Scribd
Upload
10 views3 pages

Class HoneyPotProtocol (Recvline - His

Uploaded by

Kha Nguyễn
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
10 views3 pages

Class HoneyPotProtocol (Recvline - His

Uploaded by

Kha Nguyễn
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 3

class HoneyPotProtocol(recvline.

HistoricRecvLine):
def __init__(self, user, env):
self.user = user
self.env = env
self.hostname = self.env.cfg.get('honeypot', 'hostname')
self.fs = fs.HoneyPotFilesystem(deepcopy(self.env.fs))
if self.fs.exists(user.home):
self.cwd = user.home
else:
self.cwd = '/'
# commands is also a copy so we can add stuff on the fly
self.commands = copy(self.env.commands)
self.password_input = False
self.cmdstack = []
self.DB = DB(config())

def logDispatch(self, msg):


transport = self.terminal.transport.session.conn.transport
msg = ':dispatch: ' + msg
transport.factory.logDispatch(transport.transport.sessionno, msg)

def connectionMade(self):
recvline.HistoricRecvLine.connectionMade(self)
self.displayMOTD()
self.cmdstack = [HoneyPotShell(self)]

transport = self.terminal.transport.session.conn.transport
transport.factory.sessions[transport.transport.sessionno] = self

self.realClientIP = transport.transport.getPeer().host
self.clientVersion = transport.otherVersionString
self.logintime = transport.logintime
self.ttylog_file = transport.ttylog_file

# source IP of client in user visible reports (can be fake or real)


cfg = config()
if cfg.has_option('honeypot', 'fake_addr'):
self.clientIP = cfg.get('honeypot', 'fake_addr')
else:
self.clientIP = self.realClientIP

self.keyHandlers.update({
'\x04': self.handle_CTRL_D,
'\x15': self.handle_CTRL_U,
'\x03': self.handle_CTRL_C,
'\x09': self.handle_TAB,
})

def displayMOTD(self):
try:
self.writeln(self.fs.file_contents('/etc/motd'))
except:
pass

# this doesn't seem to be called upon disconnect, so please use


# HoneyPotTransport.connectionLost instead
def connectionLost(self, reason):
recvline.HistoricRecvLine.connectionLost(self, reason)
# not sure why i need to do this:
# scratch that, these don't seem to be necessary anymore:
#del self.fs
#del self.commands

# Overriding to prevent terminal.reset()


def initializeScreen(self):
self.setInsertMode()

def txtcmd(self, txt):


class command_txtcmd(HoneyPotCommand):
def call(self):
print('Reading txtcmd from "%s"' % txt)
f = file(txt, 'r')
self.write(f.read())
f.close()
return command_txtcmd

def getCommand(self, cmd, paths):


self.cmd = cmd
if not len(cmd.strip()):
return None
path = None
if cmd in self.commands:
self.cmd = cmd
return self.commands[cmd]
ret.setCmd(cmd)
return ret

if cmd[0] in ('.', '/'):


path = self.fs.resolve_path(cmd, self.cwd)
if not self.fs.exists(path):
return None
else:
for i in ['%s/%s' % (self.fs.resolve_path(x, self.cwd), cmd) \
for x in paths]:
if self.fs.exists(i):
path = i
break
txt = os.path.abspath('%s/%s' % \
(self.env.cfg.get('honeypot', 'txtcmds_path'), path))
if os.path.exists(txt) and os.path.isfile(txt):
return self.txtcmd(txt)
if path in self.commands:
return self.commands[path]
return None

def lineReceived(self, line):


if len(self.cmdstack):
self.cmdstack[-1].lineReceived(line)

def keystrokeReceived(self, keyID, modifier):


transport = self.terminal.transport.session.conn.transport
if type(keyID) == type(''):
ttylog.ttylog_write(transport.ttylog_file, len(keyID),
ttylog.TYPE_INPUT, time.time(), keyID)
recvline.HistoricRecvLine.keystrokeReceived(self, keyID, modifier)

# Easier way to implement password input?


def characterReceived(self, ch, moreCharactersComing):
if self.mode == 'insert':
self.lineBuffer.insert(self.lineBufferIndex, ch)
else:
self.lineBuffer[self.lineBufferIndex:self.lineBufferIndex+1] = [ch]
self.lineBufferIndex += 1
if not self.password_input:
self.terminal.write(ch)

def writeln(self, data):


self.terminal.write(data)
self.terminal.nextLine()

def call_command(self, cmd, *args):


obj = cmd(self, *args)
self.cmdstack.append(obj)
self.setTypeoverMode()
obj.start()

def handle_RETURN(self):
if len(self.cmdstack) == 1:
if self.lineBuffer:
self.historyLines.append(''.join(self.lineBuffer))
self.historyPosition = len(self.historyLines)
return recvline.RecvLine.handle_RETURN(self)

def handle_CTRL_C(self):
self.cmdstack[-1].ctrl_c()

def handle_CTRL_U(self):
for i in range(self.lineBufferIndex):
self.terminal.cursorBackward()
self.terminal.deleteCharacter()
self.lineBuffer = self.lineBuffer[self.lineBufferIndex:]
self.lineBufferIndex = 0

def handle_CTRL_D(self):
self.call_command(self.commands['exit'])

def handle_TAB(self):
self.cmdstack[-1].handle_TAB()

def addInteractor(self, interactor):


transport = self.terminal.transport.session.conn.transport
transport.interactors.append(interactor)

def delInteractor(self, interactor):


transport = self.terminal.transport.session.conn.transport
transport.interactors.remove(interactor)

def uptime(self, reset = None):


transport = self.terminal.transport.session.conn.transport
r = time.time() - transport.factory.starttime
if reset:
transport.factory.starttime = reset
return r

You might also like