def dotransform(request, response):
msg = 'Enter Start & End Date'
title = 'Kippo search for sessions by date range'
fieldNames = ["Start Date", "End Date"]
fieldValues = []
fieldValues = multenterbox(msg, title, fieldNames)
if fieldValues[0] or fieldValues[1] != '':
s_date = datetime.strptime(fieldValues[0], '%Y-%m-%d')
e_date = datetime.strptime(fieldValues[1], '%Y-%m-%d')
else:
return response + UIMessage('Specify a start & end date')
host = request.fields['kippodatabase']
x = db_connect(host)
try:
cursor = x.cursor()
query = "select * from sessions where starttime between %s and %s"
cursor.execute(query, (s_date,e_date))
for (id, starttime, endtime, sensor, ip, termsize, client) in cursor:
e = KippoSession('%s' %(id))
e.starttime = ('%s' %(starttime))
e.endtime = ('%s' %(endtime))
e.sensor = ('%s' %(sensor))
e.ipaddr = ('%s' %(ip))
e.termsize = ('%s' %(termsize))
e.client = ('%s' %(client))
e += Field('kippodatabase', host, displayname='Kippo Databse')
response += e
return response
except Exception as e:
return response + UIMessage(str(e))
def dotransform(request, response):
msg = "Enter Search Criteria"
title = "Kippo search for sessions by IP"
fieldNames = ["IP"]
fieldValues = []
fieldValues = multenterbox(msg, title, fieldNames)
if fieldValues[0] != "":
s_ip = fieldValues[0]
else:
return response + UIMessage("You need to type an IP address!!")
host = request.fields["kippodatabase"]
x = db_connect(host)
try:
cursor = x.cursor()
query = "select * from sessions where ip like %s"
cursor.execute(query, (s_ip,))
for (id, starttime, endtime, sensor, ip, termsize, client) in cursor:
e = KippoSession("%s" % (id))
e.starttime = "%s" % (starttime)
e.endtime = "%s" % (endtime)
e.sensor = "%s" % (sensor)
e.ipaddr = "%s" % (ip)
e.termsize = "%s" % (termsize)
e.client = "%s" % (client)
e += Field("kippodatabase", host, displayname="Kippo Database")
response += e
return response
except Exception as e:
return response + UIMessage(str(e))
def dotransform(request, response, config):
msg = 'Enter Search Criteria'
title = 'Kippo search for sessions by IP'
fieldNames = ["IP"]
fieldValues = []
fieldValues = multenterbox(msg, title, fieldNames)
if fieldValues[0] != '':
s_ip = fieldValues[0]
else:
return response + UIMessage('You need to type an IP address!!')
host = request.value
x = db_connect(host)
try:
cursor = x.cursor()
query = ("select * from sessions where ip like %s")
cursor.execute(query, (s_ip, ))
for (id, starttime, endtime, sensor, ip, termsize, client) in cursor:
e = KippoSession('%s' % (id))
e.starttime = ('%s' % (starttime))
e.endtime = ('%s' % (endtime))
e.sensor = ('%s' % (sensor))
e.ipaddr = ('%s' % (ip))
e.termsize = ('%s' % (termsize))
e.client = ('%s' % (client))
e += Field('kippoip', host, displayname='Kippo IP')
response += e
return response
except:
return response + UIMessage(x)
def dotransform(request, response, config):
msg = 'Enter Search Criteria'
title = 'Kippo search for sessions by IP'
fieldNames = ["IP"]
fieldValues = []
fieldValues = multenterbox(msg, title, fieldNames)
if fieldValues[0] != '':
s_ip = fieldValues[0]
else:
return response + UIMessage('You need to type an IP address!!')
