")  # some frontends send 0xFF instead of newline
                ttylog.ttylog_write(
                    self.ttylogFile,
                    len(cleanData),
                    ttylog.TYPE_INPUT,
                    time.time(),
                    cleanData,
                )
                self.ttylogSize += len(cleanData)

            self.backend_buffer = self.backend_buffer[1:]
Example #3
0
    def startFactory(self):
        # For use by the uptime command
        self.starttime = time.time()

        # Load/create keys
        rsaPubKeyString, rsaPrivKeyString = cowriekeys.getRSAKeys()
        dsaPubKeyString, dsaPrivKeyString = cowriekeys.getDSAKeys()
        self.publicKeys = {
            b'ssh-rsa': keys.Key.fromString(data=rsaPubKeyString),
            b'ssh-dss': keys.Key.fromString(data=dsaPubKeyString)
        }
        self.privateKeys = {
            b'ssh-rsa': keys.Key.fromString(data=rsaPrivKeyString),
            b'ssh-dss': keys.Key.fromString(data=dsaPrivKeyString)
        }

        _modulis = '/etc/ssh/moduli', '/private/etc/moduli'
        for _moduli in _modulis:
            try:
                self.primes = primes.parseModuliFile(_moduli)
                break
            except IOError:
                pass

        # this can come from backend in the future, check HonSSH's slim client
        self.ourVersionString = CowrieConfig().get(
            'ssh', 'version', fallback='SSH-2.0-OpenSSH_6.0p1 Debian-4+deb7u2')

        factory.SSHFactory.startFactory(self)
        log.msg("Ready to accept SSH connections")
 def __build_dict(self):
     configs = {
         **self.__get_defaults(),
         **CowrieConfig()['output_abuseipdb'], 'doge_dump':
         join(self.plugin_path, DOGE_DUMP)
     }
     return configs
Example #5
0
    def getCommand(self, cmd, paths):
        if not len(cmd.strip()):
            return None
        path = None
        if cmd in self.commands:
            return self.commands[cmd]
        if cmd[0] in ('.', '/'):
            path = self.fs.resolve_path(cmd, self.cwd)
            if not self.fs.exists(path):
                return None
        else:
            for i in [
                    '%s/%s' % (self.fs.resolve_path(x, self.cwd), cmd)
                    for x in paths
            ]:
                if self.fs.exists(i):
                    path = i
                    break

        txt = os.path.normpath('{}/txtcmds/{}'.format(
            CowrieConfig().get('honeypot', 'share_path'), path))
        if os.path.exists(txt) and os.path.isfile(txt):
            return self.txtcmd(txt)

        if path in self.commands:
            return self.commands[path]

        log.msg("Can't find command {}".format(path))
        return None
Example #6
0
    def __init__(self) -> None:
        self.sessions: Dict[str, str] = {}
        self.ips: Dict[str, str] = {}

        # Need these for each individual transport, or else the session numbers overlap
        self.sshRegex: Pattern[str] = re.compile(
            ".*SSHTransport,([0-9]+),[0-9a-f:.]+$")
        self.telnetRegex: Pattern[str] = re.compile(
            ".*TelnetTransport,([0-9]+),[0-9a-f:.]+$")
        self.sensor: str = CowrieConfig.get("honeypot",
                                            "sensor_name",
                                            fallback=socket.gethostname())
        self.timeFormat: str

        # use Z for UTC (Zulu) time, it's shorter.
        if "TZ" in environ and environ["TZ"] == "UTC":
            self.timeFormat = "%Y-%m-%dT%H:%M:%S.%fZ"
        else:
            self.timeFormat = "%Y-%m-%dT%H:%M:%S.%f%z"

        # Event trigger so that stop() is called by the reactor when stopping
        reactor.addSystemEventTrigger("before", "shutdown",
                                      self.stop)  # type: ignore

        self.start()
Example #7
0
 def start(self):
     """
     Start Output Plugin
     """
     self.timeout = [
         CowrieConfig.getint("output_reversedns", "timeout", fallback=3)
     ]
Example #8
0
 def __init__(self, tolerance_attempts, state_dump):
     self.sleeping = False
     self.sleep_until = 0
     self.tolerance_attempts = tolerance_attempts
     self.tolerance_window = 60 * CowrieConfig.getint(
         "output_abuseipdb", "tolerance_window", fallback=120)
     self.rereport_after = 3600 * CowrieConfig.getfloat(
         "output_abuseipdb", "rereport_after", fallback=24)
     if self.rereport_after < REREPORT_MINIMUM:
         self.rereport_after = REREPORT_MINIMUM
     self.state_dump = state_dump
     # To write our dump to disk we have a method we call in a thread so we
     # don't block if we get slow io. This is a cheap hack to get a lock on
     # the file. See self.write_dump_file()
     self._writing = False
     super().__init__()
Example #9
0
    def requestAvatar(self, avatarId, mind, *interfaces):
        backend = CowrieConfig().get('honeypot', 'backend', fallback='shell')

