mirror of https://github.com/cowrie/cowrie.git
Remove empty tftp files, double logging fix (#430)
* Remove empty tftp files, double logging fix * Remove duplicate of os.symlink() call, add transportID, sessionID to safeoutfile name * Remove empty file in case of exception
This commit is contained in:
fe7ch
Michel Oosterhof
parent
fbf2dbaf3c
commit
8307b86e4d
|
|
@ -56,10 +56,12 @@ class command_tftp(HoneyPotCommand):
|
|||
|
||||
self.download_path = cfg.get('honeypot', 'download_path')
|
||||
|
||||
self.safeoutfile = '%s/%s_%s' % \
|
||||
(self.download_path,
|
||||
time.strftime('%Y%m%d%H%M%S'),
|
||||
re.sub('[^A-Za-z0-9]', '_', self.file_to_get))
|
||||
tmp_fname = '%s_%s_%s_%s' % \
|
||||
(time.strftime('%Y%m%d%H%M%S'),
|
||||
self.protocol.getProtoTransport().transportId,
|
||||
self.protocol.terminal.transport.session.id,
|
||||
re.sub('[^A-Za-z0-9]', '_', self.file_to_get))
|
||||
self.safeoutfile = os.path.join(self.download_path, tmp_fname)
|
||||
|
||||
try:
|
||||
tclient.download(self.file_to_get, self.safeoutfile, progresshook)
|
||||
|
|
@ -67,38 +69,41 @@ class command_tftp(HoneyPotCommand):
|
|||
self.fs.mkfile(self.file_to_get, 0, 0, tclient.context.metrics.bytes, 33188)
|
||||
self.fs.update_realfile(self.fs.getfile(self.file_to_get), self.safeoutfile)
|
||||
|
||||
shasum = hashlib.sha256(open(self.safeoutfile, 'rb').read()).hexdigest()
|
||||
hash_path = '%s/%s' % (self.download_path, shasum)
|
||||
if os.path.exists(self.safeoutfile):
|
||||
|
||||
# If we have content already, delete temp file
|
||||
if not os.path.exists(hash_path):
|
||||
os.rename(self.safeoutfile, hash_path)
|
||||
else:
|
||||
os.remove(self.safeoutfile)
|
||||
log.msg("Not storing duplicate content " + shasum)
|
||||
if os.path.getsize(self.safeoutfile) == 0:
|
||||
os.remove(self.safeoutfile)
|
||||
self.safeoutfile = None
|
||||
return
|
||||
|
||||
log.msg(eventid='cowrie.session.file_download',
|
||||
format='Downloaded tftpFile (%(url)s) with SHA-256 %(shasum)s to %(outfile)s',
|
||||
url=self.file_to_get,
|
||||
outfile=hash_path,
|
||||
shasum=shasum)
|
||||
with open(self.safeoutfile, 'rb') as f:
|
||||
shasum = hashlib.sha256(f.read()).hexdigest()
|
||||
hash_path = os.path.join(self.download_path, shasum)
|
||||
|
||||
# Link friendly name to hash
|
||||
os.symlink(shasum, self.safeoutfile)
|
||||
# If we have content already, delete temp file
|
||||
if not os.path.exists(hash_path):
|
||||
os.rename(self.safeoutfile, hash_path)
|
||||
else:
|
||||
os.remove(self.safeoutfile)
|
||||
log.msg("Not storing duplicate content " + shasum)
|
||||
|
||||
# FIXME: is this necessary?
|
||||
self.safeoutfile = hash_path
|
||||
log.msg(eventid='cowrie.session.file_download',
|
||||
format='Downloaded tftpFile (%(url)s) with SHA-256 %(shasum)s to %(outfile)s',
|
||||
url=self.file_to_get,
|
||||
outfile=hash_path,
|
||||
shasum=shasum)
|
||||
|
||||
# Update the honeyfs to point to downloaded file
|
||||
f = self.fs.getfile(self.file_to_get)
|
||||
f[A_REALFILE] = hash_path
|
||||
# Link friendly name to hash
|
||||
os.symlink(shasum, self.safeoutfile)
|
||||
|
||||
log.msg(eventid='cowrie.session.file_download',
|
||||
format='Downloaded tftpFile to %(outfile)s',
|
||||
outfile=self.safeoutfile
|
||||
)
|
||||
# Update the honeyfs to point to downloaded file
|
||||
f = self.fs.getfile(self.file_to_get)
|
||||
f[A_REALFILE] = hash_path
|
||||
|
||||
except tftpy.TftpException, err:
|
||||
if os.path.exists(self.safeoutfile):
|
||||
if os.path.getsize(self.safeoutfile) == 0:
|
||||
os.remove(self.safeoutfile)
|
||||
return
|
||||
|
||||
except KeyboardInterrupt:
|
||||
|
|
|
|||
Loading…
Reference in New Issue