host = request.value
x = db_connect(host)
try:
cursor = x.cursor()
query = ("select * from sessions where ip like %s")
cursor.execute(query, (s_ip,))
for (id, starttime, endtime, sensor, ip, termsize, client) in cursor:
e = KippoSession('%s' %(id))
e.starttime = ('%s' %(starttime))
e.endtime = ('%s' %(endtime))
e.sensor = ('%s' %(sensor))
e.ipaddr = ('%s' %(ip))
e.termsize = ('%s' %(termsize))
e.client = ('%s' %(client))
e += Field('kippoip', host, displayname='Kippo IP')
response += e
return response
except:
return response + UIMessage(x)
def dotransform(request, response):
host = request.fields['kippodatabase']
x = db_connect(host)
cursor = x.cursor()
query = "select ip from sessions"
cursor.execute(query)
for ip in cursor:
e = IPv4Address('%s' % ip)
e += Field('kippodatabase', host, displayname='Kippo Database')
response += e
return response
def dotransform(request, response):
host = request.fields['kippodatabase']
x = db_connect(host)
cursor = x.cursor()
query = "select ip from sessions"
cursor.execute(query)
for ip in cursor:
e = IPv4Address('%s' % ip)
e += Field('kippodatabase', host, displayname='Kippo Database')
response += e
return response
def dotransform(request, response, config):
host = request.value
x = db_connect(host)
cursor = x.cursor()
query = ("select ip from sessions")
cursor.execute(query)
for ip in cursor:
e = IPv4Address('%s' %(ip))
e += Field('kippoip', host, displayname='Kippo IP')
response += e
return response
def dotransform(request, response, config):
host = request.value
x = db_connect(host)
cursor = x.cursor()
query = ("select ip from sessions")
cursor.execute(query)
for ip in cursor:
e = IPv4Address('%s' % (ip))
e += Field('kippoip', host, displayname='Kippo IP')
response += e
return response
def dotransform(request, response):
host = request.value
x = db_connect(host)
try:
cursor = x.cursor()
query = "select * from sensors"
cursor.execute(query)
for (id, ip) in cursor:
e = KippoHoneypot('%s' % ip)
e += Field('kippodatabase', host, displayname='Kippo Database')
e += Field('kipposensorid', ('%s' % id), displayname='Kippo Sensor ID')
response += e
return response
except Exception as e:
return response + UIMessage(str(e))
def dotransform(request, response, config):
host = request.fields['kippoip']
k_id = request.value
x = db_connect(host)
try:
cursor = x.cursor()
query = ("select username, password from auth where session like %s")
cursor.execute(query, (k_id, ))
for username, password in cursor:
e = KippoLogin('%s/%s' % (username, password))
e += Field('kippoip', host, displayname='Kippo IP')
response += e
return response
except:
return response + UIMessage(x)
def dotransform(request, response):
sensor = request.fields['kipposensorid']
host = request.fields['kippodatabase']
x = db_connect(host)
try:
cursor = x.cursor()
query = "select ip from sessions where sensor like %s"
cursor.execute(query, (sensor,))
for ip in cursor:
e = IPv4Address('%s' % ip)
e += Field('kippodatabase', host, displayname='Kippo Database', matchingrule='loose')
response += e
return response
except Exception as e:
return response + UIMessage(str(e))
def dotransform(request, response):
host = request.fields['kippodatabase']
k_id = request.value
x = db_connect(host)
try:
cursor = x.cursor()
query = "select username, password from auth where session like %s"
cursor.execute(query, (k_id, ))
for username, password in cursor:
e = KippoLogin('%s/%s' % (username, password))
e += Field('kippoip', host, displayname='Kippo IP')
response += e
return response
except Exception as e:
return response + UIMessage(str(e))
def dotransform(request, response):
sess = request.value
host = request.fields['kippodatabase']
x = db_connect(host)
try:
cursor = x.cursor()
query = "select timestamp, success, input from input where session like %s"
cursor.execute(query, (sess, ))
for (timestamp, success, input) in cursor:
e = KippoInput(input)
e += Field('inputtime', timestamp, displayname='Time Stamp')
e += Field('inputsuc', success, displayname='Success')
e += Field('kippodatabase', host, displayname='Kippo Database')
response += e
return response
except Exception as e:
return response + UIMessage(str(e))
