remove environment. a few other optimizations. better cleanup

2025-07-01 18:07:27 -04:00 · 2015-11-04 23:32:28 +04:00
parent 629d4da24e
commit 1387cb878e
5 changed files with 56 additions and 52 deletions
--- a/cowrie/core/honeypot.py
+++ b/cowrie/core/honeypot.py
@ -11,6 +11,7 @@ from twisted.python import log
 from . import fs

 class HoneyPotCommand(object):
+
    def __init__(self, protocol, *args):
 	self.protocol = protocol
        self.args = args
@ -25,7 +26,7 @@ class HoneyPotCommand(object):
        self.exit()

    def call(self):
-        self.protocol.writeln('Hello World! [%s]' % (repr(self.args),))
+        self.writeln('Hello World! [%s]' % (repr(self.args),))

    def exit(self):
        self.protocol.cmdstack.pop()
@ -258,17 +259,3 @@ class HoneyPotShell(object):
        self.protocol.lineBufferIndex = len(self.protocol.lineBuffer)
        self.protocol.terminal.write(newbuf)

-class HoneyPotEnvironment(object):
-    """
-    """
-    def __init__(self, cfg):
-        self.cfg = cfg
-        self.commands = {}
-
-        import cowrie.commands
-        for c in cowrie.commands.__all__:
-            module = __import__('cowrie.commands.%s' % (c,),
-                globals(), locals(), ['commands'])
-            self.commands.update(module.commands)
-
-# vim: set sw=4 et:
--- a/cowrie/core/protocol.py
+++ b/cowrie/core/protocol.py
@ -16,18 +16,26 @@ from . import ttylog
 from . import utils

 class HoneyPotBaseProtocol(insults.TerminalProtocol, TimeoutMixin):
+
    def __init__(self, avatar):
        self.user = avatar
-        self.env = avatar.env
-        self.cfg = self.env.cfg
+        self.cfg = self.user.cfg
        self.hostname = avatar.server.hostname
        self.fs = avatar.server.fs
        if self.fs.exists(avatar.home):
            self.cwd = avatar.home
        else:
            self.cwd = '/'
+
        # commands is also a copy so we can add stuff on the fly
-        self.commands = copy.copy(self.env.commands)
+        # self.commands = copy.copy(self.commands)
+	self.commands = {}
+        import cowrie.commands
+        for c in cowrie.commands.__all__:
+            module = __import__('cowrie.commands.%s' % (c,),
+                globals(), locals(), ['commands'])
+            self.commands.update(module.commands)
+
        self.password_input = False
        self.cmdstack = []

@ -54,14 +62,14 @@ class HoneyPotBaseProtocol(insults.TerminalProtocol, TimeoutMixin):
        if self.cfg.has_option('honeypot', 'internet_facing_ip'):
            self.kippoIP = self.cfg.get('honeypot', 'internet_facing_ip')
        else:
-            # Hack to get ip
            try:
                s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
                s.connect(("8.8.8.8", 80))
                self.kippoIP = s.getsockname()[0]
-                s.close()
            except:
                self.kippoIP = '192.168.0.1'
+	    finally:
+		s.close()

    def timeoutConnection(self):
        self.writeln( 'timed out waiting for input: auto-logout' )
@ -69,13 +77,16 @@ class HoneyPotBaseProtocol(insults.TerminalProtocol, TimeoutMixin):
        self.terminal.transport.session.sendClose()