        if backend == 'shell':
            if conchinterfaces.IConchUser in interfaces:
                serv = shellserver.CowrieServer(self)
                user = shellavatar.CowrieUser(avatarId, serv)
                return interfaces[0], user, user.logout
            elif ITelnetProtocol in interfaces:
                serv = shellserver.CowrieServer(self)
                user = session.HoneyPotTelnetSession(avatarId, serv)
                return interfaces[0], user, user.logout
            raise NotImplementedError("No supported interfaces found.")
        elif backend == 'proxy':
            if conchinterfaces.IConchUser in interfaces:
                serv = proxyserver.CowrieServer(self)
                user = proxyavatar.CowrieUser(avatarId, serv)
                return interfaces[0], user, user.logout
            elif ITelnetProtocol in interfaces:
                raise NotImplementedError(
                    "Telnet not yet supported for proxy mode.")
            log.msg('No supported interfaces found.')
            raise NotImplementedError("No supported interfaces found.")
        else:
            raise NotImplementedError("No supported backend found.")
Example #10
0
 def start(self):
     """
     Start output plugin
     """
     misp_url = CowrieConfig.get("output_misp", "base_url")
     misp_key = CowrieConfig.get("output_misp", "api_key")
     misp_verifycert = (
         "true" == CowrieConfig.get("output_misp", "verify_cert").lower()
     )
     self.misp_api = PyMISP(
         url=misp_url, key=misp_key, ssl=misp_verifycert, debug=False
     )
     self.debug = CowrieConfig.getboolean("output_misp", "debug", fallback=False)
     self.publish = CowrieConfig.getboolean(
         "output_misp", "publish_event", fallback=False
     )
Example #11
0
    def backend_connection_success(self, backendTransport):
        log.msg("Connected to honeypot backend")

        self.startTime = time.time()
        self.setTimeout(CowrieConfig().getint('honeypot',
                                              'authentication_timeout',
                                              fallback=120))
Example #12
0
    def getCommand(self, cmd, paths):
        if not len(cmd.strip()):
            return None
        path = None
        if cmd in self.commands:
            return self.commands[cmd]
        if cmd[0] in (".", "/"):
            path = self.fs.resolve_path(cmd, self.cwd)
            if not self.fs.exists(path):
                return None
        else:
            for i in [
                    f"{self.fs.resolve_path(x, self.cwd)}/{cmd}" for x in paths
            ]:
                if self.fs.exists(i):
                    path = i
                    break

        txt = os.path.normpath("{}/txtcmds/{}".format(
            CowrieConfig.get("honeypot", "share_path"), path))
        if os.path.exists(txt) and os.path.isfile(txt):
            return self.txtcmd(txt)

        if path in self.commands:
            return self.commands[path]

        log.msg(f"Can't find command {cmd}")
        return None
    def connectionMade(self):
        """
        Called when the connection is made to the other side.  We sent our
        version and the MSG_KEXINIT packet.
        """
        self.sshParse = ssh.SSH(self)
        self.transportId = uuid.uuid4().hex[:12]

        self.peer_ip = self.transport.getPeer().host
        self.peer_port = self.transport.getPeer().port + 1
        self.local_ip = self.transport.getHost().host
        self.local_port = self.transport.getHost().port

        self.transport.write(f'{self.ourVersionString}\r\n'.encode())
        self.currentEncryptions = transport.SSHCiphers(b'none', b'none',
                                                       b'none', b'none')
        self.currentEncryptions.setKeys(b'', b'', b'', b'', b'', b'')
        self.otherVersionString = 'Unknown'

        log.msg(
            eventid='cowrie.session.connect',
            format=
            "New connection: %(src_ip)s:%(src_port)s (%(dst_ip)s:%(dst_port)s) [session: %(session)s]",
            src_ip=self.peer_ip,
            src_port=self.transport.getPeer().port,
            dst_ip=self.local_ip,
            dst_port=self.transport.getHost().port,
            session=self.transportId,
            sessionno=f'S{self.transport.sessionno}',
            protocol='ssh')

