From 02e8e24493edd855ce3b9a738a876a36b27b75be Mon Sep 17 00:00:00 2001 From: Michel Oosterhof Date: Mon, 11 May 2020 11:00:38 +0800 Subject: [PATCH] Hpfeeds3 hex2 (#1350) * use hex() rather than encode('hex') to avoid UTF parsing failures --- src/cowrie/output/hpfeeds.py | 2 +- src/cowrie/output/hpfeeds3.py | 2 +- src/cowrie/output/mongodb.py | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/src/cowrie/output/hpfeeds.py b/src/cowrie/output/hpfeeds.py index f2c00166..5229a378 100644 --- a/src/cowrie/output/hpfeeds.py +++ b/src/cowrie/output/hpfeeds.py @@ -321,7 +321,7 @@ class Output(cowrie.core.output.Output): elif entry["eventid"] == 'cowrie.log.closed': # entry["ttylog"] with open(entry["ttylog"]) as ttylog: - self.meta[session]['ttylog'] = ttylog.read().encode('hex') + self.meta[session]['ttylog'] = ttylog.read().hex() elif entry["eventid"] == 'cowrie.session.closed': log.msg('publishing metadata to hpfeeds') diff --git a/src/cowrie/output/hpfeeds3.py b/src/cowrie/output/hpfeeds3.py index 1460b53e..6050549a 100644 --- a/src/cowrie/output/hpfeeds3.py +++ b/src/cowrie/output/hpfeeds3.py @@ -107,7 +107,7 @@ class Output(cowrie.core.output.Output): elif entry["eventid"] == 'cowrie.log.closed': # entry["ttylog"] with open(entry["ttylog"]) as ttylog: - self.meta[session]['ttylog'] = ttylog.read().encode('hex') + self.meta[session]['ttylog'] = ttylog.read().hex() elif entry["eventid"] == 'cowrie.session.closed': meta = self.meta.pop(session, None) diff --git a/src/cowrie/output/mongodb.py b/src/cowrie/output/mongodb.py index fb0e565a..d019a79c 100644 --- a/src/cowrie/output/mongodb.py +++ b/src/cowrie/output/mongodb.py @@ -116,7 +116,7 @@ class Output(cowrie.core.output.Output): # ToDo Compress to opimise the space and if your sending to remote db with open(entry["ttylog"]) as ttylog: entry['ttylogpath'] = entry['ttylog'] - entry['ttylog'] = ttylog.read().encode('hex') + entry['ttylog'] = ttylog.read().hex() self.insert_one(self.col_ttylog, entry) elif eventid == 'cowrie.client.fingerprint':