예제 #1
0
    def __init__(self, config="glastopf.cfg", work_dir=os.getcwd()):
        """
        :param work_dir: directory used for data storage and various data files, must be writeable by glastopf.
            Default: os.getcwd()
        :param config: path to the glastopf configuration file.
            Default: glastopf.cfg
        """
        logger.info(
            'Initializing Glastopf {0} using "{1}" as work directory.'.format(
                __version__, work_dir))
        self.work_dir = work_dir
        self.data_dir = os.path.join(self.work_dir, 'data')
        self.loggers = logging_handler.get_aux_loggers(self.data_dir,
                                                       self.work_dir)
        self.config_path = os.path.join(self.work_dir, config)

        conf_parser = ConfigParser()
        conf_parser.read(self.config_path)
        self.options = {
            "uid":
            conf_parser.get("webserver", "uid").encode('latin1'),
            "gid":
            conf_parser.get("webserver", "gid").encode('latin1'),
            "proxy_enabled":
            conf_parser.get("webserver", "proxy_enabled").encode('latin1'),
            "banner":
            conf_parser.get("misc", "banner").encode('latin1'),
            "sensorid":
            conf_parser.get("sensor", "sensorid").encode('latin1'),
        }

        if self.options['sensorid'] == "None":
            self.options['sensorid'] = str(uuid.uuid4())
            conf_parser.set('sensor', 'sensorid', self.options['sensorid'])
            with open((self.config_path), 'wb') as configfile:
                conf_parser.write(configfile)

        (self.maindb, self.dorkdb) = self.setup_main_database(conf_parser)

        self.dork_generator = self.setup_dork_generator(conf_parser)

        if len(self.dork_generator.get_current_pages()) == 0:
            logger.info(
                "Generating initial dork pages - this can take a while.")
            self.dork_generator.regular_generate_dork(0)

        #profiler disabled until issue #26 is fixed
        self.profiler_available = False
        #if self.profiler_available:
        #    self.profiler = profiler.Profiler(self.maindb)

        #self.HTTP_parser = util.HTTPParser()
        self.MethodHandlers = method_handler.HTTPMethods(self.data_dir)

        #used for post processing (logging and analysis) of attack events
        self.post_queue = Queue.Queue()
        self.workers_enabled = False
예제 #2
0
파일: glastopf.py 프로젝트: CZ-NIC/glastopf
    def __init__(self, config="glastopf.cfg", work_dir=os.getcwd()):
        """
        :param work_dir: directory used for data storage and various data files, must be writeable by glastopf.
            Default: os.getcwd()
        :param config: path to the glastopf configuration file.
            Default: glastopf.cfg
        """
        logger.info('Initializing Glastopf {0} using "{1}" as work directory.'.format(__version__, work_dir))
        self.work_dir = work_dir
        self.data_dir = os.path.join(self.work_dir, 'data')
        self.loggers = logging_handler.get_aux_loggers(self.data_dir, self.work_dir)
        self.config_path = os.path.join(self.work_dir, config)

        conf_parser = ConfigParser()
        conf_parser.read(self.config_path)
        self.options = {
            "uid": conf_parser.get("webserver", "uid").encode('latin1'),
            "gid": conf_parser.get("webserver", "gid").encode('latin1'),
            "proxy_enabled": conf_parser.get("webserver", "proxy_enabled").encode('latin1'),
            "banner": conf_parser.get("misc", "banner").encode('latin1'),
            "sensorid": conf_parser.get("sensor", "sensorid").encode('latin1'),
        }

        if self.options['sensorid'] == "None":
            self.options['sensorid'] = str(uuid.uuid4())
            conf_parser.set('sensor', 'sensorid', self.options['sensorid'])
            with open((self.config_path), 'wb') as configfile:
                conf_parser.write(configfile)

        (self.maindb, self.dorkdb) = self.setup_main_database(conf_parser)

        self.dork_generator = self.setup_dork_generator(conf_parser)

        if len(self.dork_generator.get_current_pages()) == 0:
            logger.info("Generating initial dork pages - this can take a while.")
            self.dork_generator.regular_generate_dork(0)

        self.profiler_available = False
        try:
            self.profiler_available = conf_parser.getboolean("profiler", "enabled")
        except (NoSectionError, NoOptionError):
            pass
        if self.profiler_available:
            self.profiler = profiler.Profiler(self.maindb)

        #self.HTTP_parser = util.HTTPParser()
        self.MethodHandlers = method_handler.HTTPMethods(self.data_dir)

        #used for post processing (logging and analysis) of attack events
        self.post_queue = Queue.Queue()
        self.workers_enabled = False
예제 #3
0
    def start_background_workers(self):
        """
        Starts background threads responsible for data processing and logging.
        """
        privileges.drop(self.work_dir, self.options['uid'], self.options['gid'])
        self.workers_enabled = True
        self.loggers = logging_handler.get_aux_loggers(self.data_dir)

        dork_worker = gevent.spawn(self.dork_generator.regular_generate_dork, 30)

        post_processor_worker = gevent.spawn(self.post_processer)
        logger.info('Glastopf started and privileges dropped.')

