-
Notifications
You must be signed in to change notification settings - Fork 84
/
honeypot.py
93 lines (78 loc) · 2.02 KB
/
honeypot.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
import os
import sys
import signal
import json
import socket
from honeypot.telnet import Telnetd
from honeypot.client import Client
from honeypot.session import Session
from honeypot.shell.shell import test_shell
from util.dbg import dbg
from util.config import config
srv = None
def import_file(fname):
with open(fname, "rb") as fp:
client = Client()
for line in fp:
line = line.strip()
obj = json.loads(line)
if obj["type"] == "connection":
if obj["ip"] != None:
print "conn " + obj["ip"]
client.put_session(obj)
if obj["type"] == "sample":
print "sample " + obj["sha256"]
client.put_sample_info(obj)
def rerun_file(fname):
with open(fname, "rb") as fp:
for line in fp:
line = line.strip()
obj = json.loads(line)
if obj["type"] == "connection":
if obj["ip"] == None: continue
session = Session(sys.stdout.write, obj["ip"])
session.login(obj["user"], obj["pass"])
for event in obj["stream"]:
if not(event["in"]): continue
sys.stdout.write(event["data"])
session.shell(event["data"].strip())
session.end()
def signal_handler(signal, frame):
dbg('Ctrl+C')
srv.stop()
if not os.path.exists("samples"):
os.makedirs("samples")
if __name__ == "__main__":
action = None
configFile = None
i = 0
while i+1 < len(sys.argv):
i += 1
arg = sys.argv[i]
if arg == "-c":
if i+1 < len(sys.argv):
configFile = sys.argv[i+1]
print "Using config file " + configFile
i += 1
continue
else:
print "warning: expected argument after \"-c\""
else:
action = arg
if configFile:
config.loadUserConfig(configFile)
if action == None:
socket.setdefaulttimeout(15)
srv = Telnetd(config.get("telnet_addr"), config.get("telnet_port"))
signal.signal(signal.SIGINT, signal_handler)
srv.run()
elif action == "import":
fname = sys.argv[2]
import_file(fname)
elif action == "rerun":
fname = sys.argv[2]
rerun_file(fname)
elif action == "shell":
test_shell()
else:
print "Command " + action + " unknown."