cowrie/cowrie
1
0
Fork 0
mirror of https://github.com/cowrie/cowrie.git synced 2025-07-01 18:07:27 -04:00
Code Issues Packages Projects Releases Wiki Activity

log full protocol exchange details. to fingerprint clients

Browse Source
This commit is contained in:
Michel Oosterhof
2015-01-21 09:53:06 +00:00
parent 4e0c6d9b34
commit b05ceac704
1 changed files with 9 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
kippo/core/ssh.py
View File

@ -196,6 +196,15 @@ class HoneyPotTransport(kippo.core.sshserver.KippoSSHServerTransport):
self._hadVersion = True self._hadVersion = True
def ssh_KEXINIT(self, packet): def ssh_KEXINIT(self, packet):
k = getNS(packet[16:], 10)
strings, rest = k[:-1], k[-1]
(kexAlgs, keyAlgs, encCS, encSC, macCS, macSC, compCS, compSC, langCS, langSC) = [s.split(',') for s in strings]
log.msg('KEXINIT: client supported key exchange: %s' % kexAlgs )
log.msg('KEXINIT: client supported public keys: %s' % keyAlgs )
log.msg('KEXINIT: client supported encryption: %s' % encCS )
log.msg('KEXINIT: client supported MAC: %s' % macCS )
log.msg('KEXINIT: client supported compression: %s' % compCS )
log.msg('KEXINIT: client supported lang: %s' % langCS )
log.msg( 'Remote SSH version: %s' % self.otherVersionString,) log.msg( 'Remote SSH version: %s' % self.otherVersionString,)
return kippo.core.sshserver.KippoSSHServerTransport.ssh_KEXINIT(self, packet) return kippo.core.sshserver.KippoSSHServerTransport.ssh_KEXINIT(self, packet)