        # if we have a pool connect to it and later request a backend, else just connect to a simple backend
        # when pool is set we can just test self.pool_interface to the same effect of getting the CowrieConfig
        proxy_backend = CowrieConfig().get('proxy',
                                           'backend',
                                           fallback='simple')

        if proxy_backend == 'pool':
            # request a backend
            d = self.factory.pool_handler.request_interface()
            d.addCallback(self.pool_connection_success)
            d.addErrback(self.pool_connection_error)
        else:
            # simply a proxy, no pool
            backend_ip = CowrieConfig().get('proxy', 'backend_ssh_host')
            backend_port = CowrieConfig().getint('proxy', 'backend_ssh_port')
            self.connect_to_backend(backend_ip, backend_port)
Example #14
0
    def start(self):
        host = CowrieConfig.get("output_elasticsearch", "host")
        port = CowrieConfig.get("output_elasticsearch", "port")
        self.index = CowrieConfig.get("output_elasticsearch", "index")
        self.type = CowrieConfig.get("output_elasticsearch", "type")
        self.pipeline = CowrieConfig.get("output_elasticsearch", "pipeline")
        # new options (creds + https)
        username = CowrieConfig.get("output_elasticsearch",
                                    "username",
                                    fallback=None)
        password = CowrieConfig.get("output_elasticsearch",
                                    "password",
                                    fallback=None)
        use_ssl = CowrieConfig.getboolean("output_elasticsearch",
                                          "ssl",
                                          fallback=False)
        ca_certs = CowrieConfig.get("output_elasticsearch",
                                    "ca_certs",
                                    fallback=None)
        verify_certs = CowrieConfig.getboolean("output_elasticsearch",
                                               "verify_certs",
                                               fallback=True)

        options: dict[str, Any] = {}
        # connect
        if (username is not None) and (password is not None):
            options["http_auth"] = (username, password)
        if use_ssl:
            options["scheme"] = "https"
            options["use_ssl"] = use_ssl
            options["ssl_show_warn"] = False
            options["verify_certs"] = verify_certs
            if verify_certs:
                options["ca_certs"] = ca_certs

        # connect
        self.es = Elasticsearch(f"{host}:{port}", **options)
        # self.es = Elasticsearch('{0}:{1}'.format(self.host, self.port))

        self.check_index()

        # ensure geoip pipeline is well set up
        if self.pipeline == "geoip":
            # create a new feature if it does not exist yet
            self.check_geoip_mapping()
            # ensure the geoip pipeline is setup
            self.check_geoip_pipeline()
Example #15
0
    def __init__(self, server):
        # holds packet data; useful to manipulate it across functions as needed
        self.currentData = None
        self.sendData = True

        # front and backend references
        self.server = server
        self.client = None

        # definitions from config
        self.spoofAuthenticationData = CowrieConfig().getboolean(
            'proxy', 'telnet_spoof_authentication')

        self.backendLogin = CowrieConfig().get('proxy',
                                               'backend_user').encode()
        self.backendPassword = CowrieConfig().get('proxy',
                                                  'backend_pass').encode()

        self.usernameInNegotiationRegex = CowrieConfig().get(
            'proxy', 'telnet_username_in_negotiation_regex',
            raw=True).encode()
        self.usernamePromptRegex = CowrieConfig().get(
            'proxy', 'telnet_username_prompt_regex', raw=True).encode()
        self.passwordPromptRegex = CowrieConfig().get(
            'proxy', 'telnet_password_prompt_regex', raw=True).encode()

        # telnet state
        self.currentCommand = b''

        # auth state
        self.authStarted = False
        self.authDone = False

        self.usernameState = b''  # TODO clear on end
        self.inputingLogin = False

        self.passwordState = b''  # TODO clear on end
        self.inputingPassword = False

        self.waitingLoginEcho = False

        # some data is sent by the backend right before the password prompt, we want to capture that
        # and the respective frontend response and send it before starting to intercept auth data
        self.prePasswordData = False

