def connectionLost(self, reason): self.setTimeout(None) print "Connection #%s closed: %s" % (self._sessionid, self._srcip) category = "Other" if self.lastaction == "CONNECTED": category = "Recon.Scanning" elif self.lastaction == "BREAKPOINT": category = "Attempt.Exploit" data = ''.join(self._data) data2log = { "detect_time" : self._dtime, "proto" : self._proto, "src_ip" : self._srcip, "src_port" : self._srcport, "dst_ip" : self._socket[0], "dst_port" : self._socket[1], "category" : category, "method" : self.method, "cstring" : self.cstring, "data" : w3u.hexdump(data) } logger.info(json.dumps(data2log))
def connectionLost(self, reason): data = ''.join(self._data) data2log = { "detect_time" : self._dtime, "proto" : [self._proto], "src_ip" : self._peer.host, "src_port" : self._peer.port, "dst_ip" : self._socket[0], "dst_port" : self._socket[1], "smart" : "", "decoded" : "", "data" : w3u.hexdump(data), } data2log = self.proto_detection(data2log, data) logger.info(json.dumps(data2log))