    # this is only called on explicit logout, not on disconnect
-    # this indicates the closing of the channel/session, not the closing of the connection
+    # this indicates the closing of the channel/session, not the closing of the transport
    def connectionLost(self, reason):
-        pass
-        # not sure why i need to do this:
-        # scratch that, these don't seem to be necessary anymore:
-        #del self.fs
-        #del self.commands
+	self.terminal = None # (this should be done by super below)
+	insults.TerminalProtocol.connectionLost(self, reason)
+	self.cmdstack = None
+	del self.commands
+	self.fs = None
+	self.cfg = None
+	self.user = None
+        log.msg( "honeypot terminal protocol connection lost %s" % reason)

    def txtcmd(self, txt):
        class command_txtcmd(honeypot.HoneyPotCommand):
@ -103,7 +114,7 @@ class HoneyPotBaseProtocol(insults.TerminalProtocol, TimeoutMixin):
                    path = i
                    break
        txt = os.path.normpath('%s/%s' % \
-            (self.env.cfg.get('honeypot', 'txtcmds_path'), path))
+            (self.cfg.get('honeypot', 'txtcmds_path'), path))
        if os.path.exists(txt) and os.path.isfile(txt):
            return self.txtcmd(txt)
        if path in self.commands:
@ -153,6 +164,7 @@ class HoneyPotExecProtocol(HoneyPotBaseProtocol):
        self.cmdstack = [honeypot.HoneyPotShell(self, interactive=False)]
        self.cmdstack[0].lineReceived(self.execcmd)

+
 class HoneyPotInteractiveProtocol(HoneyPotBaseProtocol, recvline.HistoricRecvLine):

    def __init__(self, avatar):
@ -195,7 +207,7 @@ class HoneyPotInteractiveProtocol(HoneyPotBaseProtocol, recvline.HistoricRecvLin
        endtime = time.strftime('%H:%M',
            time.localtime(time.time()))
        duration = utils.durationHuman(time.time() - self.logintime)
-        f = file('%s/lastlog.txt' % self.env.cfg.get('honeypot', 'data_path'), 'a')
+        f = file('%s/lastlog.txt' % self.cfg.get('honeypot', 'data_path'), 'a')
        f.write('root\tpts/0\t%s\t%s - %s (%s)\n' % \
            (self.clientIP, starttime, endtime, duration))
        f.close()
@ -312,7 +324,8 @@ class LoggingServerProtocol(insults.ServerProtocol):
    # FIXME: this method is called 4 times on logout....
    # it's called once from Avatar.closed() if disconnected
    def connectionLost(self, reason):
-        # log.msg("received call to LSP.connectionLost")
+	self.cfg = None
+        log.msg("received call to LSP.connectionLost")
        transport = self.transport.session.conn.transport
        if self.ttylog_open:
            log.msg(eventid='KIPP0012', format='Closing TTY Log: %(ttylog)s',
--- a/cowrie/core/realm.py
+++ b/cowrie/core/realm.py
@ -44,23 +44,25 @@ class HoneyPotRealm:
    
    def __init__(self, cfg):
        self.cfg = cfg
-	self.servers = {}
+	# self.servers = {}

    def requestAvatar(self, avatarId, mind, *interfaces):

-        if mind in self.servers:
-	    log.msg( "Using existing server for mind %s" % mind )
-	else:
-	    log.msg( "Starting new server for mind %s" % mind )
-	    self.servers[mind] = _server = server.CowrieServer(self.cfg)
+        # if mind in self.servers:
+	#    log.msg( "Using existing server for mind %s" % mind )
+        #    for i in self.servers[mind].avatars:
+	#	log.msg( "attached avatar: %s" % repr(i) )
+	#else:
+	#    log.msg( "Starting new server for mind %s" % mind )
+	#    self.servers[mind] = server.CowrieServer(self.cfg)

-	for i in list(self.servers.keys()):
-	    log.msg( "REFCOUNT: key: %s, refcount %d" % ( i, sys.getrefcount(self.servers[i])))
-	    log.msg( "Refer: %s" % repr( gc.get_referrers(self.servers[i])))
+	# for i in list(self.servers.keys()):
+        #    log.msg( "REFCOUNT: key: %s, refcount %d" % ( i, sys.getrefcount(self.servers[i])))
+	#    log.msg( "Refer: %s" % repr( gc.get_referrers(self.servers[i])))

        if conchinterfaces.IConchUser in interfaces:
            return interfaces[0], \
-                ssh.HoneyPotAvatar(avatarId, self.servers[mind]), lambda: None
+                ssh.HoneyPotAvatar(avatarId, server.CowrieServer(self.cfg)), lambda:None
        else:
            raise Exception("No supported interfaces found.")