        # tty logging
        self.startTime = time.time()
        self.ttylogPath = CowrieConfig().get('honeypot', 'ttylog_path')
        self.ttylogEnabled = CowrieConfig().getboolean('honeypot',
                                                       'ttylog',
                                                       fallback=True)
        self.ttylogSize = 0

        if self.ttylogEnabled:
            self.ttylogFile = '{0}/telnet-{1}.log'.format(
                self.ttylogPath, time.strftime('%Y%m%d-%H%M%S'))
            ttylog.ttylog_open(self.ttylogFile, self.startTime)
Example #16
0
 def start(self):
     self.host = CowrieConfig().get(RETHINK_DB_SEGMENT, 'host')
     self.port = CowrieConfig().getint(RETHINK_DB_SEGMENT, 'port')
     self.db = CowrieConfig().get(RETHINK_DB_SEGMENT, 'db')
     self.table = CowrieConfig().get(RETHINK_DB_SEGMENT, 'table')
     self.password = CowrieConfig().get(RETHINK_DB_SEGMENT,
                                        'password',
                                        raw=True)
     self.connection = r.connect(host=self.host,
                                 port=self.port,
                                 db=self.db,
                                 password=self.password)
     try:
         r.db_create(self.db).run(self.connection)
         r.db(self.db).table_create(self.table).run(self.connection)
     except r.RqlRuntimeError:
         pass
Example #17
0
 def start(self):
     self.host = CowrieConfig.get(RETHINK_DB_SEGMENT, "host")
     self.port = CowrieConfig.getint(RETHINK_DB_SEGMENT, "port")
     self.db = CowrieConfig.get(RETHINK_DB_SEGMENT, "db")
     self.table = CowrieConfig.get(RETHINK_DB_SEGMENT, "table")
     self.password = CowrieConfig.get(RETHINK_DB_SEGMENT,
                                      "password",
                                      raw=True)
     self.connection = r.connect(host=self.host,
                                 port=self.port,
                                 db=self.db,
                                 password=self.password)
     try:
         r.db_create(self.db).run(self.connection)
         r.db(self.db).table_create(self.table).run(self.connection)
     except r.RqlRuntimeError:
         pass
Example #18
0
    def __init__(self) -> None:
        self.pool_handler = None

        # ssh is enabled by default
        self.enableSSH: bool = CowrieConfig.getboolean("ssh",
                                                       "enabled",
                                                       fallback=True)

        # telnet is disabled by default
        self.enableTelnet: bool = CowrieConfig.getboolean("telnet",
                                                          "enabled",
                                                          fallback=False)

        # pool is disabled by default, but need to check this setting in case user only wants to run the pool
        self.pool_only: bool = CowrieConfig.getboolean("backend_pool",
                                                       "pool_only",
                                                       fallback=False)
Example #19
0
    def __init__(self, nat_service):
        self.qemu = backend_pool.libvirt.backend_service.LibvirtBackendService(
        )
        self.nat_service = nat_service

        self.guests = []
        self.guest_id = 0
        self.guest_lock = Lock()

        # time in seconds between each loop iteration
        self.loop_sleep_time = 5
        self.loop_next_call = None

        # default configs; custom values will come from the client when they connect to the pool
        self.max_vm = 2
        self.vm_unused_timeout = 600
        self.share_guests = True

        # file configs
        self.ssh_port = CowrieConfig().getint("backend_pool",
                                              "guest_ssh_port",
                                              fallback=-1)
        self.telnet_port = CowrieConfig().getint("backend_pool",
                                                 "guest_telnet_port",
                                                 fallback=-1)

        self.local_pool = (CowrieConfig().get("proxy",
                                              "pool",
                                              fallback="local") == "local")
        self.pool_only = CowrieConfig().getboolean("backend_pool",
                                                   "pool_only",
                                                   fallback=False)
        self.use_nat = CowrieConfig().getboolean("backend_pool",
                                                 "use_nat",
                                                 fallback=True)

        # detect invalid config
        if not self.ssh_port > 0 and not self.telnet_port > 0:
            log.msg(
                eventid="cowrie.backend_pool.service",
                format=
                "Invalid configuration: one of SSH or Telnet ports must be defined!",
            )
            os._exit(1)

        self.any_vm_up = False  # TODO fix for no VM available
Example #20
0
 def __init__(self, logbook, attempts):
     self.logbook = logbook
     self.attempts = attempts
     self.headers = {
         "User-Agent": "Cowrie Honeypot AbuseIPDB plugin",
         "Accept": "application/json",
         "Key": CowrieConfig.get("output_abuseipdb", "api_key"),
     }
Example #21
0
 def __init__(self, logbook, attempts):
     self.logbook = logbook
     self.attempts = attempts
     self.headers = {
         'User-Agent': 'Cowrie Honeypot AbuseIPDB plugin',
         'Accept': 'application/json',
         'Key': CowrieConfig().get('output_abuseipdb', 'api_key')
     }
Example #22
0
    def __init__(self, realm):
        try:
            arches = [arch.strip() for arch in CowrieConfig().get('shell', 'arch').split(',')]
            self.arch = random.choice(arches)
        except NoOptionError:
            self.arch = 'linux-x64-lsb'

