From 1f443b98444386e64cd90821699c6e943db3ca38 Mon Sep 17 00:00:00 2001 From: Julius ter Pelkwijk Date: Sat, 2 Jan 2021 05:46:28 +0100 Subject: [PATCH] Treat python stdin as sourcefile (#1474) Attacker used ```wget | python -``` as a means to quickly execute code. This small fix treats the python stdin as a real file and does not output "Errno 2". --- src/cowrie/commands/python.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/cowrie/commands/python.py b/src/cowrie/commands/python.py index bd11e82c..45cc0e96 100644 --- a/src/cowrie/commands/python.py +++ b/src/cowrie/commands/python.py @@ -104,7 +104,7 @@ class command_python(HoneyPotCommand): for value in args: sourcefile = self.fs.resolve_path(value, self.protocol.cwd) - if self.fs.exists(sourcefile): + if self.fs.exists(sourcefile) or value == '-': self.exit() else: