def run(self):
logger.debug('Starting timer')
timer = threading.Timer(120, self.shutdown)
timer.start()
total = b''
while 1:
try:
data = wrap_socket(lambda: self.source.recv(4096))
except Exception:
break
if data == b'' or not data:
break
if self.table or self.limit > 0:
total += data
try:
wrap_socket(lambda: self.dest.sendall(data))
except Exception:
break
if self.limit > 0 and len(total) >= self.limit:
break
if self.table:
http = self.table(request=str(total), connection=self.connection)
self.session.add(http)
self.session.commit()
logger.debug('Canceling timer')
timer.cancel()
self.shutdown()
def fake_shell(client_socket, session, connection, prompt, telnet=False):
start_shell()
command_count = 0
workdir = '/'
while command_count < 4:
client_socket.sendall(prompt)
try:
command = get_string(client_socket, telnet=telnet)
command_count += 1
except Exception as exception:
logger.debug(exception)
client_socket.close()
break
if command == '':
continue
if command == 'exit':
break
if command.startswith('cd'):
workdir = change_directory(command, workdir)
logger.debug('Shell workdir %s', workdir)
cmd = tables.ShellCommands(command=command, connection=connection)
session.add(cmd)
session.commit()
logger.debug('Shell committed command')
# timeout = 'timeout 1 ' if get_busybox() else 'timeout -t 1 '
exit_code, output = get_shell_container().exec_run(command, \
workdir=workdir)
logger.debug('Shell exit_code %s', str(exit_code))
logger.debug('Shell output %s', str(output))
output = output.replace(b'\n', b'\r\n')
if exit_code in (126, 127):
client_socket.sendall(command.encode('utf-8') + \
b': command not found\n')
else:
client_socket.sendall(output)
def creds(self, prompt):
logger.debug('Getting creds')
tries = 0
response = ''
while response == '':
self.request.sendall(prompt)
logger.debug('Before creds get_string')
response = get_string(self.request, limit=CREDS_LENGTH, telnet=True)
tries += 1
if tries > 2:
logger.debug('Creds no response')
raise IOError('no response')
logger.debug('Creds returning %s', response)
return response
def creds(self, prompt):
logger.debug('Getting creds')
tries = 0
response = ''
while response == '':
self.request.sendall(prompt)
logger.debug('Before creds get_string')
response = get_string(self.request, limit=256, telnet=True)
tries += 1
if tries > 2:
logger.debug('Creds no response')
raise IOError('no response')
logger.debug('Creds returning %s', response)
return response
def fake_shell(client_socket, connection, prompt, telnet=False):
start_shell()
command_count = 0
workdir = '/'
while command_count < 4:
client_socket.sendall(prompt)
try:
command = get_string(client_socket, telnet=telnet)
command_count += 1
except Exception as exception:
logger.debug(exception)
client_socket.close()
break
if command == '':
continue
if command == 'exit':
break
if command.startswith('cd'):
workdir = change_directory(command, workdir)
logger.debug('Shell workdir %s', workdir)
cmd = tables.ShellCommands(command=command, connection=connection)
write_db(cmd)
exit_code, output = get_shell_container().exec_run(command, \
workdir=workdir)
logger.debug('Shell exit_code %s', str(exit_code))
logger.debug('Shell output %s', str(output))
output = output.replace(b'\n', b'\r\n')
if exit_code in (126, 127):
client_socket.sendall(command.encode('utf-8') + \
b': command not found\n')
else:
client_socket.sendall(output)
def wrapper(function):
try:
return function()
except socket.timeout as timeout:
logger.debug(timeout)
raise Exception
except socket.error as error:
logger.debug(error)
raise Exception
except Exception as exc:
logger.debug(exc)
raise Exception
def get_string(client_socket, limit=SHELL_COMMAND_LENGTH, telnet=False):
character = client_socket.recv(1)
if not telnet:
client_socket.send(character)
# while there are telnet commands
while telnet and character == b'\xff':
# skip the next two as they are part of the telnet command
client_socket.recv(1)
client_socket.recv(1)
character = client_socket.recv(1)
string = ''
while character not in (b'\n', b'\r'):
if character == b'\b': # backspace
string = string[:-1]
elif character == '\x15': # control-u
string = ''
elif ord(character) > 127:
logger.debug('Meta character')
raise UnicodeError('Meta character')
elif len(string) > limit:
logger.debug('Too many characters')
raise IOError('Too many characters')
else:
string += character.decode('utf-8')
character = client_socket.recv(1)
if not telnet:
client_socket.send(character)
if not telnet:
client_socket.send(b'\n')
# read the newline
if telnet and character == b'\r':
character = client_socket.recv(1)
logger.debug('get_string returing %s', string.strip())
return string.strip()
def get_string(client_socket, limit=SHELL_COMMAND_LENGTH, telnet=False):
character = client_socket.recv(1)
if not telnet:
client_socket.send(character)
# while there are telnet commands
while telnet and character == b'\xff':
# skip the next two as they are part of the telnet command
client_socket.recv(1)
client_socket.recv(1)
character = client_socket.recv(1)
string = ''
while character not in (b'\n', b'\r'):
if character == b'\b': # backspace
string = string[:-1]
elif character == '\x15': # control-u
string = ''
elif ord(character) > 127:
logger.debug('Meta character')
raise UnicodeError('Meta character')
elif len(string) > limit:
logger.debug('Too many characters')
raise IOError('Too many characters')
else:
string += character.decode('utf-8')
character = client_socket.recv(1)
if not telnet:
client_socket.send(character)
if not telnet:
client_socket.send(b'\n')
# read the newline
if telnet and character == b'\r':
character = client_socket.recv(1)
logger.debug('get_string returing %s', string.strip())
return string.strip()
def handle(self):
self.request.settimeout(30)
connection = tables.Connections(
sourceIP=self.client_address[0],
sourcePort=self.client_address[1],
destPort=self.server.socket.getsockname()[1],
localRemote=getLocalRemote(self.client_address[0]),
proto=tables.TCP)
write_db(connection)
try:
username = self.creds(b'Username: '******'Password: '******'After creds')
creds = tables.Credentials(username=username, password=password, \
connection=connection)
write_db(creds)
self.request.sendall(
b'Last login: Mon Nov 20 12:41:05 2017 from 8.8.8.8\n')
prompt = b'\n$: ' if username in ('root', 'admin') else b'\n#: '
try:
fake_shell(self.request, connection, prompt, telnet=True)
except Exception as exc:
logger.debug(type(exc))
logger.debug(exc)
logger.debug('telnet fake_shell threw exception')
self.request.close()
logger.debug('telnet handle finished')
def handle(self):
self.request.settimeout(30)
connection = tables.Connections(
sourceIP=self.client_address[0],
sourcePort=self.client_address[1],
destIP=self.server.socket.getsockname()[0],
destPort=self.server.socket.getsockname()[1],
proto=tables.TCP)
write_db(connection)
try:
username = self.creds(b'Username: '******'Password: '******'After creds')
creds = tables.Credentials(username=username, password=password, \
connection=connection)
write_db(creds)
self.request.sendall(b'Last login: Mon Nov 20 12:41:05 2017 from 8.8.8.8\n')
prompt = b'\n$: ' if username in ('root', 'admin') else b'\n#: '
try:
fake_shell(self.request, connection, prompt, telnet=True)
except Exception as exc:
logger.debug(type(exc))
logger.debug(exc)
logger.debug('telnet fake_shell threw exception')
self.request.close()
logger.debug('telnet handle finished')