def connectionLost(self, reason):
self.setTimeout(None)
print "Connection #%s closed: %s" % (self._sessionid, self._srcip)
category = "Other"
if self.lastaction == "CONNECTED":
category = "Recon.Scanning"
elif self.lastaction == "BREAKPOINT":
category = "Attempt.Exploit"
data = ''.join(self._data)
data2log = {
"detect_time" : self._dtime,
"proto" : self._proto,
"src_ip" : self._srcip,
"src_port" : self._srcport,
"dst_ip" : self._socket[0],
"dst_port" : self._socket[1],
"category" : category,
"method" : self.method,
"cstring" : self.cstring,
"data" : w3u.hexdump(data)
}
logger.info(json.dumps(data2log))
def connectionLost(self, reason):
data = ''.join(self._data)
data2log = {
"detect_time" : self._dtime,
"proto" : [self._proto],
"src_ip" : self._peer.host,
"src_port" : self._peer.port,
"dst_ip" : self._socket[0],
"dst_port" : self._socket[1],
"smart" : "",
"decoded" : "",
"data" : w3u.hexdump(data),
}
data2log = self.proto_detection(data2log, data)
logger.info(json.dumps(data2log))
