def __init__(self, path, config=None): logger.debug('hpfeedhandler init') port = config.get("port") if port is None: port = self.default_port try: port = int(port) except (TypeError, ValueError): logger.warning("Unable to convert value '%s' for port to int" % port) port = self.default_port self.client = hpfeeds.client.new(config['server'], port, config['ident'], config['secret']) ihandler.__init__(self, path) self.tags = config['tags'] logger.debug('Set tags to: {}'.format(self.tags)) self.dynip_resolve = config.get('dynip_resolve', '') self.dynip_timer = None self.ownip = None if isinstance(self.dynip_resolve, str) and self.dynip_resolve.startswith("http"): if pyev is None: logger.debug( 'You are missing the python pyev binding in your dionaea installation.' ) else: logger.debug('hpfeedihandler will use dynamic IP resolving!') self.loop = pyev.default_loop() self.dynip_timer = pyev.Timer(2., 300, self.loop, self._dynip_resolve) self.dynip_timer.start()
def __init__(self, path): logger.debug("%s ready!" % (self.__class__.__name__)) ihandler.__init__(self, path) self.apikey = g_dionaea.config( )['modules']['python']['virustotal']['apikey'] self.cookies = {} self.loop = pyev.default_loop() self.backlog_timer = pyev.Timer(0, 20, self.loop, self.__handle_backlog_timeout) self.backlog_timer.start() p = g_dionaea.config()['modules']['python']['virustotal']['file'] self.dbh = sqlite3.connect(p) self.cursor = self.dbh.cursor() self.cursor.execute(""" CREATE TABLE IF NOT EXISTS backlogfiles ( backlogfile INTEGER PRIMARY KEY, status TEXT NOT NULL, -- new, submit, query, comment md5_hash TEXT NOT NULL, path TEXT NOT NULL, timestamp INTEGER NOT NULL, scan_id TEXT, lastcheck_time INTEGER, submit_time INTEGER );""")
def __init__(self, path, config=None): logger.debug("%s ready!" % (self.__class__.__name__)) ihandler.__init__(self, path) self.apikey = config.get("apikey") comment = config.get("comment") if comment is None: comment = "This sample was captured in the wild and uploaded by the dionaea honeypot.\n#honeypot #malware #networkworm" self.comment = comment self.cookies = {} self.loop = pyev.default_loop() self.backlog_timer = pyev.Timer(0, 20, self.loop, self.__handle_backlog_timeout) self.backlog_timer.start() p = config.get("file") self.dbh = sqlite3.connect(p) self.cursor = self.dbh.cursor() self.cursor.execute(""" CREATE TABLE IF NOT EXISTS backlogfiles ( backlogfile INTEGER PRIMARY KEY, status TEXT NOT NULL, -- new, submit, query, comment md5_hash TEXT NOT NULL, path TEXT NOT NULL, timestamp INTEGER NOT NULL, scan_id TEXT, lastcheck_time INTEGER, submit_time INTEGER );""")
def __init__(self, path): logger.debug("%s ready!" % (self.__class__.__name__)) ihandler.__init__(self, path) self.apikey = g_dionaea.config()['modules']['python'][ 'virustotal']['apikey'] self.cookies = {} self.loop = pyev.default_loop() self.backlog_timer = pyev.Timer( 0, 20, self.loop, self.__handle_backlog_timeout) self.backlog_timer.start() p = g_dionaea.config()['modules']['python']['virustotal']['file'] self.dbh = sqlite3.connect(p) self.cursor = self.dbh.cursor() self.cursor.execute(""" CREATE TABLE IF NOT EXISTS backlogfiles ( backlogfile INTEGER PRIMARY KEY, status TEXT NOT NULL, -- new, submit, query, comment md5_hash TEXT NOT NULL, path TEXT NOT NULL, timestamp INTEGER NOT NULL, scan_id TEXT, lastcheck_time INTEGER, submit_time INTEGER );""")
def __init__(self, path, config=None): logger.debug("%s ready!" % (self.__class__.__name__)) ihandler.__init__(self, path) self.bucket_name = config.get("bucket_name") self.region_name = config.get("region_name") self.access_key_id = config.get("access_key_id") self.secret_access_key = config.get("secret_access_key") self.endpoint_url = config.get("endpoint_url") self.verify = config.get("verify") self.s3_dest_folder = config.get("s3_dest_folder") self.s3 = '' self.loop = pyev.default_loop()
def __init__(self, path, config=None): logger.debug('hpfeedhandler init') self.client = hpclient(config['server'], int(config['port']), config['ident'], config['secret']) ihandler.__init__(self, path) self.dynip_resolve = config.get('dynip_resolve', '') self.dynip_timer = None self.ownip = None if self.dynip_resolve and 'http' in self.dynip_resolve: if pyev is None: logger.debug('You are missing the python pyev binding in your dionaea installation.') else: logger.debug('hpfeedihandler will use dynamic IP resolving!') self.loop = pyev.default_loop() self.dynip_timer = pyev.Timer(2., 300, self.loop, self._dynip_resolve) self.dynip_timer.start()
