diff --git a/cowrie/commands/curl.py b/cowrie/commands/curl.py index 278f5c7a..6f853491 100644 --- a/cowrie/commands/curl.py +++ b/cowrie/commands/curl.py @@ -332,7 +332,7 @@ Options: (H) means HTTP/HTTPS only, (F) means FTP only shasum=shasum) # Link friendly name to hash - os.symlink(shasum, self.safeoutfile) + # os.symlink(shasum, self.safeoutfile) # FIXME: is this necessary? # self.safeoutfile = hashPath diff --git a/cowrie/commands/ftpget.py b/cowrie/commands/ftpget.py index 5cf94baf..bb77eafb 100644 --- a/cowrie/commands/ftpget.py +++ b/cowrie/commands/ftpget.py @@ -131,7 +131,7 @@ Download a file via FTP shasum=shasum) # Link friendly name to hash - os.symlink(shasum, self.safeoutfile) + # os.symlink(shasum, self.safeoutfile) self.safeoutfile = None diff --git a/cowrie/commands/nc.py b/cowrie/commands/nc.py index 0793aca7..ac5c823a 100644 --- a/cowrie/commands/nc.py +++ b/cowrie/commands/nc.py @@ -34,6 +34,7 @@ usage: nc [-46bCDdhjklnrStUuvZz] [-I length] [-i interval] [-O length] if not args or len(args) < 2: self.help() self.exit() + return host = args[0] port = args[1] @@ -46,10 +47,10 @@ usage: nc [-46bCDdhjklnrStUuvZz] [-I length] [-i interval] [-O length] if self.protocol.cfg.has_option('honeypot', 'out_addr'): out_addr = (self.protocol.cfg.get('honeypot', 'out_addr'), 0) else: - out_addr = '0.0.0.0' + out_addr = ('0.0.0.0', 0) self.s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) - self.s.bind((out_addr, 0)) + self.s.bind(out_addr) self.s.connect((host, int(port))) self.recv_data() diff --git a/cowrie/commands/scp.py b/cowrie/commands/scp.py index 87c5a80e..cbf05833 100644 --- a/cowrie/commands/scp.py +++ b/cowrie/commands/scp.py @@ -124,7 +124,6 @@ class command_scp(HoneyPotCommand): if os.path.exists(self.safeoutfile): with open(self.safeoutfile, 'rb') as f: shasum = hashlib.sha256(data).hexdigest() - sha1sum = hashlib.sha1(data).hexdigest() hash_path = os.path.join(self.download_path_uniq, shasum) # If we have content already, delete temp file @@ -139,11 +138,10 @@ class command_scp(HoneyPotCommand): filename=os.path.basename(fname), url=fname, outfile=shasum, - shasum=shasum, - sha1=sha1sum) + shasum=shasum) # Link friendly name to hash - os.symlink(hash_path, self.safeoutfile) + # os.symlink(hash_path, self.safeoutfile) self.safeoutfile = None diff --git a/cowrie/commands/tftp.py b/cowrie/commands/tftp.py index 66931f33..70c70962 100644 --- a/cowrie/commands/tftp.py +++ b/cowrie/commands/tftp.py @@ -106,7 +106,7 @@ class command_tftp(HoneyPotCommand): shasum=shasum) # Link friendly name to hash - os.symlink(shasum, self.safeoutfile) + # os.symlink(shasum, self.safeoutfile) self.safeoutfile = None diff --git a/cowrie/commands/wget.py b/cowrie/commands/wget.py index 4d7a054f..b483ed4f 100644 --- a/cowrie/commands/wget.py +++ b/cowrie/commands/wget.py @@ -210,7 +210,7 @@ class command_wget(HoneyPotCommand): shasum=shasum) # Link friendly name to hash - os.symlink(shasum, self.safeoutfile) + # os.symlink(shasum, self.safeoutfile) self.safeoutfile = None diff --git a/cowrie/core/artifact.py b/cowrie/core/artifact.py index bfaf44d5..ee37f42d 100644 --- a/cowrie/core/artifact.py +++ b/cowrie/core/artifact.py @@ -82,11 +82,11 @@ class Artifact: else: os.rename(self.fp.name, shasumFilename) - if size>0: - linkName = self.artifactDir + "/" \ - + time.strftime('%Y%m%dT%H%M%S') \ - + "_" + re.sub('[^-A-Za-z0-9]', '_', self.label) - os.symlink(shasum, linkName) + # if size>0: + # linkName = self.artifactDir + "/" \ + # + time.strftime('%Y%m%dT%H%M%S') \ + # + "_" + re.sub('[^-A-Za-z0-9]', '_', self.label) + # os.symlink(shasum, linkName) return shasum, shasumFilename