        log.msg(f"Initialized emulated server as architecture: {self.arch}")
Example #23
0
    def __init__(self, *args, **kw):
        channel.CowrieSSHChannel.__init__(self, *args, **kw)

        keyPath = CowrieConfig().get('proxy', 'private_key')
        self.keys.append(keys.Key.fromFile(keyPath))

        try:
            keyPath = CowrieConfig().get('proxy', 'private_key')
            self.keys.append(keys.Key.fromFile(keyPath))
        except NoOptionError:
            self.keys = None

        knownHostsPath = CowrieConfig().get('proxy', 'known_hosts')
        self.knownHosts = KnownHostsFile.fromPath(knownHostsPath)

        self.host = CowrieConfig().get('proxy', 'host')
        self.port = CowrieConfig().getint('proxy', 'port')
        self.user = CowrieConfig().get('proxy', 'user')
        try:
            self.password = CowrieConfig().get('proxy', 'password')
        except NoOptionError:
            self.password = None

        log.msg("knownHosts = {0}".format(repr(self.knownHosts)))
        log.msg("host = {0}".format(self.host))
        log.msg("port = {0}".format(self.port))
        log.msg("user = {0}".format(self.user))

        self.client = ProxyClient(self)
Example #24
0
    def download(self, url, fakeoutfile, outputfile, *args, **kwargs):
        scheme: bytes
        try:
            parsed = compat.urllib_parse.urlparse(url)
            scheme = parsed.scheme
            host: str = parsed.hostname.decode("utf8")
            port: int = parsed.port or (443 if scheme == "https" else 80)
            if scheme != b"http" and scheme != b"https":
                raise NotImplementedError
        except Exception:
            self.errorWrite(
                f'curl: (1) Protocol "{scheme.encode("utf8")}" not supported or disabled in libcurl\n'
            )
            self.exit()
            return None

        # TODO: need to do full name resolution in case someon passes DNS name pointing to local address
        try:
            if ipaddress.ip_address(host).is_private:
                self.errorWrite(
                    "curl: (6) Could not resolve host: {}\n".format(host))
                return None
        except ValueError:
            pass

        factory = HTTPProgressDownloader(self, fakeoutfile, url, outputfile,
                                         *args, **kwargs)
        out_addr = None
        if CowrieConfig.has_option("honeypot", "out_addr"):
            out_addr = (CowrieConfig.get("honeypot", "out_addr"), 0)

        if scheme == "https":
            context_factory = ssl.optionsForClientTLS(hostname=host)
            self.connection = reactor.connectSSL(host,
                                                 port,
                                                 factory,
                                                 context_factory,
                                                 bindAddress=out_addr)
        else:  # Can only be http
            self.connection = reactor.connectTCP(host,
                                                 port,
                                                 factory,
                                                 bindAddress=out_addr)

        return factory.deferred
Example #25
0
    def __init__(self, protocol, *args):
        self.protocol = protocol
        self.args = list(args)
        self.environ = self.protocol.cmdstack[0].environ
        self.fs = self.protocol.fs
        self.data = None  # output data
        self.input_data = None  # used to store STDIN data passed via PIPE
        self.writefn = self.protocol.pp.outReceived
        self.errorWritefn = self.protocol.pp.errReceived
        # MS-DOS style redirect handling, inside the command
        # TODO: handle >>, 2>, etc
        if '>' in self.args or '>>' in self.args:
            self.writtenBytes = 0
            self.writefn = self.write_to_file
            if '>>' in self.args:
                index = self.args.index('>>')
                b_append = True
            else:
                index = self.args.index('>')
                b_append = False
            self.outfile = self.fs.resolve_path(str(self.args[(index + 1)]),
                                                self.protocol.cwd)
            del self.args[index:]
            p = self.fs.getfile(self.outfile)
            if not p or not p[fs.A_REALFILE] or p[fs.A_REALFILE].startswith(
                    'honeyfs') or not b_append:
                tmp_fname = '%s-%s-%s-redir_%s' % \
                            (time.strftime('%Y%m%d-%H%M%S'),
                             self.protocol.getProtoTransport().transportId,
                             self.protocol.terminal.transport.session.id,
                             re.sub('[^A-Za-z0-9]', '_', self.outfile))
                self.safeoutfile = os.path.join(
                    CowrieConfig().get('honeypot', 'download_path'), tmp_fname)
                perm = stat.S_IRUSR | stat.S_IWUSR | stat.S_IRGRP | stat.S_IROTH
                try:
                    self.fs.mkfile(self.outfile, 0, 0, 0, stat.S_IFREG | perm)
                except fs.FileNotFound:
                    # The outfile locates at a non-existing directory.
                    self.errorWrite('-bash: %s: No such file or directory\n' %
                                    self.outfile)
                    self.writefn = self.write_to_failed
                    self.outfile = None
                    self.safeoutfile = None
                except fs.PermissionDenied:
                    # The outfile locates in a file-system that doesn't allow file creation
                    self.errorWrite('-bash: %s: Permission denied\n' %
                                    self.outfile)
                    self.writefn = self.write_to_failed
                    self.outfile = None
                    self.safeoutfile = None

