def post_processer(self): while True: attack_event = self.post_queue.get() gen_dork_list.collect_dork(attack_event) for logger in self.loggers: logger.insert(attack_event) if self.options["hpfeeds"] == "True": self.hpfeeds_logger.handle_send("glastopf.events", json.dumps(attack_event.event_dict())) if attack_event.file_name != None: with file("files/" + attack_event.file_name, 'r') as file_handler: file_content = file_handler.read() self.hpfeeds_logger.handle_send("glastopf.files", attack_event.file_name + " " + base64.b64encode(file_content))
def test_automated_extension(self): """Objective: Test if the database extends on new requests to the honeypot. Input: A test request with URL: http://localhost:8080/test.php?c=test Expected Results: An entry in the 'inurl' db table containing '/test.php'. Notes: The test adds the '/test.php' entry to the database.""" attack_event = attack.AttackEvent() attack_event.matched_pattern = "internal_test" attack_event.parsed_request = util.HTTPRequest() attack_event.parsed_request.url = "/test.php?c=test" print "Attack event prepared." gen_dork_list.collect_dork(attack_event) print "Done collecting the path from the event and writing to the database." sql = "SELECT * FROM inurl WHERE content = ?" db = dork_db.DorkDB() self.cursor = db.conn.cursor() cnt = self.cursor.execute(sql, (attack_event.parsed_request.url.split('?')[0],)).fetchall() self.cursor.close() print "Done fetching the entries matching the request URL" self.assertTrue(len(cnt) > 0) print "Number of entries in the database matching our URL:", print len(cnt), print "which equates our expectation."