def onReady(self): """ @summary: Event use to inform state of server stack First time this event is called is when human client is connected Second time is after color depth nego, because color depth nego restart a connection sequence @see: rdp.RDPServerObserver.onReady """ if self._rssFile is None: #compute which RSS file to keep width, height = self._controller.getScreen() size = width * height rssFilePath = sorted( self._rssFileSizeList, key=lambda x: abs(x[0][0] * x[0][1] - size))[0][1] log.info("select file (%s, %s) -> %s" % (width, height, rssFilePath)) hpfeedslog.info("select file (%s, %s) -> %s" % (width, height, rssFilePath)) self._rssFile = rss.createReader(rssFilePath) domain, username, password = self._controller.getCredentials() hostname = self._controller.getHostname() log.info("\n%s,domain:%s,username:%s,password:%s,hostname:%s" % (datetime.datetime.utcnow().strftime('%Y-%m-%dT%H:%M:%S.%fZ'), domain, username, password, hostname)) hpfeedslog.info( "%s, domain:%s, username:%s, password:%s, hostname:%s " % (datetime.datetime.utcnow().strftime('%Y-%m-%dT%H:%M:%S.%fZ'), domain, username, password, hostname)) self.start()
def onReady(self): """ @summary: Event use to inform state of server stack First time this event is called is when human client is connected Second time is after color depth nego, because color depth nego restart a connection sequence @see: rdp.RDPServerObserver.onReady """ if self._rssFile is None: #compute which RSS file to keep width, height = self._controller.getScreen() size = width * height rssFilePath = sorted(self._rssFileSizeList, key = lambda x: abs(x[0][0] * x[0][1] - size))[0][1] log.info("select file (%s, %s) -> %s"%(width, height, rssFilePath)) self._rssFile = rss.createReader(rssFilePath) domain, username, password = self._controller.getCredentials() hostname = self._controller.getHostname() log.info("""Credentials: \tdomain : %s \tusername : %s \tpassword : %s \thostname : %s """%(domain, username, password, hostname)); self.start()
def buildObserver(self, controller, addr): """ @param controller: {rdp.RDPServerController} @param addr: destination address @see: rdp.ServerFactory.buildObserver """ log.info("Connection from %s:%s"%(addr.host, addr.port)) return HoneyPotServer(controller, rss.createReader(self._rssFilePath))
def readSize(filePath): """ @summary: read size event in rss file @param filePath: path of rss file """ r = rss.createReader(filePath) while True: e = r.nextEvent() if e is None: return None elif e.type.value == rss.EventType.SCREEN: return e.event.width.value, e.event.height.value
def onReady(self): """ @summary: Event use to inform state of server stack First time this event is called is when human client is connected Second time is after color depth nego, because color depth nego restart a connection sequence @see: rdp.RDPServerObserver.onReady """ if self._rssFile is None: # compute which RSS file to keep width, height = self._controller.getScreen() size = width * height rssFilePath = sorted( self._rssFileSizeList, key=lambda x: abs(x[0][0] * x[0][1] - size))[0][1] logging.info( "%s --- select file (%s, %s) -> %s" % (datetime.datetime.utcnow().strftime('%Y-%m-%dT%H:%M:%S.%fZ'), width, height, rssFilePath)) self._rssFile = rss.createReader(rssFilePath) domain, username, password = self._controller.getCredentials() hostname = self._controller.getHostname() # logging.info("""%s --- Credentials: domain: %s username: %s password: %s hostname: %s""" % (datetime.datetime.utcnow().strftime('%Y-%m-%dT%H:%M:%S.%fZ'), domain, username, password, hostname)); client = self._controller._tpktLayer.transport.client session = md5.md5(client[0] + str(id(self))).hexdigest() logging.info({ 'event_id': 'rdpy.login.success', 'session': session, 'hostname': hostname, 'domain': domain, 'username': username, 'password': password, 'src_ip': client[0], 'src_port': client[1], 'start_ts': int(time.time()), 'transport_protocol': str(self._controller._tpktLayer.transport), }) self.start()
def __init__(self, config=None, logger=None): ServerFactory.__init__(self, 16, None, None) CanaryService.__init__(self, config, logger) self.rssFile = self.resource_filename("login.rss") reader = rss.createReader(self.rssFile) self.rss = [] while True: e = reader.nextEvent() if e: self.rss.append(e) else: break self.port = config.getVal("rdp.port", 3389) self.logtype = logger.LOG_RDP
def __init__(self, config=None, logger=None, instanceParams={}): ServerFactory.__init__(self, 16, None, None) CanaryService.__init__(self, config, logger) if instanceParams: self.port = instanceParams["rdp.port"] self.maskpassword = instanceParams.get('rdp.maskpassword', True) else: self.port = config.getVal("rdp.port", 3389) self.maskpassword = config.getVal('rdp.maskpassword', True) self.rssFile = self.resource_filename("login.rss") reader = rss.createReader(self.rssFile) self.rss = [] while True: e = reader.nextEvent() if e: self.rss.append(e) else: break self.logtype = logger.LOG_RDP
elif nextEvent.type.value == rss.EventType.SCREEN: widget.resize(nextEvent.event.width.value, nextEvent.event.height.value) elif nextEvent.type.value == rss.EventType.INFO: widget.drawInfos(nextEvent.event.domain.value, nextEvent.event.username.value, nextEvent.event.password.value, nextEvent.event.hostname.value) elif nextEvent.type.value == rss.EventType.CLOSE: widget.close() return e = rssFile.nextEvent() QtCore.QTimer.singleShot(e.timestamp.value,lambda:loop(widget, rssFile, e)) if __name__ == '__main__': try: opts, args = getopt.getopt(sys.argv[1:], "h") except getopt.GetoptError: help() for opt, arg in opts: if opt == "-h": help() sys.exit() filepath = args[0] #create application app = QtGui.QApplication(sys.argv) widget = RssPlayerWidget(800, 600) widget.show() rssFile = rss.createReader(filepath) start(widget, rssFile) sys.exit(app.exec_())
nextEvent.event.username.value, nextEvent.event.password.value, nextEvent.event.hostname.value) elif nextEvent.type.value == rss.EventType.CLOSE: widget.close() return e = rssFile.nextEvent() QtCore.QTimer.singleShot(e.timestamp.value, lambda: loop(widget, rssFile, e)) if __name__ == '__main__': try: opts, args = getopt.getopt(sys.argv[1:], "h") except getopt.GetoptError: help() for opt, arg in opts: if opt == "-h": help() sys.exit() filepath = args[0] #create application app = QtGui.QApplication(sys.argv) widget = RssPlayerWidget(800, 600) widget.show() rssFile = rss.createReader(filepath) start(widget, rssFile) sys.exit(app.exec_())