def __init__(self, path): logger.debug("%s ready!" % (self.__class__.__name__)) ihandler.__init__(self, path) mwsconfig = g_dionaea.config()['modules']['python']['submit_http'] self.backendurl = mwsconfig['url'] self.email = 'email' in mwsconfig and mwsconfig['email'] or '*****@*****.**' self.user = '******' in mwsconfig and mwsconfig['user'] or '' self.passwd = 'pass' in mwsconfig and mwsconfig['pass'] or '' self.cookies = {} # heartbeats dinfo = g_dionaea.version() self.software = 'dionaea {0} {1}/{2} - {3} {4}'.format( dinfo['dionaea']['version'], dinfo['compiler']['os'], dinfo['compiler']['arch'], dinfo['compiler']['date'], dinfo['compiler']['time'], ) self.loop = pyev.default_loop()
def __init__(self, path, config=None): logger.debug('hpfeedhandler init') self.client = hpclient(config['server'], int(config['port']), config['ident'], config['secret']) ihandler.__init__(self, path) self.dynip_resolve = config.get('dynip_resolve', '') self.dynip_timer = None self.ownip = None if self.dynip_resolve and 'http' in self.dynip_resolve: if pyev is None: logger.debug( 'You are missing the python pyev binding in your dionaea installation.' ) else: logger.debug('hpfeedihandler will use dynamic IP resolving!') self.loop = pyev.default_loop() self.dynip_timer = pyev.Timer(2., 300, self.loop, self._dynip_resolve) self.dynip_timer.start()
def __init__(self, path, config=None): logger.debug("%s ready!" % (self.__class__.__name__)) ihandler.__init__(self, path) self.backendurl = config.get("url") self.email = config.get("email") self.user = config.get("user", "") self.passwd = config.get("pass", "") self.cookies = {} # heartbeats #dinfo = g_dionaea.version() #self.software = 'dionaea {0} {1}/{2} - {3} {4}'.format( # dinfo['dionaea']['version'], # dinfo['compiler']['os'], # dinfo['compiler']['arch'], # dinfo['compiler']['date'], # dinfo['compiler']['time'], #) self.loop = pyev.default_loop()
def __init__(self, path): logger.debug("%s ready!" % (self.__class__.__name__)) ihandler.__init__(self, path) mwsconfig = g_dionaea.config()['modules']['python']['mwserv'] self.backendurl = mwsconfig['url'] self.maintainer = mwsconfig['maintainer'] self.guid = mwsconfig['guid'] self.secret = mwsconfig['secret'] self.cookies = {} # heartbeats dinfo = g_dionaea.version() self.software = 'dionaea {0} {1}/{2} - {3} {4}'.format( dinfo['dionaea']['version'], dinfo['compiler']['os'], dinfo['compiler']['arch'], dinfo['compiler']['date'], dinfo['compiler']['time'], ) self.loop = pyev.default_loop() self.heartbeat_timer = pyev.Timer(5., 120, self.loop, self._heartbeat) self.heartbeat_timer.start()
import logging import random import os import datetime import tempfile from dionaea.core import connection, g_dionaea, incident from dionaea import pyev, ServiceLoader from dionaea.sip.extras import msg_to_icd, SipConfig, ErrorWithResponse from dionaea.sip import rfc3261 from dionaea.sip import rfc4566 from dionaea.sip import rfc2617 # auth g_default_loop = pyev.default_loop() logger = logging.getLogger('sip') logger.setLevel(logging.DEBUG) _SipCall_sustain_timeout = 20 class AuthenticationError(Exception): """Exception class for errors occuring during SIP authentication""" # Dictionary with SIP sessions (key is Call-ID) g_call_ids = {} def cleanup(watcher, events): logger.debug("Cleanup")
import logging import random import os import datetime import tempfile from dionaea.core import connection, g_dionaea, incident from dionaea import pyev, ServiceLoader from dionaea.sip.extras import msg_to_icd, SipConfig, ErrorWithResponse from dionaea.sip import rfc3261 from dionaea.sip import rfc4566 from dionaea.sip import rfc2617 # auth g_default_loop = pyev.default_loop() g_timer_cleanup = None logger = logging.getLogger('sip') logger.setLevel(logging.DEBUG) _SipCall_sustain_timeout = 20 class AuthenticationError(Exception): """Exception class for errors occuring during SIP authentication""" # Dictionary with SIP sessions (key is Call-ID) g_call_ids = {}