def dotransform(request, response, config):
sess = request.value
host = request.fields['kippoip']
x = db_connect(host)
try:
cursor = x.cursor()
query = ("select timestamp, success, input from input where session like %s")
cursor.execute(query, (sess,))
for timestamp, success, input in cursor:
e = KippoInput(input)
e += Field('inputtime', timestamp, displayname='Time Stamp')
e += Field('inputsuc', success, displayname='Success')
e += Field('kippoip', host, displayname='Kippo IP')
response += e
return response
except:
return response + UIMessage(x)
def dotransform(request, response):
sess = request.value
host = request.fields['kippodatabase']
x = db_connect(host)
try:
cursor = x.cursor()
query = "select timestamp, success, input from input where session like %s"
cursor.execute(query, (sess,))
for (timestamp, success, input) in cursor:
e = KippoInput(input)
e += Field('inputtime', timestamp, displayname='Time Stamp')
e += Field('inputsuc', success, displayname='Success')
e += Field('kippodatabase', host, displayname='Kippo Database')
response += e
return response
except Exception as e:
return response + UIMessage(str(e))
def dotransform(request, response):
sess = request.value
host = request.fields['kippodatabase']
x = db_connect(host)
try:
cursor = x.cursor()
query = "select timestamp, url, `outfile` from downloads where session like %s"
cursor.execute(query, (sess,))
for timestamp, url, outfile in cursor:
e = URL(url)
e.url = url
e += Field('filetime', timestamp, displayname='Time Stamp')
e += Field('fileout', outfile, displayname='Success')
e += Field('kippodatabase', host, displayname='Kippo Database')
response += e
return response
except Exception as e:
return response + UIMessage(str(e))
def dotransform(request, response):
sess = request.value
host = request.fields['kippodatabase']
x = db_connect(host)
try:
cursor = x.cursor()
query = "select timestamp, url, `outfile` from downloads where session like %s"
cursor.execute(query, (sess, ))
for timestamp, url, outfile in cursor:
e = URL(url)
e.url = url
e += Field('filetime', timestamp, displayname='Time Stamp')
e += Field('fileout', outfile, displayname='Success')
e += Field('kippodatabase', host, displayname='Kippo Database')
response += e
return response
except Exception as e:
return response + UIMessage(str(e))
def dotransform(request, response, config):
sess = request.value
host = request.fields['kippoip']
x = db_connect(host)
try:
cursor = x.cursor()
query = (
"select timestamp, success, input from input where session like %s"
)
cursor.execute(query, (sess, ))
for timestamp, success, input in cursor:
e = KippoInput(input)
e += Field('inputtime', timestamp, displayname='Time Stamp')
e += Field('inputsuc', success, displayname='Success')
e += Field('kippoip', host, displayname='Kippo IP')
response += e
return response
except:
return response + UIMessage(x)
def dotransform(request, response):
host = request.fields['kippodatabase']
ip = request.value
x = db_connect(host)
try:
cursor = x.cursor()
query = "select * from sessions where ip like %s"
cursor.execute(query, (ip, ))
for (id, starttime, endtime, sensor, ip, termsize, client) in cursor:
e = KippoSession('%s' %(id))
e.starttime = ('%s' %(starttime))
e.endtime = ('%s' %(endtime))
e.sensor = ('%s' %(sensor))
e.ipaddr = ('%s' %(ip))
e.termsize = ('%s' %(termsize))
e.client = ('%s' %(client))
e += Field('kippodatabase', host, displayname='Kippo Database')
response += e
return response
except Exception as e:
return response + UIMessage(str(e))
def dotransform(request, response, config):
host = request.fields['kippoip']
ip = request.value
x = db_connect(host)
try:
cursor = x.cursor()
query = ("select * from sessions where ip like %s")
cursor.execute(query, (ip, ))
for (id, starttime, endtime, sensor, ip, termsize, client) in cursor:
e = KippoSession('%s' % (id))
e.starttime = ('%s' % (starttime))
e.endtime = ('%s' % (endtime))
e.sensor = ('%s' % (sensor))
e.ipaddr = ('%s' % (ip))
e.termsize = ('%s' % (termsize))
e.client = ('%s' % (client))
e += Field('kippoip', host, displayname='Kippo IP')
response += e
return response
except:
return response + UIMessage(x)
