cowrie/cowrie
1
0
Fork 0
mirror of https://github.com/cowrie/cowrie.git synced 2025-07-01 18:07:27 -04:00
Code Issues Packages Projects Releases Wiki Activity

Optim (#1072)

Browse Source 
* small updates
* remove spaces from JSON to compress more
This commit is contained in:
Michel Oosterhof
2019-03-24 02:23:25 +04:00
committed by GitHub
parent 93d1c4112d
commit 0e88350ab0
9 changed files with 27 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/cowrie/core/artifact.py
View File

@ -33,9 +33,10 @@ from cowrie.core.config import CONFIG
class Artifact: class Artifact:
artifactDir = CONFIG.get('honeypot', 'download_path')
def __init__(self, label): def __init__(self, label):
self.label = label self.label = label
self.artifactDir = CONFIG.get('honeypot', 'download_path')
self.fp = tempfile.NamedTemporaryFile(dir=self.artifactDir, delete=False) self.fp = tempfile.NamedTemporaryFile(dir=self.artifactDir, delete=False)
self.tempFilename = self.fp.name self.tempFilename = self.fp.name

15
src/cowrie/insults/insults.py
View File

@ -19,19 +19,18 @@ class LoggingServerProtocol(insults.ServerProtocol):
""" """
Wrapper for ServerProtocol that implements TTY logging Wrapper for ServerProtocol that implements TTY logging
""" """
redirlogOpen = False # it will be set at core/protocol.py
stdinlogOpen = False stdinlogOpen = False
ttylogOpen = False ttylogOpen = False
redirlogOpen = False # it will be set at core/protocol.py ttylogPath = CONFIG.get('honeypot', 'ttylog_path')
downloadPath = CONFIG.get('honeypot', 'download_path')
ttylogEnabled = CONFIG.getboolean('honeypot', 'ttylog', fallback=True)
bytesReceivedLimit = CONFIG.getint('honeypot', 'download_limit_size', fallback=0)
bytesReceived = 0
redirFiles = set()
def __init__(self, prot=None, *a, **kw): def __init__(self, prot=None, *a, **kw):
insults.ServerProtocol.__init__(self, prot, *a, **kw) insults.ServerProtocol.__init__(self, prot, *a, **kw)
self.bytesReceived = 0
self.ttylogPath = CONFIG.get('honeypot', 'ttylog_path')
self.downloadPath = CONFIG.get('honeypot', 'download_path')
self.ttylogEnabled = CONFIG.getboolean('honeypot', 'ttylog', fallback=True)
self.bytesReceivedLimit = CONFIG.getint('honeypot', 'download_limit_size', fallback=0)
self.redirFiles = set()
if prot is protocol.HoneyPotExecProtocol: if prot is protocol.HoneyPotExecProtocol:
self.type = 'e' # Execcmd self.type = 'e' # Execcmd

4
src/cowrie/output/greynoise.py
View File

@ -4,8 +4,6 @@ Send attackers IP to GreyNoise
from __future__ import absolute_import, division from __future__ import absolute_import, division
from http import HTTPStatus
import treq import treq
from twisted.internet import defer from twisted.internet import defer
@ -56,7 +54,7 @@ class Output(cowrie.core.output.Output):
data=fields, data=fields,
headers=headers) headers=headers)
if response.code != HTTPStatus.OK: if response.code != 200:
message = yield response.text() message = yield response.text()
log.error("greynoise: got error {}".format(message)) log.error("greynoise: got error {}".format(message))
return return

2
src/cowrie/output/jsonlog.py
View File

@ -59,6 +59,6 @@ class Output(cowrie.core.output.Output):
# Remove twisted 15 legacy keys # Remove twisted 15 legacy keys
if i.startswith('log_') or i == 'time' or i == 'system': if i.startswith('log_') or i == 'time' or i == 'system':
del logentry[i] del logentry[i]
json.dump(logentry, self.outfile) json.dump(logentry, self.outfile, separators=(',', ':'))
self.outfile.write('\n') self.outfile.write('\n')
self.outfile.flush() self.outfile.flush()

9
src/cowrie/shell/filetransfer.py
View File

@ -25,13 +25,16 @@ from cowrie.core.config import CONFIG
@implementer(ISFTPFile) @implementer(ISFTPFile)
class CowrieSFTPFile(object): class CowrieSFTPFile(object):
"""
SFTPTFile
"""
transfer_completed = 0
bytesReceived = 0
bytesReceivedLimit = CONFIG.getint('honeypot', 'download_limit_size', fallback=0)
def __init__(self, sftpserver, filename, flags, attrs): def __init__(self, sftpserver, filename, flags, attrs):
self.sftpserver = sftpserver self.sftpserver = sftpserver
self.filename = filename self.filename = filename
self.transfer_completed = 0
self.bytesReceived = 0
self.bytesReceivedLimit = CONFIG.getint('honeypot', 'download_limit_size', fallback=0)
openFlags = 0 openFlags = 0
if flags & FXF_READ == FXF_READ and flags & FXF_WRITE == 0: if flags & FXF_READ == FXF_READ and flags & FXF_WRITE == 0:

3
src/cowrie/shell/server.py
View File

@ -51,10 +51,9 @@ class CowrieServer(object):
fs = None fs = None
process = None process = None
avatars = [] avatars = []
hostname = CONFIG.get('honeypot', 'hostname')
def __init__(self, realm): def __init__(self, realm):
self.hostname = CONFIG.get('honeypot', 'hostname')
try: try:
arches = [arch.strip() for arch in CONFIG.get('shell', 'arch').split(',')] arches = [arch.strip() for arch in CONFIG.get('shell', 'arch').split(',')]
self.arch = random.choice(arches) self.arch = random.choice(arches)

9
src/cowrie/ssh/channel.py
View File

@ -28,6 +28,10 @@ class CowrieSSHChannel(channel.SSHChannel):
bytesWritten = 0 bytesWritten = 0
name = b'cowrie-ssh-channel' name = b'cowrie-ssh-channel'
startTime = None startTime = None
ttylogPath = CONFIG.get('honeypot', 'log_path')
downloadPath = CONFIG.get('honeypot', 'download_path')
ttylogEnabled = CONFIG.getboolean('honeypot', 'ttylog', fallback=True)
bytesReceivedLimit = CONFIG.getint('honeypot', 'download_limit_size', fallback=0)
def __repr__(self): def __repr__(self):
""" """
@ -42,11 +46,6 @@ class CowrieSSHChannel(channel.SSHChannel):
""" """
Initialize logging Initialize logging
""" """
self.ttylogPath = CONFIG.get('honeypot', 'log_path')
self.downloadPath = CONFIG.get('honeypot', 'download_path')
self.ttylogEnabled = CONFIG.getboolean('honeypot', 'ttylog', fallback=True)
self.bytesReceivedLimit = CONFIG.getint('honeypot', 'download_limit_size', fallback=0)
channel.SSHChannel.__init__(self, *args, **kw) channel.SSHChannel.__init__(self, *args, **kw)
def channelOpen(self, specificData): def channelOpen(self, specificData):

5
src/cowrie/ssh/transport.py
View File

@ -28,6 +28,7 @@ from cowrie.core.config import CONFIG
class HoneyPotSSHTransport(transport.SSHServerTransport, TimeoutMixin): class HoneyPotSSHTransport(transport.SSHServerTransport, TimeoutMixin):
startTime = None startTime = None
gotVersion = False gotVersion = False
ipv4rex = re.compile(r'^::ffff:(\d+\.\d+\.\d+\.\d+)$')
def __repr__(self): def __repr__(self):
""" """
@ -45,8 +46,8 @@ class HoneyPotSSHTransport(transport.SSHServerTransport, TimeoutMixin):
""" """
self.transportId = uuid.uuid4().hex[:12] self.transportId = uuid.uuid4().hex[:12]
src_ip = self.transport.getPeer().host src_ip = self.transport.getPeer().host
ipv4rex = re.compile(r'^::ffff:(\d+\.\d+\.\d+\.\d+)$')
ipv4_search = ipv4rex.search(src_ip) ipv4_search = self.ipv4rex.search(src_ip)
if ipv4_search is not None: if ipv4_search is not None:
src_ip = ipv4_search.group(1) src_ip = ipv4_search.group(1)

5
src/cowrie/telnet/session.py
View File

@ -24,6 +24,8 @@ from cowrie.shell import pwd
class HoneyPotTelnetSession(TelnetBootstrapProtocol): class HoneyPotTelnetSession(TelnetBootstrapProtocol):
id = 0 # telnet can only have 1 simultaneous session, unlike SSH id = 0 # telnet can only have 1 simultaneous session, unlike SSH
windowSize = [40, 80] windowSize = [40, 80]
# to be populated by HoneyPotTelnetAuthProtocol after auth
transportId = None
def __init__(self, username, server): def __init__(self, username, server):
self.username = username.decode() self.username = username.decode()
@ -54,9 +56,6 @@ class HoneyPotTelnetSession(TelnetBootstrapProtocol):
# required because HoneyPotBaseProtocol relies on avatar.avatar.home # required because HoneyPotBaseProtocol relies on avatar.avatar.home
self.avatar = self self.avatar = self
# to be populated by HoneyPotTelnetAuthProtocol after auth
self.transportId = None
# Do the delayed file system initialization # Do the delayed file system initialization
self.server.initFileSystem() self.server.initFileSystem()