        return [dork_worker, post_processor_worker]
예제 #4
0
    def __init__(self, test=False, config="glastopf.cfg"):
        self.create_empty_dirs()
        self.test = test
        logger.info('Starting Glastopf')

        conf_parser = ConfigParser()
        conf_parser.read(config)
        self.options = {
            "hpfeeds": conf_parser.get("hpfeed", "enabled").encode('latin1'),
            "uid": conf_parser.get("webserver", "uid").encode('latin1'),
            "gid": conf_parser.get("webserver", "gid").encode('latin1'),
            "proxy_enabled": conf_parser.get("webserver", "proxy_enabled").encode('latin1'),
        }

        if self.options["hpfeeds"] == "True":
            self.hpfeeds_logger = hpfeeds.HPFeedClient(config=config)
            logger.info("HPFeeds started")
        
        self.profiler_available = False

        (self.maindb, self.dorkdb) = self.setup_main_database(conf_parser)

        self.dork_generator = self.setup_dork_generator(conf_parser)

        if not self.test:
            self.loggers = logging_handler.get_aux_loggers()

        if len(self.dork_generator.get_current_pages()) == 0:
            logger.info("Generating initial dork pages - this can take a while.")
            self.dork_generator.regular_generate_dork(0)

        if not test:
            regular_gen_dork = threading.Thread(
                target=self.dork_generator.regular_generate_dork, args=(30,))
            regular_gen_dork.daemon = True
            regular_gen_dork.start()
        
        if self.profiler_available:
            self.profiler = profiler.Profiler(self.maindb)

        self.HTTP_parser = util.HTTPParser()
        self.MethodHandlers = method_handler.HTTPMethods()

        self.post_queue = Queue.Queue()
        self.post_processing = threading.Thread(target=self.post_processer)
        self.post_processing.daemon = True
        self.post_processing.start()

        privileges.drop(self.options['uid'], self.options['gid'])
        logger.info('Glastopf instantiated and privileges dropped')
예제 #5
0
    def start_background_workers(self):
        """
        Starts background threads responsible for data processing and logging.
        """
        privileges.drop(self.work_dir, self.options["uid"], self.options["gid"])
        self.workers_enabled = True
        self.loggers = logging_handler.get_aux_loggers()

        dork_thread = threading.Thread(target=self.dork_generator.regular_generate_dork, args=(30,))
        dork_thread.daemon = True
        dork_thread.start()

        self.post_processing = threading.Thread(target=self.post_processer)
        self.post_processing.daemon = True
        self.post_processing.start()
        logger.info("Glastopf started and privileges dropped.")
예제 #6
0
    def start_background_workers(self):
        """
        Starts background threads responsible for data processing and logging.
        """
        privileges.drop(self.work_dir, self.options['uid'],
                        self.options['gid'])
        self.workers_enabled = True
        self.loggers = logging_handler.get_aux_loggers(self.data_dir)

        dork_worker = gevent.spawn(self.dork_generator.regular_generate_dork,
                                   30)

        post_processor_worker = gevent.spawn(self.post_processer)
        logger.info('Glastopf started and privileges dropped.')

        return [dork_worker, post_processor_worker]
예제 #7
0
    def start_background_workers(self):
        """
        Starts background threads responsible for data processing and logging.
        """
        privileges.drop(self.work_dir, self.options['uid'], self.options['gid'])
        self.workers_enabled = True
        self.loggers = logging_handler.get_aux_loggers(self.data_dir)

        dork_thread = threading.Thread(
            target=self.dork_generator.regular_generate_dork, args=(30,))
        dork_thread.daemon = True
        dork_thread.start()

        self.post_processing = threading.Thread(target=self.post_processer)
        self.post_processing.daemon = True
        self.post_processing.start()
        logger.info('Glastopf started and privileges dropped.')
예제 #8
0
    def __init__(self, config="glastopf.cfg", work_dir=os.getcwd()):
        """
        :param work_dir: directory used for data storage and various data files, must be writeable by glastopf.
            Default: os.getcwd()
        :param config: path to the glastopf configuration file.
            Default: glastopf.cfg
        """
        logger.info('Initializing Glastopf {0} using "{1}" as work directory.'.format(__version__, work_dir))
        self.work_dir = work_dir
        self.data_dir = os.path.join(self.work_dir, 'data')
        self.loggers = logging_handler.get_aux_loggers(self.data_dir, self.work_dir)

        conf_parser = ConfigParser()
        conf_parser.read(os.path.join(self.work_dir, config))
        self.options = {
            "uid": conf_parser.get("webserver", "uid").encode('latin1'),
            "gid": conf_parser.get("webserver", "gid").encode('latin1'),
            "proxy_enabled": conf_parser.get("webserver", "proxy_enabled").encode('latin1'),
            "banner": conf_parser.get("misc", "banner").encode('latin1'),
        }

        (self.maindb, self.dorkdb) = self.setup_main_database(conf_parser)

        self.dork_generator = self.setup_dork_generator(conf_parser)

        if len(self.dork_generator.get_current_pages()) == 0:
            logger.info("Generating initial dork pages - this can take a while.")
            self.dork_generator.regular_generate_dork(0)

        #profiler disabled until issue #26 is fixed
        self.profiler_available = False
        #if self.profiler_available:
        #    self.profiler = profiler.Profiler(self.maindb)

        #self.HTTP_parser = util.HTTPParser()
        self.MethodHandlers = method_handler.HTTPMethods(self.data_dir)

        #used for post processing (logging and analysis) of attack events
        self.post_queue = Queue.Queue()
        self.workers_enabled = False