--- a/cowrie/core/server.py
+++ b/cowrie/core/server.py
@ -26,7 +26,6 @@
 # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 # SUCH DAMAGE.

-import copy
 import pickle

 import twisted.python.log as log
@ -45,9 +44,8 @@ class CowrieServer:
    """
    def __init__(self, cfg):
 	self.cfg = cfg
-        self.env = honeypot.HoneyPotEnvironment(cfg)
+	self.avatars = []
        self.hostname = self.cfg.get('honeypot', 'hostname')
-        log.msg ("Loading pickle file...")
-        self.pickle = pickle.load(file(cfg.get('honeypot', 'filesystem_file'), 'rb'))
-        self.fs = fs.HoneyPotFilesystem(self.pickle,self.cfg)
+        pckl = pickle.load(file(cfg.get('honeypot', 'filesystem_file'), 'rb'))
+        self.fs = fs.HoneyPotFilesystem(pckl,self.cfg)

--- a/cowrie/core/ssh.py
+++ b/cowrie/core/ssh.py
@ -39,9 +39,8 @@ class HoneyPotSSHUserAuthServer(userauth.SSHUserAuthServer):
        if self.bannerSent:
            return
        self.bannerSent = True
-        cfg = self.portal.realm.cfg
        try:
-            honeyfs = cfg.get('honeypot', 'contents_path')
+            honeyfs = self.portal.realm.cfg.get('honeypot', 'contents_path')
            issuefile = honeyfs + "/etc/issue.net"
            data = file(issuefile).read()
        except IOError:
@ -219,6 +218,8 @@ class HoneyPotSSHFactory(factory.SSHFactory):
        @return: The built transport.
        """

+	log.msg(" MICHEL: currently open session %s" % self.sessions )
+
        _modulis = '/etc/ssh/moduli', '/private/etc/moduli'

        # FIXME: try to mimic something real 100%
@ -343,6 +344,8 @@ class HoneyPotTransport(transport.SSHServerTransport):
        if self.transport.sessionno in self.factory.sessions:
            del self.factory.sessions[self.transport.sessionno]
        transport.SSHServerTransport.connectionLost(self, reason)
+	self.transport.connectionLost(reason)
+	self.transport = None
        log.msg(eventid='KIPP0011', format='Connection lost')

    def sendDisconnect(self, reason, desc):
@ -418,18 +421,18 @@ class HoneyPotAvatar(avatar.ConchUser):
        self.username = username
 	self.server = server
 	self.cfg = self.server.cfg
-        self.env = self.server.env
        self.protocol = None
+	self.IAMAVATAR = server

        self.channelLookup.update({'session': HoneyPotSSHSession})
        self.channelLookup['direct-tcpip'] = CowrieOpenConnectForwardingClient

        # sftp support enabled only when option is explicitly set
-        if self.env.cfg.has_option('honeypot', 'sftp_enabled'):
-            if (self.env.cfg.get('honeypot', 'sftp_enabled') == "true"):
+        if self.cfg.has_option('honeypot', 'sftp_enabled'):
+            if (self.cfg.get('honeypot', 'sftp_enabled') == "true"):
                self.subsystemLookup['sftp'] = filetransfer.FileTransferServer

-        self.uid = self.gid = auth.UserDB(self.env.cfg).getUID(self.username)
+        self.uid = self.gid = auth.UserDB(self.cfg).getUID(self.username)
        if not self.uid:
            self.home = '/root'
        else:
@ -465,6 +468,7 @@ class HoneyPotAvatar(avatar.ConchUser):
    def closed(self):
        if self.protocol:
            self.protocol.connectionLost("disconnected")
+            self.protocol = None

    def eofReceived(self):
        pass