def channel_closed(self):
if self.ttylogEnabled:
ttylog.ttylog_close(self.ttylogFile, time.time())
shasum = ttylog.ttylog_inputhash(self.ttylogFile)
shasumfile = os.path.join(self.ttylogPath, shasum)
if os.path.exists(shasumfile):
duplicate = True
os.remove(self.ttylogFile)
else:
duplicate = False
os.rename(self.ttylogFile, shasumfile)
umask = os.umask(0)
os.umask(umask)
os.chmod(shasumfile, 0o666 & ~umask)
log.msg(
eventid="cowrie.log.closed",
format="Closing TTY Log: %(ttylog)s after %(duration)d seconds",
ttylog=shasumfile,
size=self.ttylogSize,
shasum=shasum,
duplicate=duplicate,
duration=time.time() - self.startTime,
)
def close(self):
if self.ttylogEnabled:
ttylog.ttylog_close(self.ttylogFile, time.time())
shasum = ttylog.ttylog_inputhash(self.ttylogFile)
shasumfile = os.path.join(self.ttylogPath, shasum)
if os.path.exists(shasumfile):
duplicate = True
os.remove(self.ttylogFile)
else:
duplicate = False
os.rename(self.ttylogFile, shasumfile)
umask = os.umask(0)
os.umask(umask)
os.chmod(shasumfile, 0o666 & ~umask)
self.ttylogEnabled = False # do not close again if function called after closing
log.msg(
eventid='cowrie.log.closed',
format='Closing TTY Log: %(ttylog)s after %(duration)d seconds',
ttylog=shasumfile,
size=self.ttylogSize,
shasum=shasum,
duplicate=duplicate,
duration=time.time() - self.startTime)
def connectionLost(self, reason):
"""
FIXME: this method is called 4 times on logout....
it's called once from Avatar.closed() if disconnected
"""
if self.stdinlogOpen:
try:
with open(self.stdinlogFile, "rb") as f:
shasum = hashlib.sha256(f.read()).hexdigest()
shasumfile = os.path.join(self.downloadPath, shasum)
if os.path.exists(shasumfile):
os.remove(self.stdinlogFile)
duplicate = True
else:
os.rename(self.stdinlogFile, shasumfile)
duplicate = False
log.msg(
eventid="cowrie.session.file_download",
format=
"Saved stdin contents with SHA-256 %(shasum)s to %(outfile)s",
duplicate=duplicate,
outfile=shasumfile,
shasum=shasum,
destfile="",
)
except OSError:
pass
finally:
self.stdinlogOpen = False
if self.redirFiles:
for rp in self.redirFiles:
rf = rp[0]
if rp[1]:
url = rp[1]
else:
url = rf[rf.find("redir_") + len("redir_"):]
try:
if not os.path.exists(rf):
continue
if os.path.getsize(rf) == 0:
os.remove(rf)
continue
with open(rf, "rb") as f:
shasum = hashlib.sha256(f.read()).hexdigest()
shasumfile = os.path.join(self.downloadPath, shasum)
if os.path.exists(shasumfile):
os.remove(rf)
duplicate = True
else:
os.rename(rf, shasumfile)
duplicate = False
log.msg(
eventid="cowrie.session.file_download",
format=
"Saved redir contents with SHA-256 %(shasum)s to %(outfile)s",
duplicate=duplicate,
outfile=shasumfile,
shasum=shasum,
destfile=url,
)
except OSError:
pass
self.redirFiles.clear()
if self.ttylogEnabled and self.ttylogOpen:
ttylog.ttylog_close(self.ttylogFile, time.time())
self.ttylogOpen = False
shasum = ttylog.ttylog_inputhash(self.ttylogFile)
shasumfile = os.path.join(self.ttylogPath, shasum)
if os.path.exists(shasumfile):
duplicate = True
os.remove(self.ttylogFile)
else:
duplicate = False
os.rename(self.ttylogFile, shasumfile)
umask = os.umask(0)
os.umask(umask)
os.chmod(shasumfile, 0o666 & ~umask)
log.msg(
eventid="cowrie.log.closed",
format="Closing TTY Log: %(ttylog)s after %(duration)d seconds",
ttylog=shasumfile,
size=self.ttylogSize,
shasum=shasum,
duplicate=duplicate,
duration=time.time() - self.startTime,
)
insults.ServerProtocol.connectionLost(self, reason)