                else:
                    with open(self.safeoutfile, 'ab'):
                        self.fs.update_realfile(self.fs.getfile(self.outfile),
                                                self.safeoutfile)
            else:
                self.safeoutfile = p[fs.A_REALFILE]
    def backend_connection_success(self, backendTransport):
        log.msg("Connected to honeypot backend")

        self.startTime = time.time()

        # this timeout is replaced with `interactive_timeout` in ssh.py
        self.setTimeout(CowrieConfig().getint("honeypot",
                                              "authentication_timeout",
                                              fallback=120))
Example #27
0
class Artifact:

    artifactDir: str = CowrieConfig.get("honeypot", "download_path")

    def __init__(self, label: str) -> None:
        self.label: str = label

        self.fp = tempfile.NamedTemporaryFile(dir=self.artifactDir,
                                              delete=False)
        self.tempFilename = self.fp.name
        self.closed: bool = False

        self.shasum: str = ""
        self.shasumFilename: str = ""

    def __enter__(self) -> Any:
        return self.fp

    def __exit__(
        self,
        etype: Optional[Type[BaseException]],
        einst: Optional[BaseException],
        etrace: Optional[TracebackType],
    ) -> bool:
        self.close()
        return True

    def write(self, bytes: bytes) -> None:
        self.fp.write(bytes)

    def fileno(self) -> Any:
        return self.fp.fileno()

    def close(self, keepEmpty: bool = False) -> Optional[Tuple[str, str]]:
        size: int = self.fp.tell()
        if size == 0 and not keepEmpty:
            os.remove(self.fp.name)
            return None

        self.fp.seek(0)
        data = self.fp.read()
        self.fp.close()
        self.closed = True

        self.shasum = hashlib.sha256(data).hexdigest()
        self.shasumFilename = os.path.join(self.artifactDir, self.shasum)

        if os.path.exists(self.shasumFilename):
            log.msg("Not storing duplicate content " + self.shasum)
            os.remove(self.fp.name)
        else:
            os.rename(self.fp.name, self.shasumFilename)
            umask = os.umask(0)
            os.umask(umask)
            os.chmod(self.shasumFilename, 0o666 & ~umask)

        return self.shasum, self.shasumFilename
Example #28
0
    def __init__(self):
        self.topService = None
        self.pool_handler = None

        # ssh is enabled by default
        self.enableSSH = CowrieConfig().getboolean('ssh',
                                                   'enabled',
                                                   fallback=True)

        # telnet is disabled by default
        self.enableTelnet = CowrieConfig().getboolean('telnet',
                                                      'enabled',
                                                      fallback=False)

        # pool is disabled by default, but need to check this setting in case user only wants to run the pool
        self.pool_only = CowrieConfig().getboolean('backend_pool',
                                                   'pool_only',
                                                   fallback=False)
Example #29
0
    def sendFrontend(self, data):
        self.server.transport.write(data)

        # log raw packets if user sets so
        if CowrieConfig().getboolean('proxy', 'log_raw', fallback=False):
            log.msg(b'to_frontend - ' + data)

        if self.ttylogEnabled and self.authStarted:
            ttylog.ttylog_write(self.ttylogFile, len(data), ttylog.TYPE_OUTPUT, time.time(), data)
Example #30
0
    def __init__(self):
        log.msg("Early version of hpfeeds-output, untested!")

        try:
            self.tags = [tag.strip() for tag in CowrieConfig().get('output_hpfeeds', 'tags').split(',')]
        except Exception as e:
            self.tags = []

        cowrie.core.output.Output.__init__(self)