split SSHESSionforConchUser and ConchUser

2025-07-01 18:07:27 -04:00 · 2015-11-06 18:42:45 +00:00
parent 42a735da17
commit 8877497a97
4 changed files with 46 additions and 21 deletions
--- a/cowrie/core/honeypot.py
+++ b/cowrie/core/honeypot.py
@ -159,11 +159,11 @@ class HoneyPotShell(object):
            prompt += '$ '    # "Non-Root" user

        path = self.protocol.cwd
-        homelen = len(self.protocol.user.home)
-        if path == self.protocol.user.home:
+        homelen = len(self.protocol.user.avatar.home)
+        if path == self.protocol.user.avatar.home:
            path = '~'
        elif len(path) > (homelen+1) and \
-                path[:(homelen+1)] == self.protocol.user.home + '/':
+                path[:(homelen+1)] == self.protocol.user.avatar.home + '/':
            path = '~' + path[homelen:]
        # Uncomment the three lines below for a 'better' CentOS look.
        # Rather than '[root@svr03 /var/log]#' is shows '[root@svr03 log]#'.
--- a/cowrie/core/protocol.py
+++ b/cowrie/core/protocol.py
@ -22,8 +22,8 @@ class HoneyPotBaseProtocol(insults.TerminalProtocol, TimeoutMixin):
        self.cfg = self.user.cfg
        self.hostname = avatar.server.hostname
        self.fs = avatar.server.fs
-        if self.fs.exists(avatar.home):
-            self.cwd = avatar.home
+        if self.fs.exists(avatar.avatar.home):
+            self.cwd = avatar.avatar.home
        else:
            self.cwd = '/'

--- a/cowrie/core/realm.py
+++ b/cowrie/core/realm.py
@ -62,7 +62,7 @@ class HoneyPotRealm:

        if conchinterfaces.IConchUser in interfaces:
            return interfaces[0], \
-                ssh.HoneyPotAvatar(avatarId, server.CowrieServer(self.cfg)), lambda:None
+                ssh.CowrieUser(avatarId, server.CowrieServer(self.cfg)), lambda:None
        else:
            raise Exception("No supported interfaces found.")

--- a/cowrie/core/ssh.py
+++ b/cowrie/core/ssh.py
@ -410,24 +410,18 @@ class HoneyPotSSHSession(session.SSHSession):
    def channelClosed(self):
        log.msg("Called channelClosed in SSHSession")

-class HoneyPotAvatar(avatar.ConchUser):
-    # FIXME: recent twisted conch avatar.py uses IConchuser here
-    implements(conchinterfaces.ISession)
+class CowrieUser(avatar.ConchUser):
+    implements(conchinterfaces.IConchUser)

    def __init__(self, username, server):
        avatar.ConchUser.__init__(self)
        self.username = username
-	self.server = server
-	self.cfg = self.server.cfg
-        self.protocol = None
+        self.server = server
+        self.cfg = self.server.cfg

-        self.channelLookup.update({'session': HoneyPotSSHSession})
-        self.channelLookup['direct-tcpip'] = CowrieOpenConnectForwardingClient
-
-        # sftp support enabled only when option is explicitly set
-        if self.cfg.has_option('honeypot', 'sftp_enabled'):
-            if (self.cfg.get('honeypot', 'sftp_enabled') == "true"):
-                self.subsystemLookup['sftp'] = filetransfer.FileTransferServer
+        self.channelLookup.update(
+            {"session": HoneyPotSSHSession,
+             "direct-tcpip": CowrieOpenConnectForwardingClient})

        self.uid = self.gid = auth.UserDB(self.cfg).getUID(self.username)
        if not self.uid:
@ -435,6 +429,36 @@ class HoneyPotAvatar(avatar.ConchUser):
        else:
            self.home = '/home/' + username

+        # sftp support enabled only when option is explicitly set
+        if self.cfg.has_option('honeypot', 'sftp_enabled'):
+            if (self.cfg.get('honeypot', 'sftp_enabled') == "true"):
+                self.subsystemLookup['sftp'] = filetransfer.FileTransferServer
+
+    def logout(self):
+        log.msg(
+            'avatar %s logging out'
+            % (self.username,))
+
+class SSHSessionForCowrieUser:
+    implements(conchinterfaces.ISession)
+
+    def __init__(self, avatar, reactor=None):
+        """
+        Construct an C{SSHSessionForCowrwieUser}.
+
+        @param avatar: The L{CowrieUser} for whom this is an SSH session.
+        @param reactor: An L{IReactorProcess} used to handle shell and exec
+            requests. Uses the default reactor if None.
+        """
+        self.protocol = None
+        self.environ = {'PATH': '/bin:/usr/bin:/usr/local/bin'}
+        self.avatar = avatar
+        self.server = avatar.server
+        self.cfg = avatar.cfg
+        self.uid = avatar.uid
+        self.username = avatar.username
+
+
    def openShell(self, proto):
        serverProtocol = protocol.LoggingServerProtocol(
            protocol.HoneyPotInteractiveProtocol, self)
@ -598,7 +622,7 @@ class CowrieSFTPDirectory:
    def close(self):
        self.files = []

-class CowrieSFTPServer:
+class SFTPServerForCowrieUser:
    implements(conchinterfaces.ISFTPServer)

    def __init__(self, avatar):
@ -689,7 +713,8 @@ class CowrieSFTPServer:
    def extendedRequest(self, extName, extData):
        raise NotImplementedError

-components.registerAdapter(CowrieSFTPServer, HoneyPotAvatar, conchinterfaces.ISFTPServer)
+components.registerAdapter(SFTPServerForCowrieUser, CowrieUser, conchinterfaces.ISFTPServer)
+components.registerAdapter(SSHSessionForCowrieUser, CowrieUser, session.ISession)

 def CowrieOpenConnectForwardingClient(remoteWindow, remoteMaxPacket, data, avatar):
    remoteHP, origHP = twisted.conch.ssh.forwarding.unpackOpen_direct_tcpip(data)